Potential mismatch between endpoint and permission


I noticed that in the REST API Overview table “Create Order” endpoint (POST /orders) requires wallet:buys:create permission.

At the same time there is an wallet:orders:create API permission that is semantically closer.

Would anyone please explain details?

Thank you,

1 Like

Hi @lessless! Welcome to the Coinbase Cloud Developer’s Forum!

We appreciate your enthusiasm in trying out the Advanced Trade APIs. However, please note that as per our checking with the relevant teams, the permission scope required for Create Order is indeed wallet:buys:create because orders are categorized into buys and sells.

Additionally, please bear with us as the Team is still hard at work building all the remaining Advanced Trade APIs which will later utilize these published scopes such as the wallet:orders:create.

We hope this helps. Thank you and have a great day!


Ahha, does this mean that I also need wallet:sells:create if I want to create a sell order?

1 Like

It does, lol. I hope the scopes make more sense as they build out the API, because as it is right now I agree with you. It’s semantically confusing.


thanks @jmicko .

@bazinga what set of scopes translates to “View” and “Trade” permissions in the Pro API?

1 Like

Hello @lessless! Before continuing, we wish to inform you that although some features of Advanced Trade were already made public, we’d like you to note that the Team is still hard at work building all the remaining APIs and its corresponding documentation. Additionally, please note that the launched Advanced Trade API is in Beta which means that it is still in the stage of development. Therefore, there might still be some bugs or endpoints that are not working as expected.

As of now, what @jmicko said is right. Although there are certain scopes that might seem more intuitive to utilize instead of wallet:buys:create or wallet:sells:create, we ask you to please bear with us as the team is still hard at work in building and implementing such changes in the Advanced Trade API.

Currently, the API is still in its beta phase which is why you can rest assured that this is not the final state of the API.

Finally, to answer your queries on which scopes are comparable to that of the View and Trade permissions of Coinbase Pro API, we believe that all scopes that has the word read in it (i.e. wallet:accounts:read, wallet:orders:read, etc.) are equivalent to the View permission. For Trade, currently, we only have wallet:buys:create enabled as its equivalent.

We hope we were able to address your concerns. Feel free to reply to this thread should you have further queries.


If it helps to have a visual, these are the permissions I have enabled and I haven’t run into any problems so far. I’ll update the post if that changes.

Not sure I need the sells scopes, but there was another thread that made it sound like I did.

I also noticed there is a wallet:orders:refund scope. A little digging and I realized they have a whole commerce API for storefront integration etc. I’m guessing the orders scopes have something to do with that. Creating an order for a customer. In that context, it kinda makes sense again.


Thank you for all your replies everyone.

1 Like