Hi, can anyone help me how to authenticate Websocket Channels using Postman?
Thanks in advance!
Hi, can anyone help me how to authenticate Websocket Channels using Postman?
Thanks in advance!
Hi there @envi1624! Thank you for taking an interest in our Coinbase APIs. For you to authenticate and be able to use our Advanced Trade Websocket channels via Postman, please refer to the listed steps below:
pm.collectionVariables.set(âcoinbase-api-baseâ, âhttps://api.coinbase.comâ);
pm.collectionVariables.set(âcoinbase-api-keyâ, âxxxxxxxxxxxxxxâ); pm.collectionVariables.set(âcoinbase-api-secretâ, âxxxxxxxxxxxxxxxâ);// 1. Import crypto-js library
var CryptoJS = require(âcrypto-jsâ);// 2. Create the JSON request object
var req = {
timestamp: Math.floor(Date.now()/1000), // seconds since Unix epoch
method: pm.request.method,
path: pm.request.url.getPath(),
body: (pm.request.method === âGETâ || !data) ? ââ : pm.request.body, // empty for GET requests
message: undefined,
secret: pm.collectionVariables.get(âcoinbase-api-secretâ), // read value from collection variable
hmac: undefined,
signature: undefined,
};// 3. Create the message to be signed
req.message = req.timestamp + âtickerâ + âBTC-USDâ;// 4. Create HMAC using message and API secret
req.hmac = CryptoJS.HmacSHA256(req.message, req.secret);// 5. Obtain signature by converting HMAC to hexadecimal String
req.signature = req.hmac.toString(CryptoJS.enc.Hex);// 6. Log the request
console.info("request: ", req);// 7. Set Postman requestâs authentication headers for Coinbase REST API call
pm.collectionVariables.set(âcoinbase-api-timestampâ, req.timestamp);
pm.collectionVariables.set(âcoinbase-api-signatureâ, req.signature);
Note: In the sample pre-request script above, the ticker channel and BTC-USD were used as an example if you want to subscribe to the said channel with the corresponding product_id.
We hope we were able to provide guidance to your inquiry. Please do not hesitate to ask again if you have any other questions in mind. Thank you!
Hey @Mamoshi27 the above pre-request script doesnât work anymore. Before it was working fine but now Iâm getting Unauthorized error.
Hello @envi1624! Thank you for bringing this up to our attention. For the details regarding your concern, we will check on this for you with our team to ensure this is addressed accurately for you. We will get back to you once we have more information. Keep in touch!
Hi @envi1624! The postman script above is expected to receive an unauthorized error response as it is only intended to generate a timestamp and signature that will be used when subscribing to a websocket channel. We just tried it out and we also got an unauthorized error but we used the generated timestamp and signature to subscribe to the ticker channel.
If you are trying to call a REST API endpoint, change the message from
// 3. Create the message to be signed
req.message = req.timestamp + âtickerâ + âBTC-USDâ;
to
// 3. Create the message to be signed
req.message = req.timestamp + req.method + req.path + req.body;
We hope this helps! Kindly try to subscribe again and update us the result. Thanks!