To authenticate, send a subscribe message as usual, and pass in fields to GET /users/self/verify , just as if you were signing a request. To get the necessary parameters, go through the same process as you would to make authenticated calls to the API.
I have read those online documentation before I submitted this question.
First of all, I do not use a REST API authentication and this procedure is completely new to me.
For me, I just need to subscribe the level2 market data feed to receive the published messages from coinbase without sending any orders or trades. I have been doing this for very long time but now your website requests to send an authenticated websocket request. This is the reason why I am here.
You can subscribe to ws-feed.exchange.coinbase.com for traditional feed without authentication. I just did it on my machine and I received level2 feed.
If you use the other endpoint which requires access to Exchange servers, you will need an Exchange account which is for institutional clients.
If you do have an Exchange account then you should be able to generate an API key from there.
@q0987 just wanted to share a few more things that might be helpful!
Docs have been updated on Jul 12th stating that the authentication enforcement will occur August 1st (instead of July 1st). Here is the upcoming change with that update:
As of August 1st, you will be required to have generated an API key in order to properly sign the request to submit a authorized subscription request for the following channels (Full Channel, Level2 Channel, Level3 Channel).
In order to generate an API key, you need to have a fully KYC’d Coinbase Exchange account. As @sharbel pointed out, you can find the details here, noting the section near the bottom for explicit examples / instruction.
If you do not need any of the full / level2 / or level3 channels, and can instead consume the Level2 Batch which has the same data but is batched every 50ms, or can consume the Matches instead of the full channel for trade by trade data, both of which do not require authenticate (now or after August 1st).
Another thing to note: if you were to use ws-direct.exchange.coinbase.com, that will require you to authenticate regardless of what channels you plan to subscribe. This connection offers a lower latency experience for customers who need that.
I’ve been using the rest api for a while with no problems, but I have literally no idea what some of the documentation for the websocket even means
you say to pass “GET /users/self/verify”
how? where does this go?
why do the examples in websocket authentication not encrypt your key or passphrase?
why do the examples in REST api authentication declare a variable for the passphrase, and then do nothing with it? The documentation here for REST is very different from when I first used it to build stuff that still works.
whats the address im using in the sig?
like a true coder I have banged my head against my own confusion until success
they said
“and pass in fields to GET /users/self/verify”
I have still no idea what they think they mean by that, but what worked was signing the message with
On that note, is there any way to reduce the rate of recieving messages from the websocket, preferably as an update to an existing connection?
Id also like to know if there’s an official coinbase opinion on whether the ‘matches’ channel or the layer 2 batch channel would be better at reducing traffic on average across all product ids.