TelVox · Connect
Record under policy, retrieve under audit.
Capture calls when your policy calls for it, sealed with AES-256-GCM at rest and retrieved through short-lived, audited signed URLs. It's the exact recording pipeline TelVox Dial ships — exposed as an API.
// Recording resource
{
"sid": "RE4b2a…",
"call_sid": "CA9f0c…",
"status": "completed",
"mode": "on_demand",
"channels": 2,
"duration": 184,
"format": "mp3",
"encryption": "AES-256-GCM",
"storage": "s3",
"date_created": "2026-06-21T18:07:33Z"
}The recording pipeline
Policy, encryption and retrieval — all shipped.
From the moment a call is captured to the moment your team plays it back, every step is a real, production control in the platform Dial runs on.
Modes & formats
- always
- on_demand
- never
- pause / resume
- dual-channel
- wav → mp3
Recording modes
Set always, on_demand or never per number, campaign or call. always captures every call; on_demand starts recording from your code or an IVR node; never guarantees nothing is written.
Pause & resume
Stop the tape mid-call and start it again — drop the segment where a caller reads a card number, then resume. The gap is excised, so sensitive audio is never written to disk.
AES-256-GCM at rest
Every recording is sealed with AES-256-GCM envelope encryption on local and SFTP backends, and SSE-KMS on S3. Keys never travel with the media.
S3, local or SFTP
Land recordings where your compliance team needs them — managed S3, your own local volume, or a customer-owned SFTP target. The pipeline is the same; the destination is yours.
wav → mp3 & filename templates
Capture lossless wav and transcode to mp3 for distribution. Filenames follow your template — including a masked phone tail so the last digits never leak into a path or log.
Signed-URL audited playback
Retrieval issues a short-lived signed URL, and every fetch is written to the append-only audit trail — the HIPAA REC-04 audited-access control, shipped in Dial.
Audited retrieval
Fetch issues a signed, expiring URL.
You never get a permanent media link. A fetch returns a short-lived signed URL, the access is written to the append-only audit trail, and the URL expires on its own — the HIPAA REC-04 control.
curl https://api.telvox.dev/v1/recordings/RE4b2a… \
-H "Authorization: Bearer $TELVOX_API_KEY"{
"sid": "RE4b2a…",
"status": "completed",
"encryption": "AES-256-GCM",
"media_url": "https://media.telvox.dev/RE4b2a…?sig=…",
"media_url_expires": "2026-06-21T18:12:33Z",
"retention": { "policy": "90d", "deletes_at": "2026-09-19" }
}
// each fetch is written to the append-only audit trail (HIPAA REC-04)Recording status
- in-progress
- completed
- absent
- failed
Built for HIPAA workloads
Audited access, by design.
Every recording fetch is logged to the append-only audit trail — the HIPAA REC-04 audited-access control — and media is sealed with AES-256-GCM at rest. TelVox is built for HIPAA workloads with a BAA available, and engineered to SOC 2 Type II and ISO 27001 controls; certification is in progress. We don't claim certifications we don't yet hold.
Field names, enums and payloads above are illustrative — shapes may differ at GA. Recording resource reference
Questions
Recording FAQ
Yes — the entire pipeline is shipped in Dial: modes (always / on_demand / never) with pause/resume, AES-256-GCM envelope encryption, S3/local/SFTP backends, wav→mp3 transcode, filename templates with a masked phone tail, signed-URL audited playback and a retention worker. What's in developer preview is the public REST surface — the Recording resource's exact fields and enums are illustrative until GA.
Recordings are encrypted at rest with AES-256-GCM. Fetching one issues a short-lived signed URL rather than a permanent link, and every retrieval is written to the append-only audit trail — that's the HIPAA REC-04 audited-access control. Expired URLs simply stop working.
Yes. Use pause/resume to stop the tape while a caller reads a card or account number and resume afterward — the paused segment is never written to disk. You can also set the mode to never for calls that must not be recorded at all.
Set a recording-status callback. TelVox POSTs to it as the recording moves through in-progress and completed (or absent / failed), over the same signed, SSRF-safe egress as the rest of the platform. Acknowledge with a 200, then fetch the media when you're ready.
A retention worker enforces your policy and deletes recordings when it expires — the policy and deletion date are surfaced on the resource. We don't publish a fixed default here; retention is set to match your compliance requirements.
Record for QA and compliance, safely.
Join the developer preview and we'll walk the recording modes, encryption and audited retrieval against your policy.