Who do these Twilio credentials belong to?

Let's say you've found some Twilio credentials, and want to work out whether they're still active.

Twilio has two types of credentials - "auth tokens" and API Keys. The "auth tokens" are bound to an account or a user, whereas API keys are more of a machine-user credential and have two types - Main and Standard.

I ended up writing a tool for this as it makes interacting with the Twilio API a little easier, but the same underlying API calls can be conducted through curl or similar.

From the README of the project:

With an Auth Token

An auth token may be found in the Twilio console for a given Account SID.

env TWILIO_ACCOUNT_SID=... \
  TWILIO_AUTH_TOKEN=... \
  twilio-who-credentials

The command will return a non-zero status code if the auth token could be used. If valid, information about the account will be printed out, such as the account name.

With an API Key

An API key may be issued from the Twilio console, and may be either a Main or a Standard token. This tool detects, as best as it can, the type of token in use.

env TWILIO_ACCOUNT_SID=... \
  TWILIO_API_KEY=... \
  TWILIO_API_SECRET=... \
  twilio-who-credentials

The command will return a non-zero status code if the API key could be used. If valid, information will be returned as to whether it's a Main or Standard API key.

If a Main API key, information about the account will be printed out, such as the account name.