How should I secure access to my call recordings?

Recordings hosted on Plivo servers are only accessible via unique hard to guess long URLs. These URLs are shared with you in Recording callbacks and API responses.

By default, authentication is not enforced on get recording media requests. This allows for easier implementation of use cases that involve playing recordings on a web/mobile frontend. 

For enhanced security, we recommend enabling Plivo Auth Id and Token based Basic Auth on Get Recording Media requests made for recordings in your Plivo account.

To enable Basic Auth on Get Recording Media requests:

  • Navigate to the Other Voice Settings section of the Plivo console.
  • Update your preference by enabling the 'Basic Auth For Recording URLs' setting.
Please note that only account admins (users with role Admin) have the required privileges to update recording auth preference. 

 

Was this article helpful?
0 out of 0 found this helpful
Didn’t find what you are looking for? Create new ticket