Two-Factor Authentication is required as of Q4 2020, and all Twilio SendGrid API endpoints will reject new API requests and SMTP configurations made with a username and password via Basic Authentication.
api_key_idparameter is empty, you will need to upgrade your authentication.
Using your account username and password for authentication is less secure than using an API Key. API Keys are preferred because you can limit permissions for API Keys and revoke them at any time. We recommend applying the principle of least privilege, using limited API Key permission to only provide access to what is needed for that request for maximum security.
For more about protecting your account, see our blog post, 7 Best Practices to Protect your Twilio SendGrid Account and Sending Reputation. To learn more about the principle of least privelege, see our Twilio blog post and OWASP's article on Access Control.
Follow these steps to identify and replace your authentication method to API Keys and then implement 2FA for enhanced security.
After enabling 2FA monitor your API calls for rejections related to continued use of username and password authentication.
invalid authentication method - declined because you are using basic authentication with 2FA enabled. to fix, update to using an API key or disable 2FA and switch to using IP Access Management for security. for more information, see https://sendgrid.com/docs/for-developers/sending-email/authentication/#basic-authentication
SMTP error message is:
535 Authentication failed: Basic authentication is not allowed with 2FA enabled. To fix, see https://sendgrid.com/docs/for-developers/sending-email/authentication/#basic-authentication
For more information on how to secure your Twilio SendGrid account visit this blog post.
Let us know how we’re doing! Please rate this page:
Please note, we cannot resolve account and login issues reported on GitHub. Contact support for account assistance.
Thanks for helping us improve our docs!