Hello. I am trying to make a market order for BTC with the API. Here is my code:
import requests
import hmac
import hashlib
import time
import base64
import json
timestamp = str(int(time.time()))
endpoint = "https://api.coinbase.com/api/v3/brokerage/orders"
payload = json.dumps({
"product_id": "BTC-USD",
"side": "BUY",
"order_configuration": {
"market_market_ioc": {
"quote_size": "5"
}
}
})
message = timestamp + 'POST' + endpoint + payload
signature = hmac.new(API_SEC.encode('utf-8'), message.encode('utf-8'), digestmod=hashlib.sha256).digest()
# signature = base64.b64encode(signature).decode()
headers = {
'Content-Type': 'application/json',
'CB-ACCESS-KEY': API,
'CB-ACCESS-SIGN': signature,
'CB-ACCESS-TIMESTAMP': timestamp
}
response = requests.post(endpoint, json=payload, headers=headers)
print(response.status_code)
print(response.content)
print(response.headers)
If I run the current code, this is my result:
400
bâ400 Bad Request: invalid header valueâ
{âDateâ: âTue, 24 Jan 2023 07:53:25 GMTâ, âContent-Typeâ: âtext/plain; charset=utf-8â, âTransfer-Encodingâ: âchunkedâ, âConnectionâ: âkeep-aliveâ, âCF-Cache-Statusâ: âDYNAMICâ, âSet-Cookieâ: â__cf_bm=_GGIW62ebBAu939VVwicyWT0M_8sPfoghaXk3r5uYUs-1674546805-0-AdndUKReGTXdTQ7qbIwRjJZaMOaBRYg4biNvTfaoaDckcbdKmt2Zt6sY1pgF7hkHnM+HqjMRC+95EoK4DopbVCY=; path=/; expires=Tue, 24-Jan-23 08:23:25 GMT; domain=.coinbase.com; HttpOnly; Secure; SameSite=Noneâ, âStrict-Transport-Securityâ: âmax-age=31536000; includeSubDomains; preloadâ, âX-Content-Type-Optionsâ: ânosniffâ, âServerâ: âcloudflareâ, âCF-RAYâ: â78e731fff890db59-LAXâ}
If I comment out the second signature line I get this:
401
bâUnauthorized\nâ
{âDateâ: âTue, 24 Jan 2023 07:54:22 GMTâ, âContent-Typeâ: âtext/plain; charset=utf-8â, âContent-Lengthâ: â13â, âConnectionâ: âkeep-aliveâ, âTrace-Idâ: â7219881873981354341â, âX-Content-Type-Optionsâ: ânosniffâ, âCF-Cache-Statusâ: âDYNAMICâ, âSet-Cookieâ: â__cf_bm=n1NNwweGqk1Ab6CIs53v3v0SN6fhG162JNc4jxHQQPc-1674546862-0-AQ4+fdboYy8HN2tPIyUsnXQ8sIqHJJEAzYwX8gS8enZ3n3Iiay8nuX8q9Zr9uS+si/voIN/+gA4+SoQFychDOyo=; path=/; expires=Tue, 24-Jan-23 08:24:22 GMT; domain=.coinbase.com; HttpOnly; Secure; SameSite=Noneâ, âStrict-Transport-Securityâ: âmax-age=31536000; includeSubDomains; preloadâ, âServerâ: âcloudflareâ, âCF-RAYâ: â78e733600b092ec6-LAXâ}
Any help will be much appreciated! Thank you!