Support API Keys #124
Comments
|
I don't think this would necessarily require a lot of effort. Probably, you'd just need to extend the library to accept a new option, similar to |
|
I was wondering about this as well but, at least for sending SMS, this seems to be supported just by passing the credentials = Base.encode64("#{api_sid:api_secret}")
ExTwilio.Message.create(to: "+1XXXXXXXXXX, from: "+1XXXXXXXXXX", body: "Totally auth'd via ExTwilio", Authorization: "Basic #{credentials}")So maybe not first class support, but possible. Discovered this by looking here: ex_twilio/lib/ex_twilio/api.ex Lines 161 to 172 in 00276cb |
|
@objectuser unfortunately it seems there's a slight obstacle preventing this method from working with resource creation calls (such as When ex_twilio/lib/ex_twilio/api.ex Lines 68 to 75 in 00276cb This, in turn, makes it so that our ex_twilio/lib/ex_twilio/api.ex Lines 141 to 144 in 00276cb Because of this, the |
In my Twilio project (in the Twilio console), we have the Account SID and Auth Token by default, but we use API Keys to hit the endpoints (for the basic auth portion). Unfortunately, you can't use the API Key SID as the Account SID; you still have to provide the Account SID in the API endpoints. I tried letting the Account SID be set by ENV var and then passing in the
accountandtokenoptions for the API key, but ExTwilio seems to take theaccountoption as the account sid when generating the Endpoint URLs.Does that sound right? And how much effort do you think it would take to modify the library to allow you to pass the account SID as a config option using ENVs and passing the auth "username" as an option to the command (I'm still using ENV, but doing via
Application.get_env/3)?We may end up using subaccounts (inside a Twilio Project) for our customers, but API Key support would be nice for a more secure devops configuration. (Thinking more like AWS IAM vs using AWS root credentials.)
The text was updated successfully, but these errors were encountered: