Unauthorized request with Python using params

Hello,

I’m having some trouble with the API endpoints that require parameters as inputs. Every request I give a parameter to ends up returning an “Unauthorized” message. If I don’t include parameters in the request then everything works fine so I know my api keys should work. Has anyone else encountered this issue?

Example code below to reproduce the issue

import json, hmac, hashlib, time, requests
from requests.auth import AuthBase

# Create custom authentication for Coinbase API
class CoinbaseWalletAuth(AuthBase):
    # https://docs.cloud.coinbase.com/sign-in-with-coinbase/docs/api-key-authentication
    def __init__(self, api_key, secret_key):
        self.api_key = api_key
        self.secret_key = secret_key

    def __call__(self, request):
        timestamp = str(int(time.time()))
        message = timestamp + request.method + request.path_url + (request.body or '')
        signature = hmac.new(self.secret_key.encode('utf-8'), 
                                     message.encode('utf-8'), hashlib.sha256).hexdigest()
        request.headers.update({
            'CB-ACCESS-SIGN': signature,
            'CB-ACCESS-TIMESTAMP': timestamp,
            'CB-ACCESS-KEY': self.api_key,
        })
        return request

# load api key
settings = json.load(open("settings.json",'r'))['coinbase']

# query accounts
auth = CoinbaseWalletAuth(settings['key'], settings['secret'])
url = "https://api.coinbase.com/api/v3/brokerage/accounts"
args = {'limit': str(250)}
req = requests.get(url, params=args, auth=auth)

print(req)
2 Likes

Just found a solution, in the authentication use: request.path_url.split('?')[0]

1 Like

I cant thank you enough for this! I had the same issue and struggled for 2 days until I saw your post.