The main account credentials (AccountSid and AuthToken) allow developers to access Twilio's REST API for their main account and v2010 API resources for any of your subaccounts. You may also use a subaccount's AccountSid and AuthToken to access the resources of that subaccount. You can not use a subaccount's credentials to access the resources of your main account or any other subaccounts.
If you're authenticating the helper libraries, pass in your main Account SID and main Auth Token as the first two credentials, and the appropriate Subaccount SID as the third parameter.
Danger
When performing CRUD operations within a subaccount, use the subaccount SID and auth token. Alternatively, you can generate API Keys at the subaccount level for authentication.
Important Note
Main account API Keys are only available to access main account resources. Access to subaccount resources will be denied.
Warning
Your main account credentials will allow you to access resources for any of your subaccounts that fall under the v2010 REST API. However, resources on subdomains, such as
studio.twilio.comandtaskrouter.twilio.com, must be accessed directly using subaccount credentials (API Keys or subaccount SID + subaccount auth token).There are many ways to determine if a resource lives on its own subdomain or under v2010. One example method is to find the API Reference page for the resource, such as the Workspace resource. Observe the returned
URLvalue in the example payloads: if the URL begins withhttps://SOME-SUBDOMAIN.twilio.com, then you must access that resource using subaccount-specific credentials. If you do the same for some other resource, such as the Messaging resource, and see thatURIbegins with/2010-04-01, then it can be safely accessed using either your main account or subaccount credentials.