I was playing around with the api and noticed when i called my twilio phone number it sends the assistant-request type payload to my server url. But i noticed the payloads also included my twilio account sid and twilio authtoken as plain text. Am I doing something wrong? I feel like it should not be sending these tokens with the payload. "stripeSubscriptionId": Null, "stripeSubscriptionStatus": Null, "twilioAccountSid": String("AC705982682....e"), "twilioAuthToken": String("e274f86cda6b2ec....1b52"), "twilioOutgoingCallerId": Null,

@rasmus It's definitely a security concern to have sensitive credentials like your Twilio Account SID and Auth Token sent as plain text in payloads. These should be kept confidential to prevent unauthorized access to your Twilio account. You should review your Twilio webhook configurations and ensure that you're not inadvertently passing these credentials in the URL or in the request body. Twilio's standard practice is to use HTTP POST requests with SSL to ensure data is encrypted during transmission, and credentials should not be included in the payload. If you're using a Twilio Function or some other integration, double-check the code to make sure there's no line that adds these tokens to the payload. If you're unable to find the cause, I would recommend reaching out to Twilio support for further assistance. For now, as a precaution, you might want to regenerate your Twilio Auth Token to prevent any potential misuse of the one that has been exposed. Please ensure that you update all your applications with the new token if you do so. If you need assistance with contacting support or any other action, please let me know!

but it is also mentioned in your docs that it will send my server these twilio credentials? https://cdn.discordapp.com/attachments/1336716627915309116/1336719669654065152/image.png?ex=67a4d4b4&is=67a38334&hm=cb24d728a8fb92a1d3f35744c105e37e196c0f945fc937d4338b7fd03123128c&

@rasmus Please ask support for more info on this.