Got "invalid signature" when sending json payload via POST in Python

paolop · July 8, 2022, 12:40pm

I’m using the Coinbase PRO API without any issue, except for one endpoint which is the conversion one.

I got the error message:

{'message': 'invalid signature'}

Here my code that is working fine with other endpoints:

import time
import hmac
import hashlib
import requests
import base64
import json


class CoinbaseAuth(requests.auth.AuthBase):
    def __init__(self, api_key, secret_key, api_passphrase):
        self.api_key = api_key
        self.api_passphrase = api_passphrase
        self.secret_key = base64.b64decode(secret_key)
    
    def __call__(self, request):
        timestamp = str(time.time())
        message = timestamp + request.method + request.path_url + (request.body or '')
        signature = base64.b64encode(hmac.new(self.secret_key, message.encode(), hashlib.sha256).digest())
        request.headers.update({
            'CB-ACCESS-SIGN': signature,
            'CB-ACCESS-TIMESTAMP': timestamp,
            'CB-ACCESS-KEY': self.api_key,
            'CB-ACCESS-PASSPHRASE': self.api_passphrase
        })
        return request


API_KEY = 'XXX'
API_SECRET = 'XXX'
API_PASSPHRASE = 'XXX'

auth = CoinbaseAuth(API_KEY, API_SECRET, API_PASSPHRASE)


def get_accounts():
    accounts_url = 'https://api.exchange.coinbase.com/accounts'
    res = requests.get(accounts_url, auth=auth)
    print (res.json())
    
def get_single_account(account_id):
    account_url = 'https://api.exchange.coinbase.com/accounts/' + account_id
    res = requests.get(account_url, auth=auth)
    print (res.json())
    
def get_coinbase_accounts():
    coinbase_accounts_url = 'https://api.exchange.coinbase.com/coinbase-accounts'
    res = requests.get(coinbase_accounts_url, auth=auth)
    print (res.json())
    
def gen_crypto_address(account_id):
    account_url = 'https://api.exchange.coinbase.com/coinbase-accounts/' + account_id + '/addresses'
    res = requests.post(account_url, auth=auth)
    print (res.json())
    
def convert(from_currency, to_currency, amount):
    conv = 'https://api.exchange.coinbase.com/conversions'
    payload = json.dumps(
        {
        "from": from_currency,
        "to": to_currency,
        "amount": amount
        }
        )
        
    res = requests.post(conv, data=payload, auth=auth)
    print (res.json())

#get_accounts() - works fine
#get_coinbase_accounts() - works fine
#gen_crypto_address(coinbase_btc_account_id) - works fine 

convert("BTC", "ETH", "0.0001") # FAILS

Please note that this endpoint is a POST which requires a payload in json.
I also tried a different POST endpoint which does not require the json payload, and it works fine!

So, I strongly believe that the issue is only related to POST API endpoints which require the json payload that must be passed as a request body.

Does someone has the same issue?
How can I solve this?

jonathan.ventura · July 10, 2022, 6:43am

Hello @paolop! Thank you for taking an interest in trying out Coinbase APIs. For the details regarding your concern, we will check on this for you with our team. We will get back to you once we have more information. Keep in touch!

camille.decastro · July 11, 2022, 4:06pm

Hi @paolop!

Thank you for your patience as we continue to resolve this issue.

Turns out our team was able to hit this endpoint, and we’ve got a valid response after adding ‘Content-Type’: ‘application/json’ on the request headers. It appears that the endpoint is working as expected.

Can you try adding that and re-attempt to run the endpoint once again. If the issue still persists, please let us know.

We hope this helps.

paolop · July 13, 2022, 9:45am

Hello,

I solved the problem thanks to this.

Cheers