When you create a new TwiML Bin in the Console we create a unique URL that you can use to reference that TwiML Bin. This URL can be used to configure webhooks for Voice or SMS applications. When a request comes in for a TwiML Bin, we make sure that request is signed properly. This mechanism exists to protect the content of your TwiML Bins from others. If you need to review the content of a TwiML Bin, you can view your list of TwiML Bins and click on the one you’d like to review.
If you need to access your TwiML Bin URL outside of Twilio, you have the option of signing the HTTP request. Below is an example of a Node.js script that does this. You would invoke this script by running:
node script.js https://handler.twilio.com/twiml/EHxxx
const crypto = require('crypto')
, request = require('request')
const url = process.argv[2] + '?AccountSid=' + process.env.TWILIO_ACCOUNT_SID
const twilioSig = crypto.createHmac('sha1', process.env.TWILIO_AUTH_TOKEN).update(new Buffer(url, 'utf-8')).digest('Base64')
request({url: url, headers: { 'X-TWILIO-SIGNATURE': twilioSig }}, function(err, res, body) {
console.log(body)
})
If you'd like to build this signing functionality yourself, you can review this document to learn how we generate the signature.
Where your TwiML Bin URL comes in handy is when you’d like to reference this TwiML Bin in another TwiML document. For instance, let’s say that you’d like to customize a “good-bye” message when a call in completed. You might construct a TwiML Bin that looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<Response>
<Say>
Good Bye
</Say>
</Response>
Let’s say that the URL for this TwiML Bin was https://handler.twilio.com/twiml/EHxxx. Now, you can reference this TwiML Bin when you construct the TwiML document to place a call:
<?xml version="1.0" encoding="UTF-8"?>
<Response>
<Dial action="https://handler.twilio.com/twiml/EHxxx">
+180055512121
</Dial>
</Response>