Create Order Unauthorized

alessio · November 21, 2022, 1:55pm

I tried “List Account” and it works fine.

But when I try to make a call to “Create Order” I get this response:

status: 401,
  statusText: 'Unauthorized',
  headers: AxiosHeaders {
	date: 'Mon, 21 Nov 2022 13:51:26 GMT',
	'content-type': 'text/plain; charset=utf-8',
	'content-length': '13',
	connection: 'keep-alive',
	'trace-id': '8879571135508286073',
	'x-content-type-options': 'nosniff',
	'cf-cache-status': 'DYNAMIC',
	'set-cookie': [
	  '__cf_bm=u4_NvlbvKXlpELomKsfIG_CLU1uT2SmCnzNWZWpfKZE-1669038686-0-AXqc1ElBRitPOjdlvig7MFtxWwCQhFIVa5+Irk+B4IQa6rDaXXtxiw1czGpmPXNTAxDxkgfkizXf/YdtzJjamF8=; path=/; expires=Mon, 21-Nov-22 14:21:26 GMT; domain=.coinbase.com; HttpOnly; Secure; SameSite=None'
	],
	'strict-transport-security': 'max-age=31536000; includeSubDomains; preload',
	server: 'cloudflare',
	'cf-ray': '76d9e66b1cff0e12-MXP',
	[Symbol(defaults)]: null
  },
  config: {
	transitional: {
	  silentJSONParsing: true,
	  forcedJSONParsing: true,
	  clarifyTimeoutError: false
	},
	adapter: [Function: httpAdapter],
	transformRequest: [ [Function: transformRequest] ],
	transformResponse: [ [Function: transformResponse] ],
	timeout: 0,
	xsrfCookieName: 'XSRF-TOKEN',
	xsrfHeaderName: 'X-XSRF-TOKEN',
	maxContentLength: -1,
	maxBodyLength: -1,
	env: { FormData: [Function], Blob: [class Blob] },
	validateStatus: [Function: validateStatus],
	headers: AxiosHeaders {
	  Accept: 'application/json',
	  'CB-ACCESS-KEY': '******CENSURED*********',
	  'CB-ACCESS-SIGN': '******CENSURED*********',
	  'CB-ACCESS-TIMESTAMP': '1669038685',
	  'content-type': 'application/json',
	  'User-Agent': 'axios/1.1.3',
	  'Accept-Encoding': 'gzip, deflate, br',
	  [Symbol(defaults)]: [Object]
	},
	method: 'post',
	url: 'https://api.coinbase.com/api/v3/brokerage/orders',
	body: '{"side":"BUY","order_configuration":{"market_market_ioc":{"quote_size":"11.00"}},"client_order_id":"4f6f5eae-71d4-5bf1-a31f-0cb470cca7e5","product_id":"ETH-EUR"}',
	data: undefined
  },

Could you tell me why.
Thank you

jmicko · November 21, 2022, 5:59pm

Can you post the code you used to send the order?

I’m guessing you copied from the example code that Coinbase provided, but used Axios to send the request? I see “data: undefined” in your error. The example uses request, which uses the body object to send data. Axios uses the data object. Try defining your order params as data:{order details} instead.

Justin · July 2, 2023, 1:49am

When I try to Create a Limit Order I get <Response [401]> Unauthorized.
I can Create Other Endpoints such as accounts and they work using the
same Keys and Credentials. See working Code and NON-Working Code below.

import os
import requests
import hmac
import hashlib
import time
import json
import random

api_key = api_key
api_secret = api_secret

###########################################################

THE FOLLOWING USING GET CODE WORKS

###########################################################

timestamp = str(int(time.time()))
endpoint = ‘/api/v3/brokerage/accounts’
method = ‘GET’
body = ‘’

message= timestamp + method + endpoint

signature = hmac.new(api_secret.encode(), message.encode(), hashlib.sha256).hexdigest()

headers = {
‘Content-Type’: ‘application/json’,
‘CB-ACCESS-KEY’: api_key,
‘CB-ACCESS-SIGN’: signature,
‘CB-ACCESS-TIMESTAMP’: timestamp
}

api_url = ‘https://api.coinbase.com’
url = api_url + endpoint

response = requests.get(url, body, headers=headers)
print(response.status_code) # 200
print(response.json()) # Output

###########################################################

THE FOLLOWING POST CODE FAILS WITH "UNATHORIZED

###########################################################

timestamp = str(int(time.time()))
endpoint = ‘/api/v3/brokerage/orders’
method = ‘POST’

message= timestamp + method + endpoint

signature = hmac.new(api_secret.encode(), message.encode(), hashlib.sha256).hexdigest()

headers = {
‘Content-Type’: ‘application/json’,
‘CB-ACCESS-KEY’: api_key,
‘CB-ACCESS-SIGN’: signature,
‘CB-ACCESS-TIMESTAMP’: timestamp
}

payload = {
“side”: “SELL”,
“order_configuration”: {
“limit_limit_gtc”: {
“base_size”: “3.5”,
“limit_price”: “.45”,
“post_only”: False
},
},

"product_id": "ADA-USD",
"client_order_id": str(random.randint(1, 2**30))

}

body = json.dumps(payload)

api_url = ‘https://api.coinbase.com’
url = api_url + endpoint

response = requests.post(url, body, headers=headers)
print(response.status_code) # 401
print(response.json()) # Output

Topic		Replies	Views
401 unauthorized for /api/v3/brokerage/orders Advanced Trade API	3	286	December 7, 2023
Create Limit Sell Order returns <Response [401]> Unauthorized Advanced Trade API	9	391	July 14, 2023
JS - /api/v3/brokerage/orders - 401 Unauthorized Advanced Trade API	3	104	February 28, 2024
Create Coinbase Order - 401 unauthorized Advanced Trade API	3	52	April 16, 2024
"Unauthorized" trying to place a buy order in advanced trade API Advanced Trade API	7	554	March 24, 2023

Create Order Unauthorized

THE FOLLOWING USING GET CODE WORKS

THE FOLLOWING POST CODE FAILS WITH "UNATHORIZED

Related Topics