Why is getting candles suddenly "Unauthorized"

Advanced Trade API
1

Short version:

Why does this URL:
https://api.coinbase.com/api/v3/brokerage/products/BTC-USD/candles?start=1639508050&end=164008050&granularity=ONE_DAY
return “Unauthorized” ???

Long version:
I generated Python code from this page: Get Product Candles | Coinbase Cloud

The code is this:

import http.client
import json

conn = http.client.HTTPSConnection("api.coinbase.com")
payload = ''
headers = {
  'Content-Type': 'application/json'
}
conn.request("GET", "/api/v3/brokerage/products/BTC-USD/candles?start=1639508050&end=164008050&granularity=ONE_DAY", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))

And when it executes, it says “Unauthorized”.

(All the code does is GET the URL above.)

It was working 48 hours ago. Since then it’s “Unauthorized”. Why?
I tried different IP addresses.

2

Welcome to the Community, @frappy!

We have reviewed your URL. We would like to let you know that the timestamp value for start must be before end.

Your code has:

 start  = 1639508050
   end  = 164008050

Sample URL for Get Product Candles is given below:

/api/v3/brokerage/products/BTC-USD/candles?start=1639508050&end=1640008050&granularity=ONE_DAY

We hope this helps. Please let us know if you still face any issues.

Thank you and have a good day!

3

Sorry for the missing 0.

Here is the corrected URL:
https://api.coinbase.com/api/v3/brokerage/products/BTC-USD/candles?start=1639508050&end=1640008050&granularity=ONE_DAY

The result is still 100% the same: Unauthorized.

4

Hey @frappy, Thank you for your reply.

Generally, Unauthorised errors are due to client side issues. The error can be possible because of incorrect API Key details or missing accounts permissions.

We would request you to please check the correctness of your API Key authentication and also if your API key has the required accounts permissions.

Sample request body could be:

import http.client

conn = http.client.HTTPSConnection("api.coinbase.com")
payload = ''
headers = {
  'CB-ACCESS-KEY': 'your api key',
  'CB-ACCESS-SIGN': '{{CB-ACCESS-SIGN}}',
  'CB-ACCESS-TIMESTAMP': '{{CB-ACCESS-TIMESTAMP}}',
  'CB-VERSION': '2022-10-17',
}

conn.request("GET", "/v3/brokerage/products/BTC-USD/candles?start=1639508050&end=1640008050&granularity=ONE_DAY", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))

Additionally, you may even try creating new set of API Key and Secret and then use the Get Product Candles endpoint again. The steps for creating new API key are given in this link.

We hope this helps. We’d be happy to answer any more questions. Thank you!

5

ok:

  1. If this API call requires authentication, then why does the doc page show code without any authentication? Get Product Candles | Coinbase Cloud

  2. I can’t use your code because it has placeholders that cannot be filled in by hand {{CB-ACCESS-SIGN}} and {{CB-ACCESS-TIMESTAMP}}

  3. Before trying to find help in the docs, I was using the CCXT library (which computes the authentication headers for me). It has worked fine for about a month and then suddenly stopped working 3 days ago. Has anything changed in the API or the required permissions?

  4. I have checked my API key. It has all the “_read” permissions.

  5. Before posting here I also already tried creating and using a new API key, again with all _read permissions. It makes no difference.

6

Hey @frappy, Thank you for your reply. We have responded below to your pointers.

  1. If this API call requires authentication, then why does the doc page show code without any authentication? Get Product Candles | Coinbase Cloud - To send requests to the Advanced Trade API, you must sign and authenticate each v3 endpoint. Please note ALL ADVANCED TRADE API V3 ENDPOINTS REQUIRE AUTHENTICATION. This information is however available on the Advance Trade API Guide document here: REST API Overview | Coinbase Cloud

  2. I can’t use your code because it has placeholders that cannot be filled in by hand {{CB-ACCESS-SIGN}} and {{CB-ACCESS-TIMESTAMP}} - Please refer to our document on how to set up Timestamp and Sign. Set Timestamp: Authenticating Messages | Coinbase Cloud and Create Signature: Authenticating Messages | Coinbase Cloud

  3. Before trying to find help in the docs, I was using the CCXT library (which computes the authentication headers for me). It has worked fine for about a month and then suddenly stopped working 3 days ago. Has anything changed in the API or the required permissions? - There has been no changes to our Get Product Candles Endpoint. You may track change log here.

  4. I have checked my API key. It has all the “_read” permissions. - Thank you for confirming the same.

  5. Before posting here I also already tried creating and using a new API key, again with all _read permissions. It makes no difference. - We recommend you to try using the endpoint after authenticating the API Key. If you still face the issue, we suggest you to open a support ticket with our team with the following details

  • Please provide a code snippet of the API Call.
  • Please provide a screenshot of the error code you are experiencing (response body)
  • If you have any more information or screenshot that can demonstrate your concern, feel free to share it with us. Please ensure to send any images or screenshots as attachments, as we’re unable to see images/screenshots when they are inserted in the body of your email and be reminded to omit any personal info.

Upon creating a support ticket, kindly include the link of this forum so that the team will be aware that it’s you. Additionally, please use the email address associated with your Coinbase account.

Thank you!

7

Ok,

  1. Thanks for the additional info, but still every code snippet given to illustrate every API call in the doc is wrong because it does not include authentication. I think you should fix the code samples or remove them from the doc.

  2. Thank you for the additional info. There is no complete Python example in the doc, so if it can help someone who reads this in the future, here is code that I got to work:

import http.client
import json, hmac, hashlib, time, base64
timestamp = str(int(time.time()))
method = "GET"
path = "/v3/brokerage/products/BTC-USD/candles"
message = timestamp + method + path + ''
signature = hmac.new(api_secret.encode('utf-8'), message.encode('utf-8'), digestmod=hashlib.sha256).digest().hex()
print(signature, timestamp)

conn = http.client.HTTPSConnection("api.coinbase.com")
payload = ''
headers = {
  'CB-ACCESS-KEY': api_key,
  'CB-ACCESS-SIGN': signature,
  'CB-ACCESS-TIMESTAMP': timestamp,
  'CB-VERSION': '2022-10-17',
}

stop_ts = int(time.time())
start_ts = stop_ts - 10 * 86400

conn.request(method, path+f"?start={start_ts}&end={stop_ts}&granularity=ONE_DAY", payload, headers)
res = conn.getresponse()
data = res.read()
# convert data to JSON:
data = json.loads(data)

pprint.pprint(data)

I don’t understand why yet, but apparently CCXT is doing something different that no longer works.

  1. Actually there HAS been a change:

2023-JUL-10 Added candles channel to provide real-time product candles with per second updates.

The date matches when CCXT stopped working and ironically the change pertains to the candles ! (although on websocket, not REST API). I am not sure it should be discarded as “no change”…

    1. Just to be clear: I am now able to access the API endpoint with the custom code above, but CCXT no longer works (when using the same API key). I will work with custom code. I still think you should fix/remove the code snippets from your doc.

Thank you for your help.

8

Hey @frappy! We are glad that were able to access the API endpoint with your custom code.

Also, we appreciate your feedback of including the authentication steps for the code samples in the API reference docs. Thank you!