Welcome to Part 2 of our series on integrating Twilio with your Rails 4 app. In Part 1 we walked through signing-up for a free Twilio developer account, getting a phone number and processing an inbound phone call. In this blog post, I’ll walk you through:

Securing your webhooks so that only Twilio may access them

Using Twilio’s REST API to send outbound SMS and MMS

Receiving delivery receipt notifications from Twilio

Securing Your Webhooks

In Part 1 of this series I talked about webhooks and how they are the fundamental mechanism by which Twilio tells your app about inbound messages or phone calls. Since these webhooks must be on the public internet in order for Twilio to send requests to them, it is important that these URLs be secured so that requests from a non-Twilio client are rejected. As luck would have it my colleague Phil Nash just wrote a blog post on how to do this in Ruby using Rack middleware. Let’s walk through getting your app secured using this new Rack middleware.

First, you’ll need to update your app’s Gemfile and make sure that you’re using a version of twilio-ruby that is 3.12.0 or greater: