Coinbase Developer Platform (CDP) uses server and client API keys to authenticate access.
For more information, see CDP API Keys.
It is assumed you are logged into an existing CDP account (if not, create one).
Your CDP account should include a project by default.
Navigate to your API keys dashboard. From the top drop-down, select your desired project.
Continue reading based on the type of API key you need to create.
To create a Secret API key (for server-to-server communication), ensure the Secret API Keys tab is selected as shown in the previous step.
Click the Create API key button and give your key a name.
You also have the option to:
When you are satisfied with your key configuration, click Create & download:
A modal will appear with your key details.
Make sure you save the API key ID and Secret in a safe place. You can’t re-download it later.
To regenerate a Secret API key, click Configure to delete and recreate the key.
Now, you are ready to use our REST and server-side APIs!
To create a Client API key (for use in front-end components) ensure the Client API Key tab is selected.
Copy the Client API key and export it as an environment variable:
Click the Rotate button to expire this key and generate a new one.
Proceed to Step 3.
You can generate a JSON Web Token (JWT) using the following code snippets.
More on JWTs
A JWT is a compact, self-contained, stateless token format used to securely transmit API keys as a JSON object for authentication with the CDP API.
Read more in our JWT documentation.
Continue reading to:
Never include Secret API key information in your code.
Instead, securely store it and retrieve it from an environment variable, a secure database, or other storage mechanism intended for highly-sensitive parameters.
To begin, export the following environment variables:
KEY_NAME
: The name of the API key you want to useKEY_SECRET
: The secret of the API key you want to useREQUEST_METHOD
: The HTTP method of the endpoint you want to targetREQUEST_PATH
: The path of the endpoint you want to targetREQUEST_HOST
: The host of the endpoint you want to targetFor example:
Newlines must be preserved to properly parse the key secret. Do this on one line by using \n to escape new lines, or via a multi-line string.
Complete the remaining setup steps for JWT generation below according to your language choice.
Install required dependencies:
Now that your environment is setup, you can create the code to generate the JWT and export it as an environment variable.
Your JWT is valid for 2 minutes. After 2 minutes, you will need to generate a new JWT to ensure uninterrupted access to the CDP APIs.
Create a new file for JWT generation code:
It should contain the following:
Finally, run the script to generate the JWT output and export it as an environment variable.
To authenticate your server-side code, use the JWT token you generated in the previous step as a Bearer Token within your request:
As an example, Get Asset by ID could be requested like so:
To authenticate your client-side code, include it with your JSON-RPC request:
As an example, you can request the List Historical Balances JSON-RPC endpoint like so: