Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Twilio Best Practices
  • Toc
  • feedback
Twilio Best Practices

Twilio Best Practices

By : Rogers
4.5 (4)
close
Twilio Best Practices

Twilio Best Practices

4.5 (4)
By: Rogers

Overview of this book

If you have experience with at least one programming language and are looking to integrate Twilio into your applications, then this book is for you.
Table of Contents (10 chapters)
close
close
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Free Chapter
1
1. Working with TwiML
1. Working with TwiML
Where in my application will I be using TwiML?
Getting started with TwiML
Digging deeper – Twilio's requests
The world of TwiML verbs
Best practices for working with TwiML
Summary
2
2. Exploring the REST API
2. Exploring the REST API
What is the Twilio REST API?
Interacting with the API
Getting started with the Twilio PHP library
Getting started with Postman
Mastering call-related APIs
Mastering messaging APIs
Working with phone numbers, accounts, and usage
Summary
3
3. Calling in the Browser with Twilio Client
3. Calling in the Browser with Twilio Client
What is Twilio Client?
Where can I use Twilio Client?
How does Twilio Client work?
Adding Twilio Client to your web applications
Receiving incoming calls in the browser
Getting started with Twilio Client on iOS and Android
Summary
4
4. Twilio in the Real World
4. Twilio in the Real World
The callback request tool
The conference calling tool
And you're done!
Summary
5
5. Twilio in your language
5. Twilio in your language
PHP – a recap
Ruby
Python
C#
Java
Node.js
Apex for Salesforce.com
Summary
6
6. Securing your Twilio App
chevron up
6. Securing your Twilio App
Enabling two-factor authentication
Verifying that requests are from Twilio
Building a circuit breaker
Summary
7
7. Testing, Debugging, and Deploying Twilio Apps
7. Testing, Debugging, and Deploying Twilio Apps
The power of flowcharts
Using the App Monitor
Using the Request Inspector
Fixing common errors
Summary
8
8. Online Resources
8. Online Resources
Hosting providers
Web frameworks
Automated testing
Using flowcharts
What next?
9
Index
Index

Verifying that requests are from Twilio

If parties other than Twilio are able to make requests to your application, they can potentially change and corrupt data or access sensitive information.

Without authentication measures, if an attacker was able to guess the URLs of the endpoints on your application that Twilio hits with its webhooks, they could wreak havoc. For instance, they could spoof fake SMS messages so that they appear to come from users or they could access the private phones numbers of users they should only be able to call through a public line you provide.

There are two routes you can take to prevent this, ensuring with a reasonable degree of certainty that a request genuinely comes from Twilio:

  • Set up HTTP Basic Authentication

  • Verify the signature of requests to ensure they're signed by Twilio

HTTP Basic Authentication

HTTP Basic Authentication simply allows you to require a username and password to access your web server's resources.

If you're working with PHP, you'll want to...

End of Section 4
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete