Websockets invalid API Key from python

Hi my websocket python app started failing when authentication was made mandatory - looks like back in august.
I’ve updated the websockets code to send passphrase, key, timestamp and signature but i get back error “Invalid API Key”

After getting passphrase and apisecret from coinbase my subscribe request looks like :

{“type”: “subscribe”, “product_ids”: [“BTC-USD”], “channels”: [“level2”,“matches”] , “signature”:“35991371b21eac9cac3a6eef29a1c7fe”, “key”:“XXX-copied-from-secret-key-XXXX”, “passphrase”:“9sjzmhgl6tc”, “timestamp”:“1696780578” } )

I am very unsure where to get the signature from i copied it from the api key display (??!!)
is my format wrong ? or is the field content wrong.
many thanks,

Advanced Trade does not have passphrase! Are you using Coinbase Pro APIs?

hey thanks for the reply !
i’m using pro websocket e.g. url : wss://ws-feed.pro.coinbase.com
the cb docs suggests passphrase is required :

You need to generate signature same way you do with REST API. For websocket you generate signature for /users/self/verify GET request.

Also you should not use secret as your key in request!

I’ve switched to the advance api websocket because the authentication fields look a lot simpler, however, i still get an error. starting with subcription message with the non auth fields in i have this function which sets the right tags (api_key, passphrase, timestamp) but still yield authentication error :

def addAuth( subscription , symbol ):
subMsg = loads(subscription)
subMsg[‘api_key’] = KEY
timestamp = str(int(dt.datetime.now().timestamp()))
subMsg[‘timestamp’] = timestamp
phrase = ‘{}level2{}’.format(timestamp, symbol)
signature = hmac.new(bytes(APISECRET,‘utf-8’), phrase.encode(), hashlib.sha256 ).hexdigest()
subMsg[‘signature’] = signature
return json.dumps(subMsg)

I will repeat - Advanced Trade API does not have passphrase!

If you want to use Advanced Trade you need to generate new API key in https://www.coinbase.com/settings/api.

Coinbase Pro API keys won’t work with Advanced Trade APIs! Same is true in other direction.

ok thanks @muktapavels.
I’m not sure how to get advanced keys so i switched back to ws-feed-pro and found this :

which worked !

this may be a dumb question, but whenever I click generate a new api key, it doesn’t give me any option to choose which type of API, it just says:

New API Key
If you’re an application developer creating apps for others, please use OAuth2.

Primary accounts are highlighted with

BTC Wallet Cash (USD)LTC Wallet ETH2 Wallet
USDT Wallet ETC Wallet XLM Wallet XRP Wallet
ETH Wallet Permissions

Documentation for the Coinbase API can be found here.
Select all | Select none

Notification URL:
Webhook for notifications (optional). For more information, see our documentation
Security settings

Allowed IP Addresses:
See examples. Leave blank to allow all IPs.

it doesn’t ask “pro, exchange, or advanced”.
Or am I understanding your question wrong?

API key generated in https://www.coinbase.com/settings/api is for Advanced Trade and/or Sign in with Coinbase.

For Coinbase Pro you need to use Coinbase Pro | Digital Asset Exchange.

Is the Coinbase Pro API still alive? I used to subscribe to it, and tried to bring it up recently. Also, all of my assets there were transferred to Coinbase proper this past March. Any good examples for python to authenticate cleanly to the Advanced Trade API?

Some APIs still work.

can you manage keys?

I think there was no API to manage keys. If you mean if I can do that via web then no - I can no longer login and last time I checked it was possible only to create view only key anyway.