Endpoint for Auth scopes shows incorrect Scope for Send Limits

For new applications, we are only allowed to set the send limit to $1.00 and the user is then able to set their own limit afterwards.

According to the documentation you can use this endpoint to find the current scopes and send limits:

GET https://api.coinbase.com/v2/user/auth

Get current user’s authorization information including granted scopes and send limits when using OAuth2 authentication.

I have tested using different values other than $1.00 on the consent page. However, this endpoint regardless of changing the amount always show $1.00 and does not update to show the current send limit.

Is there another endpoint to find the send limit amount? I feel as though there should be a way to know the current limit set by the user because if a user checks thir current Third Party Applications, they are unable to change this amount or see the amount they set.

It seems very inconvenient for users to have to memorize what they authorized.

Thank you,

Hi @bearsworth! Welcome to the Coinbase Cloud Developer Forum, thank you for your interest in trying out the Coinbase APIs. As for your concern, you are correct in pointing out that for new applications, meta[send_limit_amount] is limited to $1.00 however only your users can modify this limit on the consent page when they successfully authenticate and connect to their app for the first time. Your users can review the permissions before they confirm the authentication under the Debit money from your account section. Users may click on the Change this amount link to modify the amount.

After users have updated the send_limit_amount amount in the OAuth page, they must then be able to generate the access token that corresponds with this additional OAuth authorize parameter. This access token must then be used when you are calling for a GET request to https://api.coinbase.com/v2/user/auth endpoint to get a current user’s authorization information including granted scopes and send limits when using OAuth2 authentication. This is currently the only endpoint that shows the send_limit_amount of a user. If you wanna know more about Send Limits, you may go through this part of the documentation: OAuth2 permissions | Coinbase Cloud

We hope we were able to address your concern. Feel free to reach out if there is anything else.

Thanks for the response. I am using my own account to test and when I change the send limit and manually exchange for a access token and refresh token, I then use that token to make a call to the auth endpoint like you mentioned.

As I stated, despite my changing of the send limit from $1 to say $1000 on the consent page, the endpoint shows that it still is $1.

I am doing this manually and everything seems to work but the meta data send limit never changes to 1000 as expected.

I am slightly dumbfounded, but I kept changing currencies and amounts and the update eventually worked. I’m not sure maybe it took time to update, but the authorization does show the limit amount now.

Thanks for the feedback. I guess it works.

1 Like

Hi @bearsworth! We are glad it all worked for you. We’re always happy to help! Please reach out in the future if you need anything else. Have a good day!

1 Like