Coinbase Pro API Authentication

Funny thing about that is the only reason anyone comes here is to ask a aquestion.

@blah
People come for different reasons. I come here to answer questions and to participate in this community collectively called Coinbase. Did you have another question? As far as I can see you asked about privileges on the forum and you got some people interested in helping with the answer.

I came here to ask questions at first, now I find myself answering more than I do anything else :smile:

2 Likes

And we very much appreciate you for that @cleggink !!

1 Like

@blah - bringing your question regarding the Sandbox here:

No Text For API Keys from Sandbox

There seems to be an issue with 2factor auth for the sandbox accounts. I use text for Pro, and it works fine. However, when I attempt to generate API keys for the Sandbox account, no text message is sent, and the window that pops up to receive the auth code contains a broken link and some text suggesting that “authenticator” must be used.

Checking on this for you.

Thank you. Before reading this, I posted the following update elsewhere:

Ruskel5070

Haha, same here. I kept wiping my glasses to make sure I wasn’t missing a the “Post” button (yes, I searched prior to even attempting to post). I guess I will wait it out and hopefully figure it out by then.

Hi, I’m having some issues with the sandbox exchange api. I cant get my api keys to work, I keep getting an “Invalid API Key” message. Is there something that im missing? (I’m using cbpro on python)

Hi @Nick_of_Time ! Thank you for joining and letting us know about your issue. Will you please provide a bit more information about the error you are receiving? A screenshot or some other description will help us test and attempt to recreate your issue. Thanks!

Anyone using Golang to interact with the API? This is what I have right now and I’m getting invalid signature in the Coinbase response:

prehashString := now + method + coinbaseProURL + path
hmacKey, _ := base64.StdEncoding.DecodeString(secret)
signature := hmac.New(sha256.New, hmacKey)
signature.Write([]byte(prehashString))
cbAccessSignature := base64.URLEncoding.EncodeToString(signature.Sum(nil))

u, _ := url.ParseRequestURI(coinbaseProURL)
u.Path = path
urlString := u.String()

request, err := http.NewRequest(method, urlString, nil)
if err != nil {
	log.Fatalln(err)
}
request.Header.Add("Content-Type", "application/json")
request.Header.Set("CB-ACCESS-KEY", key)
request.Header.Add("CB-ACCESS-SIGN", cbAccessSignature)
request.Header.Set("CB-ACCESS-TIMESTAMP", now)
request.Header.Set("CB-ACCESS-PASSPHRASE", passphrase)

I had to delete and redo my API keys on Sandbox site the first time. Also make sure, you’re using the API generated keys from the Sandbox site and not your actual API keys from your live accounts.

Secondly, in the CBPRO LIbrary, the URLs in the Authenticated Client automatically refer to either an older or actual (non sand boxed API). Specifying the API URL helped me.

Hi @SubStandard I was attempting to bypass the sandbox API and use the production API. I created a few different keys with varying permissions (e.g. View/Trade/Transfer)…non of them worked. The URL I’m using is https://api.exchange.coinbase.com and set in an .env file, I’m not using a library. I don’t think there is one for Golang.

I’ll add the SANDBOX configs and see if I have any better success with that.

@arood @SubStandard Hello! Sorry for the delay, I’m not at my program today, but I can grab a screenshot tomorrow. If I remember, my code is basically:

client = cbpro.AuthenticatedClient(key, secret, passphrase, api_url = "https://api-
public.sandbox.pro.coinbase.com)
print(client.get_accounts())

and this prints an ‘Invalid API key’ message. Its just a message not an error. I’ve already tried deleting the API key for the sandbox and I made sure to use the url.
I’m thinking that maybe I have to activate the API key or something? I’m a little confused on what I’ve actually set up in terms of accounts but I don’t know what all is required.

So far my steps are: Create a sandbox account, create a testing portfolio, create an API key for both portfolios, and tried both keys in my program.

@jacobH the first thing i see you are missing is:
.header(​"​Accept​"​, ​"​application/json​"​)

Second check your api keys, the api key itself goes into the hash encryption method not the secret key.

@jacobH - let us know if this helps! as always - thanks @cleggink !!

1 Like

@Nick_of_Time - hunch is that something is wrong with the signature

signature.Write( byte (prehashString))
cbAccessSignature := base64.URLEncoding.EncodeToString(signature.Sum(nil))

Will you please check and advise?

@larry.kubin I am having trouble integrating coinbase connect with my web app.

Im following the steps linked here Integrating Coinbase Connect with your web application - Coinbase Developers however keep getting HTTP/1.1 401 Unauthorized response when requesting an auth token. Im following the procedure to a T any ideas what might be going wrong?

@bborg - Alex here, happy to look into this for you. Thank you for bringing this up and ill follow up asap with any insights/remedies i can provide. Thanks and welcome!

@bborg - we have new documentation for this - Welcome - Will you please take a look and let me know if this helps?

Hi Alex yes it helped greatly. However I was wondering whether there was a way to use Oauth2 authentication with the Sandbox so that I can add fake funds to the account for testing purposes. Or is there another way to get test accounts?