User Authorization

When we are trying to authorize the user account through OAuth2, the user sees only the BTC wallet to authorize. is there anything specific we need to give to allow all accounts?

When we hit the below API, we receive a valid account_id only for the BTC wallet, and for other accounts, we do not see valid account_ids

https://api.coinbase.com/v2/accounts

Below is the response sample, Please advise any inputs. Thank You!

{
“id”: “4e1c5dea-ea4a-56a9-9a5a-76cd0f438XXXX”,
“name”: “BTC Wallet”,
“primary”: true,
“type”: “wallet”,
“currency”: {
“code”: “BTC”,
“name”: “Bitcoin”,
“color”: “#F7931A”,
“sort_index”: 100,
“exponent”: 8,
“type”: “crypto”,
“address_regex”: “^([13][a-km-zA-HJ-NP-Z1-9]{25,34})|^(bc1qzry9x8gf2tvdw0s3jn54khce6mua7l)$”,
“asset_id”: “5b71fc48-3dd3-540c-809b-f8c94d0e68b5”,
“slug”: “bitcoin”
},
“balance”: {
“amount”: “0.00000000”,
“currency”: “BTC”
},
“created_at”: “2017-11-09T20:52:09Z”,
“updated_at”: “2022-09-11T19:00:29Z”,
“resource”: “account”,
“resource_path”: “/v2/accounts/4e1c5dea-ea4a-56a9-9a5a-76cd0f43XXXX”,
“allow_deposits”: true,
“allow_withdrawals”: true
},
{
“id”: “ANT”,
“name”: “ANT Wallet”,
“primary”: false,
“type”: “wallet”,
“currency”: {
“code”: “ANT”,
“name”: “Aragon”,
“color”: “#00B3EC”,
“sort_index”: 193,
“exponent”: 8,
“type”: “crypto”,
“address_regex”: “^(?:0x)?[0-9a-fA-F]{40}$”,
“asset_id”: “4c5c4a7e-83d5-52d4-9b59-06b94b819426”,
“slug”: “aragon”
},
“balance”: {
“amount”: “0.00000000”,
“currency”: “ANT”
},
“created_at”: null,
“updated_at”: null,
“resource”: “account”,
“resource_path”: “/v2/accounts/ANT”,
“allow_deposits”: true,
“allow_withdrawals”: true
},
{
“id”: “MTL”,
“name”: “MTL Wallet”,
“primary”: false,
“type”: “wallet”,
“currency”: {
“code”: “MTL”,
“name”: “Metal”,
“color”: “#4400E2”,
“sort_index”: 237,
“exponent”: 8,
“type”: “crypto”,
“address_regex”: “^(?:0x)?[0-9a-fA-F]{40}$”,
“asset_id”: “40d84546-b993-5601-aef2-731bc30a2b16”,
“slug”: “metal”
},
“balance”: {
“amount”: “0.00000000”,
“currency”: “MTL”
},
“created_at”: null,
“updated_at”: null,
“resource”: “account”,
“resource_path”: “/v2/accounts/MTL”,
“allow_deposits”: true,
“allow_withdrawals”: true
}

Hello @nydeepak1! Welcome to the Coinbase Cloud Developer’s Forum! We understand that you are asking how to grant OAuth2 permission for all accounts. In this regard, we would like to first inform you that based on this documentation, Sign in with Coinbase applications can request different access to user’s wallets. This access is defined by account parameter on the OAuth2 authorization URL. Available options are:

• select (default) Allow user to pick the wallet associated with the application
• all Application will get access to all of user’s wallets

With this, we would like to inform you that the behavior you are able to observe is related to the option wherein the OAuth2 grant is limited to the selected wallet in the OAuth2 grant page. Hence, even after calling for the List All Accounts endpoint, you were only able to see detailed response data for the selected wallet where access was granted to in the OAuth2 page.

So what we recommend now is that you try going through the process of OAuth2 authorization by adding account=all at the end of the authorization URL (OAuth2 grant page). As an example for granting a wallet:accounts:read permission to all accounts, your authorization URL should look like the example below:
https://www.coinbase.com/oauth/authorize?response_type=code&client_id=YOUR_CLIENT_ID&redirect_uri=YOUR_REDIRECT_URL&state=SECURE_RANDOM&scope=wallet:accounts:read&account=all

With this, the OAuth2 grant page will no longer require the user to select a specific wallet. Instead, the page will display “Wallet Access: The permission above will apply to all your wallets.” Nonetheless, we highly suggest that you practice to grant account access and permission scopes that are necessary for your app to function.

We hope this helps. Thank you and have a great day!

Thank you very much for the response this was helpful!!