Creating Market Order throws unauthorized error using Coinbase cloud keys, but able to retrieve account information

Advanced Trade API
1

Hi guys, I tried to authenticate the Coin Base Cloud keys, it worked and I ws able to fetch my account information, but when I tried to open a market order with it. I get Unauthorize error.

Drew my perspective from the below link:

And yes, please ignore the keys, they are not valid.

Please what am I doing wrongly?

Based on the documentation, I have this class method that generates a bearer token.

        console.log(`Generate toke route ${requestType} ${route}`);

        const key_name = 'organizations/12070edc/apiKeys/0d21d4e7835';
        const key_secret = '-----BEGIN EC PRIVATE KEY-----\GCCqGSM49/OC\nRYxxHkK/lwUZxL4baW+uwI0p2LPvxzbIGA==\n-----END EC PRIVATE KEY-----\n';
        const request_method = `${requestType}`;
        const url = 'api.coinbase.com';
        const request_path = `/api/v3/${route}`;
        const service_name = "retail_rest_api_proxy"

        const algorithm = 'ES256';

        let uri;

        if(requestType == "GET"){
          uri =  request_method + ' ' + url + request_path;
        }else{
           uri =  request_method + JSON.stringify(data) + url + request_path;
        }

        console.log({uri});
         

        const token = sign(
            {
                aud: [service_name],
                iss: 'coinbase-cloud',
                nbf: Math.floor(Date.now() / 1000),
                exp: Math.floor(Date.now() / 1000) + 120,
                sub: key_name,
                uri,
            },
            key_secret,
            {
                algorithm,
                header: {
                    kid: key_name,
                    nonce: crypto.randomBytes(16).toString('hex'),
                },
            }
        );
        console.log('export JWT=' + token);

        return token;

When the token is generated I then call this function, please what am I doing wrongly.

        try {
            let { route, data, requestType } = payload;

            console.log({ payload });

            let token = await this.generateBearerToken(requestType, route, data);

            if (requestType == "GET") {
                let request = await axios.get(`https://api.coinbase.com/api/v3/${route}`, {
                    headers: {
                        Authorization: `Bearer ${token}`
                    }
                });

                let resp = request.data;

                return resp;
            } else {
                
                let request = await axios.post(`https://api.coinbase.com/api/v3/${route}`, data, {
                    headers: {
                        Authorization: `Bearer ${token}`
                    }
                });

                let resp = request.data;

                return resp;
            }
        } catch (error) {
            console.log(error);
        }
2

What is JSON.stringify(data) in uri? Looks wrong…

3

I have tried it without that and with that, what is the best solution?

4

There should be space after request method. If you just removed that part then it might be why it did not work! Otherwise I don’t see anything else wrong in code you posted.

5

Thanks for taking time to respond, I did that still no luck, how do you differentiate a POST request URI from a GET request using the Coinbase Cloud keys please?

6

You told that authentication worked for you, did it? For JWT generation only difference is request method. If you want to create/post order you need to generate jwt for:

POST api.coinbase.com/api/v3/brokerage/orders

To list orders:

GET api.coinbase.com/api/v3/brokerage/orders/historical/batch
7

Yes, I was able to view all my wallet details with the GET request endpoint, but creating order do not seem to work for me.

8

If you are still having authorization error after fixing uri, maybe you have not enabled trade permission? Otherwise I have nothing more to add…

9

Thanks for your help, would find a way around it. In the meantime, I would like to ask if it;s possible to create an OCO order on COINBASE through the API?
Like Open a spot order, then open a take profit and stop loss for that same order?