Twilio SMS

What you can do#

Connect a Twilio phone number to your LumenFlow workspace. Sidekick can send SMS messages to any phone number and receive inbound texts via Twilio's webhook system.

Setup#

1. Get your Twilio credentials from the Twilio Console:
   • Account SID
   • Auth Token
   • Phone Number (the Twilio number you want to send from)
2. Go to Settings > Connections in LumenFlow
3. Click Add Connection > Twilio SMS
4. Enter your Account SID, Auth Token, and Phone Number
5. Click Save -- LumenFlow encrypts your auth token and returns a webhook URL

Webhook setup#

After saving, configure your Twilio phone number to forward inbound SMS to the LumenFlow webhook:

1. Open the Twilio Console > Phone Numbers > Manage > Active Numbers
2. Select the phone number you configured
3. Under Messaging > A message comes in, set the webhook to:

https://your-domain.com/api/v1/sidekick/integrations/twilio/webhook?key=<unique-key>

4. Set the HTTP method to POST
5. Save the configuration

info LumenFlow responds with an empty TwiML <Response></Response> to acknowledge receipt. Sidekick replies are sent as separate outbound API calls, not inline TwiML.

Security#

• Twilio signature verification -- every inbound webhook is verified using the X-Twilio-Signature header and your Auth Token, following Twilio's standard HMAC-SHA1 signature scheme
• Rate limiting -- distributed per-integration and per-workspace limits
• Credentials encrypted at rest -- your Auth Token is encrypted before storage
• Verification metadata -- LumenFlow records when the last successful signature verification occurred, visible in the connection status panel

Best practices#

• Use a dedicated phone number -- avoid sharing the number with other services to prevent webhook conflicts
• Set governance rules -- require approval for SMS to external numbers outside your organization
• Monitor delivery -- check the activity feed for send failures and webhook verification errors