FIX · INTEGRATIONS · HIGH

Base44 Twilio SMS Not Sending — Six Root Causes and Complete Fix

Base44 Twilio SMS is not sending because the Base44 backend function returns success the moment the Twilio SDK call accepts the request, before the message is actually queued, delivered, or rejected downstream by Twilio or the carrier. Six root causes account for the bulk of failures: A2P 10DLC registration is incomplete for US long-code traffic, the Twilio account is still on trial and the recipient number is unverified, the function never inspects the message status callback so silent failures look like successes, the message body contains words or links the carrier filters as spam, the `from` number or Messaging Service SID is wrong or unregistered, or the Base44 sandbox hibernates between the API call and the inbound status webhook. Fix it by enforcing A2P registration, wiring a `statusCallback`, and persisting the final delivery state to your own table.

Last verified: 2026-05-24
Category: INTEGRATIONS
Difficulty: MODERATE
DIY possible: YES

Why your base44 Twilio SMS is not sending

Base44 Twilio SMS is not sending because the Base44 backend function returns success the moment the Twilio SDK call accepts the request, before the message is actually queued, delivered, or rejected downstream by Twilio or the carrier. Six root causes account for the bulk of failures: A2P 10DLC registration is incomplete for US long-code traffic, the Twilio account is still on trial and the recipient number is unverified, the function never inspects the message status callback so silent failures look like successes, the message body contains words or links the carrier filters as spam, the from number or Messaging Service SID is wrong or unregistered, or the Base44 sandbox hibernates between the API call and the inbound status webhook. Fix it by enforcing A2P registration, wiring a statusCallback, and persisting the final delivery state to your own table.

You wired Twilio into a Base44 backend function. The function calls client.messages.create(), returns 200, and your UI shows a success toast. Customers tell you the verification codes never arrive. You check the Twilio console and the messages are there with status delivered. The recipient swears nothing reached the phone.

This is the most common Twilio failure mode on Base44, and it is structurally invisible from inside the function. The Twilio SDK was designed to be non-blocking — messages.create() resolves the moment the Twilio API queues the message for further processing. Everything that happens after that point — A2P compliance enforcement, carrier handoff, carrier-level spam filtering, handset delivery — runs asynchronously in Twilio's pipeline and is reported back via webhooks your function probably does not listen to.

A Base44 AI-generated Twilio function almost always omits the statusCallback parameter. The agent has seen thousands of Twilio examples in its training data that look like this:

const message = await client.messages.create({
  body: "Your verification code is 123456",
  from: "+15551234567",
  to: req.body.phone,
});
return { success: true, sid: message.sid };

This code is technically correct and produces a success: true response even when the recipient never sees the SMS. The function has no way to know what happened after the API accepted the request.

What causes base44 Twilio SMS to fail silently

Six root causes account for the overwhelming majority of failures we audit. They compound — most broken integrations have two or three active at once.

1. A2P 10DLC registration is incomplete. Since 2023, all SMS traffic sent from US 10-digit long codes to US recipients must be registered through The Campaign Registry via a Brand and a Campaign. Unregistered traffic is filtered by carriers. Twilio reports the failure with error codes 30032 (Toll-Free Not Verified), 30034 (US A2P 10DLC — Message from an Unregistered Number), or 30038 (Toll-Free Failure). The Base44 agent never prompts for A2P registration because the registration workflow lives entirely in the Twilio console.

2. The Twilio account is still on trial. Trial accounts can only send to verified phone numbers, and every message is prepended with "Sent from your Twilio trial account — " which triggers spam filters. The function succeeds for the founder's phone (which they verified during testing) and fails for every real customer (whose number was never verified).

3. The function returns success before Twilio confirms delivery. messages.create() resolves with status: 'queued' or 'accepted'. Without a statusCallback, the function never learns that the message failed at the carrier layer minutes later. The application UI displays success; the customer experience is failure.

4. Message body trips carrier spam heuristics. US carriers run aggressive content filters. URL shorteners are the single highest-trigger element — bit.ly, t.co, and tinyurl links are filtered at rates above 30 percent on some carrier-campaign combinations. Keywords like "free", "winner", "claim now", and "urgent" elevate filter rates further. Missing brand identification and missing opt-out language make filtering more likely on marketing traffic.

5. The from number or Messaging Service SID is wrong. Using a raw from: '+15551234567' bypasses your Messaging Service configuration and breaks A2P attribution even when A2P registration is complete on a different number. The correct pattern is messagingServiceSid: 'MGxxxx' which routes through the registered Campaign, applies sticky sender logic across the pool, and inherits compliance settings.

6. Base44 sandbox hibernation drops status callbacks. The outbound API call from the function works because the sandbox is awake handling a user action. The status callback fires seconds to minutes later, asynchronously, when Twilio's pipeline progresses the message. If the sandbox has hibernated, Twilio's callback hits a cold endpoint, retries a limited number of times, and gives up. Your messages table is stuck at queued forever even after the recipient replied.

A seventh issue worth flagging — not a root cause but an aggravator — is regional number selection inside a Messaging Service pool. Twilio's sticky sender feature picks the same from number for a given to recipient across messages, which is good for trust signals. But if your Messaging Service pool contains a mix of registered and unregistered numbers, sticky sender may pin a recipient to an unregistered number and that recipient's messages start filtering even though other recipients on registered numbers go through cleanly. Audit the pool composition under Messaging → Services → Sender Pool and remove every number not attached to the approved Campaign.

How to diagnose base44 Twilio SMS failures (reproduction)

Open the Twilio console. Navigate to Monitor → Logs → Messaging. Find the most recent message your function "sent" and click into it.
Note the status field. If it is failed or undelivered, the recipient never got it. If it is delivered, the carrier accepted it but may have filtered it before the handset.
Note the error code. Twilio's error code dictionary is exhaustive — every code maps to a specific root cause. Cross-reference at twilio.com/docs/api/errors.
Open Phone Numbers → Regulatory Compliance → A2P 10DLC. Confirm Brand status is Verified and Campaign status is Active. If either is Pending, Failed, or missing, A2P is your problem.
Open Phone Numbers → Verified Caller IDs. If the Twilio account is trial, every recipient phone must appear here. If your test recipient is not listed, the message is being rejected at the trial-tier check.
Check the Messaging Service configuration. Confirm the long-code number you use as from is attached to a Service, and the Service is linked to the approved A2P Campaign.
In the Base44 function, search for statusCallback. If absent, your application has no visibility into post-acceptance failures.

How to fix base44 Twilio SMS — the correct integration pattern

The reliable pattern has three components: a properly-formed outbound call, a status callback handler that persists state, and a reconciliation job that catches what the callback misses.

The correct outbound call

import twilio from "twilio";

const client = twilio(
  Deno.env.get("TWILIO_ACCOUNT_SID"),
  Deno.env.get("TWILIO_AUTH_TOKEN"),
);

export async function sendVerificationCode(toPhone, code, userId) {
  try {
    const message = await client.messages.create({
      body: `Your YourBrand verification code is ${code}. Reply STOP to opt out.`,
      messagingServiceSid: Deno.env.get("TWILIO_MESSAGING_SERVICE_SID"),
      to: toPhone,
      statusCallback: "https://yourapp.base44.app/api/twilio-status",
    });

    // Persist the SID immediately so the async callback can correlate.
    await db.messages.insert({
      sid: message.sid,
      user_id: userId,
      to_phone: toPhone,
      status: message.status, // 'queued' or 'accepted'
      created_at: new Date().toISOString(),
    });

    return { ok: true, sid: message.sid, status: message.status };
  } catch (error) {
    // Twilio errors have a numeric `code` field. Log it.
    console.error("Twilio send failed", {
      code: error.code,
      message: error.message,
      moreInfo: error.moreInfo,
    });
    return { ok: false, code: error.code, message: error.message };
  }
}

Three things to notice. First, messagingServiceSid instead of from. Second, the message SID is persisted before the function returns — this gives the async callback a row to update. Third, the catch block surfaces the Twilio error code, not a generic 500.

The status callback handler

import twilio from "twilio";

export async function POST(req) {
  // Validate signature — the callback URL is public.
  const signature = req.headers.get("X-Twilio-Signature") ?? "";
  const url = "https://yourapp.base44.app/api/twilio-status";
  const params = Object.fromEntries(await req.formData());

  const valid = twilio.validateRequest(
    Deno.env.get("TWILIO_AUTH_TOKEN"),
    signature,
    url,
    params,
  );
  if (!valid) {
    return new Response("invalid signature", { status: 403 });
  }

  await db.messages.update(
    { sid: params.MessageSid },
    {
      status: params.MessageStatus, // sent, delivered, undelivered, failed
      error_code: params.ErrorCode ?? null,
      updated_at: new Date().toISOString(),
    },
  );

  // Return 200 fast. Twilio retries on 5xx.
  return new Response("ok", { status: 200 });
}

The signature validation matters. The callback URL is public and anyone can post spoofed status updates to it. Without validation, an attacker can mark a failed verification code as delivered in your database and bypass the safeguard that re-sends after timeout.

Reconciliation job

The status callback handles the live path. Reconciliation handles the dropped path — callbacks lost to sandbox cold starts, network blips, or Twilio retry exhaustion.

// Run daily via Base44 scheduled task.
export async function reconcileMessages() {
  const stuck = await db.messages.find({
    status: { in: ["queued", "accepted", "sending", "sent"] },
    created_at: { lt: hoursAgo(2) },
  });

  for (const row of stuck) {
    const live = await client.messages(row.sid).fetch();
    if (live.status !== row.status) {
      await db.messages.update(
        { sid: row.sid },
        { status: live.status, error_code: live.errorCode },
      );
    }
  }
}

This catches every message that the callback missed. Without it, your messages table drifts out of sync with reality and you will not notice until a customer complains.

The two-hour window matters. Most Twilio messages reach a terminal state within seconds, but A2P-flagged messages can sit in accepted for tens of minutes while the carrier evaluates them, and undelivered status sometimes lands ten or fifteen minutes after submission for handsets that are powered off. Reconciling at one hour or less generates noise; reconciling at six hours or more lets stuck rows accumulate. Two hours is the sweet spot for transactional and verification traffic. For marketing campaigns that may sit in carrier queues longer, widen the window to six hours.

Always-on callback proxy

If the messages table still shows callbacks missing despite reconciliation, the Base44 sandbox is cold-starting past Twilio's retry budget. Deploy a Cloudflare Worker that accepts the callback, writes it to a Queue, and POSTs to the Base44 endpoint with retries.

// Cloudflare Worker
export default {
  async fetch(req, env) {
    const body = await req.text();
    await env.QUEUE.send({ body, headers: Object.fromEntries(req.headers) });
    return new Response("ok", { status: 200 });
  },
  async queue(batch, env) {
    for (const msg of batch.messages) {
      await retry(() =>
        fetch("https://yourapp.base44.app/api/twilio-status", {
          method: "POST",
          headers: msg.body.headers,
          body: msg.body.body,
        }),
      );
    }
  },
};

Point Twilio's statusCallback at the Worker URL instead of the Base44 URL. The Worker absorbs Twilio's tight retry budget and gives your Base44 function generous time to wake up and process the callback.

Decoding the most common Twilio error codes

When the SDK throws or when the status callback delivers an ErrorCode, look it up against this short list before paging through the full dictionary. Code 20003 means your Account SID or Auth Token is wrong — check environment variables. Code 21211 means the to number is not in E.164 format (prepend + and country code). Code 21408 means you have not enabled SMS to that country in the Geo Permissions settings — common when sending to recipients outside the US. Code 21608 is the trial-account restriction — verify the recipient or upgrade. Code 21610 means the recipient has replied STOP and is opted out — you cannot legally re-send and the block must be cleared via STOP-unblock flow. Code 30007 is carrier blocked for content — adjust the body. Codes 30032, 30034, and 30038 are all A2P 10DLC violations — fix registration. Code 30003 means the handset is unreachable, often a powered-off device. Code 30005 means the destination number does not exist.

Logging the code into your messages table lets you query "all failures by code in the last 7 days" and notice patterns — if 80 percent of failures are 30034, you have an A2P registration problem affecting a specific number rather than a content problem affecting all traffic.

How long does it take to fix base44 Twilio SMS?

Engineering work is small. Compliance is slow.

Wire the status callback and reconciliation job: 2-4 hours.
Switch from raw from to Messaging Service SID: 30 minutes.
Stand up the Cloudflare Worker callback proxy: 2-3 hours.
Upgrade a trial Twilio account: 5 minutes plus a payment method.
A2P 10DLC Brand registration: 1-3 weeks at The Campaign Registry. Sole Proprietor registrations are faster but capped at low throughput.
Carrier filtering investigation when content seems compliant: 1-2 weeks through Twilio support.

Total elapsed calendar time for a previously-broken integration to reach production reliability is typically 2-4 weeks, of which all but a half-day is regulatory wait time. Start the A2P registration first, then do the engineering work in parallel.

DIY vs hire decision

DIY this if: You are comfortable with Node async patterns, you can read Twilio error codes, and your traffic volume is low enough that a Sole Proprietor A2P registration covers you. The pattern in this guide is reproducible from the snippets above. Plan a half-day plus a multi-week compliance window.

Hire help if: Twilio compliance is rejecting your A2P submission, carriers are filtering messages that look compliant on the surface, or your application is at the scale where lost verification codes translate to material churn. The carrier-relations layer is opaque and the engineering layer is fast — the value is in the diagnostic experience to localize the failure quickly.

Need this fixed before your next launch?

For Twilio integrations stuck in compliance or returning silent failures, our fix-sprint engagement audits the integration end-to-end, wires the callback and reconciliation pattern, drives the A2P registration through The Campaign Registry, and validates delivery across the three major US carriers before handing back.

Start a fix-sprint engagement for Twilio SMS recovery

Base44 Zapier integration not working — the sibling third-party-integration failure mode with the same async-confirmation root cause.
Webhooks require active users — the sandbox-hibernation pattern that breaks Twilio status callbacks the same way it breaks Stripe and Zapier webhooks.
Backend functions 404 routing broken — the upstream routing problem that masquerades as a Twilio failure when the callback URL itself does not resolve.

QUERIES

Frequently asked questions

Q.01Why does my base44 Twilio function return success but the SMS never arrives?

A.01

Because the Twilio Node SDK's `messages.create()` call resolves the moment Twilio's API accepts the request for processing — not when the carrier delivers the message. The promise resolves with a Message resource whose `status` is almost always `queued` or `accepted`, never `delivered`. Your Base44 function then returns 200 to the client and the function exits. Everything that happens after that point — A2P compliance check, carrier handoff, carrier filtering, handset delivery — is invisible to your function unless you wired a `statusCallback` URL that Twilio hits when the status changes. Most Base44 functions written by the AI agent omit the callback entirely, so failures at the carrier layer look identical to successes. The fix is to subscribe to status callbacks and persist the final state to your own messages table.

Q.02What is A2P 10DLC and why does it block my base44 SMS?

A.02

A2P 10DLC is the United States carrier registration regime for application-to-person SMS sent from 10-digit long codes. Since 2023, all US long-code SMS traffic must be registered through a Brand and Campaign with The Campaign Registry, or the carrier will filter it. Twilio enforces this — unregistered traffic is either silently dropped or returned with error 30032, 30034, or 30038. Most Base44 builders skip A2P registration because the platform does not surface it and the Twilio docs treat it as a separate console workflow. The fix is to register your Brand and a Campaign in the Twilio console under Phone Numbers → Regulatory Compliance → A2P 10DLC, attach your long code to a Messaging Service, and reference the Messaging Service SID in your function instead of the raw `from` number.

Q.03How do I know if my Twilio account is still on trial and blocking my SMS?

A.03

Open the Twilio console. If the top banner says 'Trial' or your balance shows credit instead of cash, you are on trial. Trial accounts can only send SMS to phone numbers you have verified in the console under Phone Numbers → Verified Caller IDs, and every message is prepended with a 'Sent from your Twilio trial account' banner that triggers carrier filters. A Base44 function will succeed at the SDK level for trial sends to verified numbers and fail silently for unverified numbers, often with error 21608 in the message log. The fix is to either verify each test recipient in the console or upgrade the account by adding a payment method — the latter unlocks A2P registration paths too. Trial mode is the single most common reason a Base44 demo works for the founder's phone and fails for every real customer.

Q.04Why are my Twilio messages marked delivered but the recipient never sees them?

A.04

Carrier-level filtering. US carriers — AT&T, T-Mobile, Verizon — run aggressive spam filters on A2P traffic and frequently mark messages as delivered to the network while dropping them before they reach the handset. The Twilio status is `delivered` because the carrier accepted the message; the recipient sees nothing because the carrier silently filtered it. Common triggers are URL shorteners (bit.ly, t.co), keywords like 'free', 'winner', 'claim now', missing brand identification, missing opt-out language, and unregistered A2P traffic. The fix is to use your own domain in links instead of shorteners, lead with your brand name, include 'Reply STOP to opt out' in the body, complete A2P 10DLC registration with an accurately described campaign use case, and request a carrier-side investigation through Twilio support when filtering persists despite compliant content.

Q.05Does Base44's sandbox hibernation affect Twilio status callbacks?

A.05

Yes, in a specific way. The outbound Twilio API call from a Base44 function works fine because it happens while the sandbox is awake handling a user action. The Twilio `statusCallback` URL fires asynchronously — usually seconds to minutes later — when the message changes state. If the Base44 backend has hibernated by then, the callback hits a cold sandbox that takes 5-30 seconds to wake. Twilio retries a failed callback only a limited number of times and gives up. The result is that the message status in your own database is stuck at `queued` forever even though the recipient received and replied to it. The fix is the same pattern as the active-user webhook problem: stand up an always-on proxy (Cloudflare Worker or Vercel Edge Function) that receives the Twilio callback, persists it durably, and forwards it to your Base44 function with retries.

Q.06How fast can I get base44 Twilio SMS working reliably?

A.06

Compliance-driven fixes are slow because A2P 10DLC review at The Campaign Registry takes 1-3 weeks for a typical low-volume Standard brand registration, and Sole Proprietor registrations are faster but capped at low throughput. Code-level fixes — wiring status callbacks, persisting message state, handling errors correctly, swapping to a Messaging Service SID — land in 2-4 hours of engineering work. If your account is trial, upgrading takes minutes. If your number is unregistered, plan for at least a week of regulatory wait time and use that window to harden the code path. A reliable production Twilio integration on Base44 is roughly a half-day of code work plus the compliance clock — most of the calendar time is waiting on registrars and carriers, not engineering.

NEXT STEP

Need this fix shipped this week?

Book a free 15-minute call or order a $497 audit. We will respond within one business day.

Book a free call Order audit