Requests to Plivo’s REST API are authenticated by either of these two ways:
1. HTTP basic auth
Plivo by default is configured and enabled to use default AUTH_ID and AUTH_TOKEN to provide basic HTTP Auth.
# Auth ID and Auth Token for Plivo REST server – Change to something unique
AUTH_ID = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
AUTH_TOKEN = YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY
This can be accessed from a Web browser too, as shown below:
This can be disabled in the conf, if required, by commenting the corresponding lines.
2. IP based Auth
By modifying the configuration file, you can ensure that Plivo allows only a specified set of IP addresses to access the APIs.
# Allowed client IPs to connect to Plivo REST server, separated by a comma
ALLOWED_IPS = 127.0.0.1