Skip to contentSkip to navigationSkip to topbar
On this page

Link Shortening Onboarding Guide



Prerequisites

prerequisites page anchor
  • You need to own a domain or subdomain that is only used for Link Shortening with Twilio.
    • You must be able to verify the domain with Twilio. This requires changing the Domain Name System (DNS) records or uploading an HTML file to the root directory of the domain.
  • You need to have a Twilio Organization.
  • You need to add your domain to the Organization and verify the domain with Twilio.
  • The Twilio Account(s) you wish to use with Link Shortening must be added to the Organization.
  • The Twilio Account(s) must have a Messaging Service with at least one sender.

Configure your Messaging Service

configure-your-messaging-service page anchor

This section covers how to associate your Messaging Service with your Link Shortening domain.

A Link Shortening domain can be used with multiple Messaging Services, as long as the Messaging Services all belong to an Account within your Twilio Organization.

(information)

Info

If you want to set up Link Shortening for another Messaging Service, repeat the steps in this section.

If you're using the Console, follow the Console steps below. If you're using the REST API, use the API steps below.

Console

  1. In a new tab, open your Console and navigate to Messaging > Messaging Services.
  2. Select the Messaging Service that you want to configure.
  3. In the left hand navigation pane, select Link Shortening.
  4. In the Organization and domain section, in the Domain field, select your link shortening domain from the dropdown.
  5. Click Save changes.

API

  1. Go to the Admin Center of the Console. Navigate to Domains and select on your domain. The SID is on the Domain details page under Domain Sid. Save this SID because you'll need it in future steps.
  2. Next, you need your Messaging Service's SID. To find it, in the Console, navigate to Messaging > Messaging Services. Select the Messaging Service that you want to configure. Save this SID because you'll need it in future steps.
  3. Send a POST request to the Link Shortening domain's Messaging Services subresource. Place your domain's SID and Messaging Service SID in the URL. An example request is shown below.
Associate a Messaging Service with your Link Shortening domainLink to code sample: Associate a Messaging Service with your Link Shortening domain
1
// Download the helper library from https://www.twilio.com/docs/node/install
2
const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";
3
4
// Find your Account SID and Auth Token at twilio.com/console
5
// and set the environment variables. See http://twil.io/secure
6
const accountSid = process.env.TWILIO_ACCOUNT_SID;
7
const authToken = process.env.TWILIO_AUTH_TOKEN;
8
const client = twilio(accountSid, authToken);
9
10
async function createLinkshorteningMessagingService() {
11
const linkshorteningMessagingService = await client.messaging.v1
12
.linkshorteningMessagingService(
13
"DNXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
14
"MGXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
15
)
16
.create();
17
18
console.log(linkshorteningMessagingService.domainSid);
19
}
20
21
createLinkshorteningMessagingService();

Output

1
{
2
"domain_sid": "DNXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
3
"messaging_service_sid": "MGXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
4
"url": "https://messaging.twilio.com/v1/LinkShortening/Domains/DNaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/MessagingServices/MGaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
5
}

Update your domain's DNS records

update-your-domains-dns-records page anchor
  1. Open a new browser tab or window and navigate to your domain's configuration page.

    • If you're using a root domain (e.g. example.com), find the DNS record configuration.
    • If you're using a subdomain (e.g. link.example.com), find the subdomain's CNAME record configuration.
  2. If you're using a root domain, point the A record of the domain to the following 3 IP addresses only. If other IPs are included, Link Shortening does not work.

    • 3.233.187.46
    • 3.233.108.250
    • 54.157.2.211

    If you're using a subdomain, point the CNAME record of the subdomain to the following:

    • lsct.ashburn.us1.twilio.com
  3. Click 'Validate' to validate your DNS settings.


With Link Shortening, Twilio serves redirects for your domain. A TLS certificate allows Twilio to establish an encrypted connection between a customer's browser and Twilio's servers on your behalf (redirects are served over HTTPS). We offer two options for setting up TLS certificates for your Link Shortening domain: Twilio-managed Certificates (preferred) and Bring Your Own Certificate.

Keep the following in mind as you complete this section:

  • Your domain is associated with your Twilio Organization, so you only need to generate or upload your certificate once, even if multiple Accounts within the Organization use the same domain.

Option 1 (Preferred) - Twilio-managed Certificate: Use our new Certificate Manager feature to entrust Twilio with handling certificate requests and renewals. This is the preferred option.

Console

  1. Choose Twilio-managed certificate as the certificate management option.
  2. Click Continue in the modal pop up and wait for the certificate to be processed. This may take a few minutes.
  3. Your new certificate details will be displayed under the Certificate management tab. You may need to refresh your page if you still see the processing message.

API

Send a POST request to the Link Shortening RequestManagedCert subresource, placing your domain's SID in the URL.

Generate a Twilio-managed TLS certificate for your Link Shortening domainLink to code sample: Generate a Twilio-managed TLS certificate for your Link Shortening domain
1
// Download the helper library from https://www.twilio.com/docs/node/install
2
const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";
3
4
// Find your Account SID and Auth Token at twilio.com/console
5
// and set the environment variables. See http://twil.io/secure
6
const accountSid = process.env.TWILIO_ACCOUNT_SID;
7
const authToken = process.env.TWILIO_AUTH_TOKEN;
8
const client = twilio(accountSid, authToken);
9
10
async function updateRequestManagedCert() {
11
const requestManagedCert = await client.messaging.v1
12
.requestManagedCert("DNXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX")
13
.update();
14
15
console.log(requestManagedCert.domainSid);
16
}
17
18
updateRequestManagedCert();

Output

1
{
2
"certificate_sid": "CWaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
3
"domain_name": "https://api.example.com",
4
"domain_sid": "DNXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
5
"date_created": "2021-02-06T18:02:04Z",
6
"date_updated": "2021-02-06T18:02:04Z",
7
"date_expires": "2021-02-06T18:02:04Z",
8
"url": "https://messaging.twilio.com/v1/LinkShortening/Domains/DNaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/RequestManagedCert",
9
"managed": true,
10
"requesting": true
11
}

Option 2 - Bring Your Own Certificate: Most domain hosting services offer managed certificate solutions. There are paid options with annual subscriptions and free options such as letsencrypt.org (with the caveat that most free options only provide an expiration of up to 3 months).

  • Keep the following in mind when generating your certificate and key:

    • The TLS certificate and private key must be generated in a PEM format.
    • If you're using a subdomain, the certificate and key must be generated for the subdomain.
    • Subject Alternative Names in TLS Certificates are now supported.
    • Wildcard certificates for subdomains are now supported.
    • Certificates must start with -----BEGIN CERTIFICATE----- and end with -----END CERTIFICATE-----
    • Private keys must start with -----BEGIN PRIVATE KEY----- and end with -----END PRIVATE KEY----- or be in PKCS #8 format.
(information)

Info

Often, third party vendors export different formats of private keys. Twilio Link Shortening accepts PKCS #8 private keys so if your key does not start with -----BEGIN PRIVATE KEY-----, you need to convert the key using OpenSSL or export the private key again with the proper format specified.

(information)

Info

Make note of the certificate's expiration date and upload a new certificate when your current one is about to expire. It is your responsibility to keep track of certificate expiration dates. Link Shortening will not work without a valid TLS certificate; your customers may receive broken links and your Account may be charged for additional message segments due to long URLs.

If you're using the Console, follow the Console steps below. If you're using the REST API, use the API steps below.

Console

  1. Under Upload certificate, click Upload new certificate.

  2. Read the information in the pop-up and click Continue.

  3. In the Upload TLS certificate and private key pop-up, paste your TLS certificate into the TLS certificate input box.

    • The TLS Certificate's first line must be -----BEGIN CERTIFICATE-----
    • The last line must be -----END CERTIFICATE-----
    • Make sure there are no extra newline characters at the beginning or end of the certificate. Example:
  4. Paste your private key into the Private key input box.

    • The private key's first line must be -----BEGIN PRIVATE KEY-----
    • The private key's last line must be -----END PRIVATE KEY-----
    • Make sure there are no extra newline characters at the beginning or end of the private key. Example:
  5. Click Upload. It takes up to five minutes to validate the certificate and key. Check the status by checking the Cert status under Current certificate details. If you encounter an error at this step, make sure your certificate and private key are in the correct format as described in the previous step.

  6. Go to the "Configure your domain's default behavior" section below.

API

  1. Send a POST request to your Link Shortening domain's Certificate subresource.

    In the request, the TlsCert parameter's value must be the concatenated certificate and private key. The proper format of the TlsCert value is shown in the example below.

    It can take up to five minutes to validate a certificate. Because of this, Twilio's response to this POST request may contain a cert_in_validation.status property with a value of pending.

    Use the request in Step 2 (below) to check the certificate's validation status.

    (warning)

    Warning

    Don't hard-code or save your certificate/key anywhere that might be pushed into version control. If using a Helper Library, use environment variables. The certificate/key is saved as a variable for illustration purposes only.

    Upload/update TLS Certificate and Private Key for a Link Shortening domainLink to code sample: Upload/update TLS Certificate and Private Key for a Link Shortening domain
    1
    // Download the helper library from https://www.twilio.com/docs/node/install
    2
    // Find your Account SID and Auth Token at twilio.com/console
    3
    // and set the environment variables. See http://twil.io/secure
    4
    const accountSid = process.env.TWILIO_ACCOUNT_SID;
    5
    const authToken = process.env.TWILIO_AUTH_TOKEN;
    6
    const client = require('twilio')(accountSid, authToken);
    7
    8
    const certAndPrivateKey = `-----BEGIN CERTIFICATE-----
    9
    MIIDqDCCApACCQCBT5e22Q01fjANBgkqhkiG9w0BAQsFADCBlTELMAkGA1UEBhMC
    10
    VVMxCzAJBgNVBAgMAkNBMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMRYwFAYDVQQK
    11
    DA1FeGFtcGxlLCBJbmMuMRIwEAYDVQQLDAlUZXN0IERlcHQxFDASBgNVBAMMC2V4
    12
    YW1wbGUuY29tMR8wHQYJKoZIhvcNAQkBFhB0ZXN0QGV4YW1wbGUuY29tMB4XDTIz
    13
    MDcyNjIwMjUwMVoXDTI0MDcyNTIwMjUwMVowgZUxCzAJBgNVBAYTAlVTMQswCQYD
    14
    VQQIDAJDQTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEWMBQGA1UECgwNRXhhbXBs
    15
    ZSwgSW5jLjESMBAGA1UECwwJVGVzdCBEZXB0MRQwEgYDVQQDDAtleGFtcGxlLmNv
    16
    bTEfMB0GCSqGSIb3DQEJARYQdGVzdEBleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcN
    17
    AQEBBQADggEPADCCAQoCggEBAL+uk4TT+7npoMgnah59ZYu4VzM+PInRVbsvYa4S
    18
    EfX+GzNy03VmVCsxnM2OxRQjqBxa5nKtRocRbFNk46xpB5fuOcJ6pKwWKo9equ6x
    19
    RuZzbo8HkfmrP5a2GcA/Z+ncwjiyKbi7UefwGxaayGPiTFMEZIYVUHE6GDsRKYeJ
    20
    nbylpzOtQMJqtRZitkC8BIDh52dZIi/GDPqB6fw4Cubpld9c5qNX575FuF0HUj5B
    21
    lc0e4b7EihlNGu4mDUo8FJoHkVqVTFM6KtwhL9A5xdVjZ9XukX0uiaaI+LwzBKJs
    22
    Y0zCt99hFp+dMwEc7wL7ECsXSFuH4RAnJn/QglYT9b1uO0MCAwEAATANBgkqhkiG
    23
    9w0BAQsFAAOCAQEAHtUqqlWJ74LCFwVup2n0pUoIkHhUJdAv1lvSpyvA7sW/fKCU
    24
    RhblmkqMy8i96xZGizuT86nUdf2XcufJhPFee7UopfZE4Ncya4te+7y/S17HM0uk
    25
    LMEO1njLhzX+MDuLZOPPXw70JxN1oqxvyZKxrbvaOJ0O4duiEUOfKu//EYY0AdTl
    26
    xCkHItiKEsmxjUPjroMd0APJp5aTPUS2c4moB9xjieft2uIG/7d/3gQfswnxJZcd
    27
    EzQKclW4U28U1NVtcFhaNwEBC1H0TvBTp/8asl2aTOUP97wcLHPI9qzZWfAzizOU
    28
    17S7MxNzjtt4i4/PQ7koIsq31wgmh2jDjh6mMw==
    29
    -----END CERTIFICATE-----
    30
    -----BEGIN PRIVATE KEY-----
    31
    MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC/rpOE0/u56aDI
    32
    J2oefWWLuFczPjyJ0VW7L2GuEhH1/hszctN1ZlQrMZzNjsUUI6gcWuZyrUaHEWxT
    33
    ZOOsaQeX7jnCeqSsFiqPXqrusUbmc26PB5H5qz+WthnAP2fp3MI4sim4u1Hn8BsW
    34
    mshj4kxTBGSGFVBxOhg7ESmHiZ28paczrUDCarUWYrZAvASA4ednWSIvxgz6gen8
    35
    OArm6ZXfXOajV+e+RbhdB1I+QZXNHuG+xIoZTRruJg1KPBSaB5FalUxTOircIS/Q
    36
    OcXVY2fV7pF9LommiPi8MwSibGNMwrffYRafnTMBHO8C+xArF0hbh+EQJyZ/0IJW
    37
    E/W9bjtDAgMBAAECggEAEoOQKBI5jBluuCZmb495EWe6tG5cdotLlorbCm8gYPws
    38
    MGn01rANjSZ7mLcjffB7ulFlVMo7t6wNJHjoLKzwWNJfrdMeuKhjb/ma1Pc2e+fG
    39
    U/ZNOSo7OBlan2EAbmwuLj+3G+qr3JUqaKKGnG8tJA+WjgTdAjK0SHA97KN0ItZK
    40
    ZrZLEdrDTH+jCLl7eGzbAa7cMd24LyE9/Sz0IwJ+E2A2qoyBPGP8kRIByUH8pf94
    41
    HnF7DzGBaV7UAC7xuzHPiV0vV+YNjvk236IbDCkGW5Y/j92KxmZKY1lIz/cDCNRD
    42
    rAwZtRruIjNtgP9dNq44OQvjAvaFQIS+TMqJpqT3oQKBgQDftE5z/Hm/UyOyoh24
    43
    GccisB37eDzDO7/rJq4l3/UvAu566xmI8W3ToQMaDbtOfGOoLKH3mPY8c+yYJrCt
    44
    HM2uzxnFxPkfZ4I8JoplJ3pkNinYdX81jmmeO3gk6uzAgZOtSHSMP7TWkrTct/vf
    45
    ZduvzlrGKtcbzfPuFdBABQeeaQKBgQDbWshIRzOkqku7X/4jj0qDa4dExtOzLzXw
    46
    VsEV9sCXemMtFYmFWJAHeNvnfxKeBjtXa7skEQTojXcd/DJF1eTtLJNbpJpIUfiU
    47
    BdqfmMvf7eDnsiUmzRlqxnc/bwhzzl3ac1gL0n7WXBA+HYEp5LhIlhGuzKlpIET3
    48
    1sHKim7uywKBgQCyudOURzrd6Qa0SWGFHNNEm4DY0I97S9lhfl3UVMIG9UijXAHi
    49
    r0EXu6RGxIHJiwfz7PTaZJMWaWe1h/PP2xtZdo0YvO5scL5UYFZhytC2D7APCJDB
    50
    sS4hBVJP7IGKq/vYjfLPunY4mK13SmcpbK/AHhXYDZIe3MTuiu7+twYHQQKBgQDX
    51
    4IZPq9NFcVvK8nP4pyLcJ80egNcD96iL+bVZWli8O3SzgAixtTE6SVWShNrbrqJk
    52
    LOAmZKGCBQd/+R244QLF8CKuBFbaaeHMO96nRwcOQNwg6o/pmdwz21KsmSemYSi4
    53
    vt+d8vFlIYHSv9LIWhKLTTXl5AGuNlXp2+8o2AjI9QKBgQDXQzJWmiVmTsBYOTWD
    54
    YTp2o4Tn0HlLk3KHaBKHGiO0YGVuhXa2jz0u3jg5LLG7vusOZhQBkd4tN7L10ZMM
    55
    l5jSr8uncW4/3gZ/O/URQZcMH+Uzttw8nVL3mzLS/M600I+ryZdLkrmtDQWUBRwj
    56
    fRre92n5B+9AgpEl6RyegsXToA==
    57
    -----END PRIVATE KEY-----`
    58
    59
    client.messaging.v1.domainCerts('DNXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX')
    60
    .update({
    61
    tlsCert: certAndPrivateKey
    62
    })
    63
    .then(domain_certs => console.log(domain_certs.domainName));

    Output

    1
    {
    2
    "certificate_sid": "CWXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
    3
    "domain_name": "https://www.example.com",
    4
    "domain_sid": "DNXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
    5
    "date_expires": "2021-02-06T18:02:04Z",
    6
    "date_created": "2021-02-06T18:02:04Z",
    7
    "date_updated": "2021-02-06T18:02:04Z",
    8
    "url": "https://messaging.twilio.com/v1/LinkShortening/Domains/DNXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Certificate",
    9
    "cert_in_validation": {
    10
    "date_expires": "2021-02-06T18:02:04Z",
    11
    "status": "pending"
    12
    }
    13
    }
  2. Check the domain's certificate validation by sending a GET request to your Link Shortening domain's Certificate subresource. An example request is shown below.

    If the certificate's validation is still pending, Twilio's response to this GET request contains a cert_in_validation.status property with a value of pending.

    Once the certificate has been validated, Twilio's response to this GET request contains a cert_in_validation property with a value of null.

    Check your Link Shortening domain's certificate validation statusLink to code sample: Check your Link Shortening domain's certificate validation status
    1
    // Download the helper library from https://www.twilio.com/docs/node/install
    2
    const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";
    3
    4
    // Find your Account SID and Auth Token at twilio.com/console
    5
    // and set the environment variables. See http://twil.io/secure
    6
    const accountSid = process.env.TWILIO_ACCOUNT_SID;
    7
    const authToken = process.env.TWILIO_AUTH_TOKEN;
    8
    const client = twilio(accountSid, authToken);
    9
    10
    async function fetchDomainCertV4() {
    11
    const domainCert = await client.messaging.v1
    12
    .domainCerts("DNXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX")
    13
    .fetch();
    14
    15
    console.log(domainCert.domainSid);
    16
    }
    17
    18
    fetchDomainCertV4();

    Output

    1
    {
    2
    "certificate_sid": "CWaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
    3
    "domain_name": "https://api.example.com",
    4
    "domain_sid": "DNXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
    5
    "date_expires": "2021-02-06T18:02:04Z",
    6
    "date_created": "2021-02-06T18:02:04Z",
    7
    "date_updated": "2021-02-06T18:02:04Z",
    8
    "url": "https://messaging.twilio.com/v1/LinkShortening/Domains/DNaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/Certificate",
    9
    "cert_in_validation": {
    10
    "date_expires": "2021-02-06T18:02:04Z",
    11
    "status": "pending"
    12
    }
    13
    }

Configure your domain's default behavior

configure-your-domains-default-behavior page anchor

This section covers how to configure your Link Shortening domain's default behavior.

The table below describes the domain default settings that can be configured.

Domain default settingDescription
Fallback URLThe URL to which Twilio redirects recipients after a shortened link has expired.
Callback URLThe URL to which Twilio sends click event data. Twilio sends a request to the Callback URL after a recipient clicks on a shortened link.
Deliver messages anyway in case of Link Shortening failure (Console)

ContinueOnFailure (API)
If there is an error with Link Shortening (e.g. changes to your domain verification or an expired certificate), you can tell Twilio to send messages with the original long links or to not send the messages.

The default behavior is to continue sending messages with the original long links (default value is true). This may result in multiple message segments(link takes you to an external page), which may incur higher costs.

Note: This setting only affects Messages with a ShortenUrls parameter set to true.
Disable HTTPSWhether or not Twilio removes the https:// prefix from shortened links.

If true, shortened links do not have the https:// prefix (e.g., twil.io/j9kj9K3huK9u7).

If set to false, shortened links have the https:// prefix (e.g., https://twil.io/j9kj9K3huK9u7).

Default value is false. Please note, it takes up to 15 minutes for the change to be applied.

Link Shortening domain default configurations are associated with the domain rather than a Messaging Service. This means that you can update the domain defaults and the changes apply to all Messaging Services that use the Link Shortening domain.

(information)

Info

In the future, if you want to change a Link Shortening domain's default configuration, repeat the steps in this section.

If you're using the Console, follow the Console steps below. If you're using the REST API, use the API steps below.

Console

  1. In the Domain configuration section, fill in the following fields:

    • Domain fallback URL
    • Click tracking callback URL
  2. Select or deselect the checkboxes for the following fields:

    • Disable "https://" prefix
    • Deliver messages anyway in case of Link Shortening failure
  3. Click Save.

  4. Go to the "Next Steps" section below.

API

  1. Send a POST request to the Link Shortening domain's Config subresource with the following parameters:

    • FallbackUrl
    • CallbackUrl
    • ContinueOnFailure
    • DisableHttps

    A sample request is shown below.

1
// Download the helper library from https://www.twilio.com/docs/node/install
2
const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";
3
4
// Find your Account SID and Auth Token at twilio.com/console
5
// and set the environment variables. See http://twil.io/secure
6
const accountSid = process.env.TWILIO_ACCOUNT_SID;
7
const authToken = process.env.TWILIO_AUTH_TOKEN;
8
const client = twilio(accountSid, authToken);
9
10
async function updateDomainConfig() {
11
const domainConfig = await client.messaging.v1
12
.domainConfig("DNXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX")
13
.update({
14
callbackUrl: "https://example.com/my-click-event-callback-endpoint",
15
continueOnFailure: true,
16
disableHttps: true,
17
fallbackUrl: "https://example.com/",
18
});
19
20
console.log(domainConfig.domainSid);
21
}
22
23
updateDomainConfig();

Output

1
{
2
"domain_sid": "DNXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
3
"config_sid": "ZKaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
4
"fallback_url": "https://example.com/",
5
"callback_url": "https://example.com/my-click-event-callback-endpoint",
6
"continue_on_failure": true,
7
"date_created": "2015-07-30T20:00:00Z",
8
"date_updated": "2015-07-30T20:00:00Z",
9
"url": "https://messaging.twilio.com/v1/LinkShortening/Domains/DNaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/Config",
10
"disable_https": true
11
}

Need some help?

Terms of service

Copyright © 2024 Twilio Inc.