Settings - Enforced TLS
The Enforced TLS settings specify whether or not the recipient of your send is required to support TLS or have a valid certificate. The Enforced TLS endpoint supports retrieving and updating TLS settings.
Twilio SendGrid sends all emails with Opportunistic TLS by default, meaning email is sent with TLS, and if the recipient's inbox provider does not accept the TLS encryption, we then send the message unencrypted.
You can optionally choose to enforce TLS encryption, meaning that if the recipient's inbox provider does not accept the TLS encryption, Twilio SendGrid drops the message and sends a block event with “TLS required but not supported” as the description.
Update Enforced TLS settings
PATCH /v3/user/settings/enforced_tls
Base url: https://api.sendgrid.com
This endpoint allows you to update your Enforced TLS settings.
To require TLS from recipients, set require_tls to true. If either require_tls or require_valid_cert is set to true, the recipient must support TLS 1.1 or higher or have a valid certificate. If these conditions are not met, Twilio SendGrid will drop the message and send a block event with “TLS required but not supported” as the description.
Twilio SendGrid supports TLS 1.1 and higher and does not support older versions of TLS due to security vulnerabilities.
Authentication
- API Key
Headers
The on-behalf-of header allows you to make API calls from a parent account on behalf of the parent's Subusers or customer accounts. You will use the parent account's API key when using this header. When making a call on behalf of a customer account, the property value should be "account-id" followed by the customer account's ID (e.g., on-behalf-of: account-id <account-id>). When making a call on behalf of a Subuser, the property value should be the Subuser's username (e.g., on-behalf-of: <subuser-username>). See On Behalf Of for more information.
Request Body
Indicates if you want to require your recipients to support TLS.
Indicates if you want to require your recipients to have a valid certificate.
The minimum required TLS certificate version.
default: 1.1format: floatAllowed Values: 1.1, 1.2, 1.3{
"require_tls": true,
"require_valid_cert": true,
"version": 1.1
}Responses
Indicates if you want to require your recipients to support TLS.
Indicates if you want to require your recipients to have a valid certificate.
The minimum required TLS certificate version.
default: 1.1format: floatAllowed Values: 1.1, 1.2, 1.3{
"require_tls": true,
"require_valid_cert": true,
"version": 1.1
}the error message
the field that generated the error
helper text or docs for troubleshooting
{
"errors": [
{
"field": "field_name",
"message": "error message"
}
]
}the error message
the field that generated the error
helper text or docs for troubleshooting
{
"errors": [
{
"field": "field_name",
"message": "error message"
}
]
}the error message
the field that generated the error
helper text or docs for troubleshooting
{
"errors": [
{
"field": "field_name",
"message": "error message"
}
]
}Need some help?
We all do sometimes. Get help now from the Twilio SendGrid Support Team.
Running into a coding hurdle? Lean on the wisdom of the crowd by browsing the SendGrid tag on Stack Overflow or visiting Twilio's Stack Overflow Collective.
