POST
/
v2
/
end-users
/
auth
/
validate-token
Validate end user access token
curl --request POST \
  --url https://api.cdp.coinbase.com/platform/v2/end-users/auth/validate-token \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "accessToken": "eyJhbGciOiJFUzI1NiIsImtpZCI6IjA1ZGNmYTU1LWY1NzktNDg5YS1iNThhLTFlMDI5Nzk0N2VlNiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJjZHAtYXBpIiwiYXV0aF90eXBlIjoiZW1haWwiLCJleHAiOjE3NTM5ODAyOTksImlhdCI6MTc1Mzk3ODQ5OSwiaXNzIjoiY2RwLWFwaSIsImp0aSI6IjA3ZWY5M2JlLTYzMDQtNGQ1YS05NmE3LWJlMGI5MWI0ZTE3NCIsInByb2plY3RfaWQiOiJjNzRkOGI4OC0wOTNiLTQyZDItOGE4Yy1kZGM1YzVlMGViNDMiLCJzdWIiOiJjYTM4YTM4ZC0xNmE5LTRkMjYtYTcxZC0zOWY2NmY5YzZiN2UifQ.1SU0pOy-WR002qUw4hd_UmZWRSLz-ZL6v7PvQvZMKVE6a51x_tqeUeRGaTGuYl1whg0eccMObmK7FqXKRH6E4g"
}'
{
  "userId": "e051beeb-7163-4527-a5b6-35e301529ff2",
  "authenticationMethods": [
    {
      "type": "email",
      "email": "user@example.com"
    },
    {
      "type": "sms",
      "phoneNumber": "+12055555555"
    },
    {
      "type": "jwt",
      "sub": "e051beeb-7163-4527-a5b6-35e301529ff2",
      "kid": "NjVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg"
    }
  ],
  "evmAccounts": [
    "0x742d35Cc6634C0532925a3b844Bc454e4438f44e"
  ],
  "evmSmartAccounts": [
    "0x742d35Cc6634C0532925a3b844Bc454e4438f44e"
  ],
  "solanaAccounts": [
    "HpabPRRCFbBKSuJr5PdkVvQc85FyxyTWkFM2obBRSvHT"
  ]
}

Authorizations

Authorization
string
header
required

A JWT signed using your CDP API Key Secret, encoded in base64. Refer to the Generate Bearer Token section of our Authentication docs for information on how to generate your Bearer Token.

Body

application/json

The request body for a developer to verify an end user's access token.

accessToken
string
required

The access token in JWT format to verify.

Example:

"eyJhbGciOiJFUzI1NiIsImtpZCI6IjA1ZGNmYTU1LWY1NzktNDg5YS1iNThhLTFlMDI5Nzk0N2VlNiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJjZHAtYXBpIiwiYXV0aF90eXBlIjoiZW1haWwiLCJleHAiOjE3NTM5ODAyOTksImlhdCI6MTc1Mzk3ODQ5OSwiaXNzIjoiY2RwLWFwaSIsImp0aSI6IjA3ZWY5M2JlLTYzMDQtNGQ1YS05NmE3LWJlMGI5MWI0ZTE3NCIsInByb2plY3RfaWQiOiJjNzRkOGI4OC0wOTNiLTQyZDItOGE4Yy1kZGM1YzVlMGViNDMiLCJzdWIiOiJjYTM4YTM4ZC0xNmE5LTRkMjYtYTcxZC0zOWY2NmY5YzZiN2UifQ.1SU0pOy-WR002qUw4hd_UmZWRSLz-ZL6v7PvQvZMKVE6a51x_tqeUeRGaTGuYl1whg0eccMObmK7FqXKRH6E4g"

Response

Confirms that the access token is valid and returns the end user's information.

Information about the end user.

userId
string
required

A stable, unique identifier for the end user. The userId must be unique across all end users in the developer's CDP Project. It must be between 1 and 100 characters long and can only contain alphanumeric characters and hyphens.

Example:

"e051beeb-7163-4527-a5b6-35e301529ff2"

authenticationMethods
(EmailAuthentication · object | SmsAuthentication · object | DeveloperJWTAuthentication · object)[]
required

The list of valid authentication methods linked to the end user.

Example:
[
{
"type": "email",
"email": "user@example.com"
},
{
"type": "sms",
"phoneNumber": "+12055555555"
},
{
"type": "jwt",
"sub": "e051beeb-7163-4527-a5b6-35e301529ff2",
"kid": "NjVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg"
}
]
evmAccounts
string[]
required

The list of EVM accounts associated with the end user. Currently, only one EVM account is supported per end user.

The address of the EVM account associated with the end user.

Example:
[
"0x742d35Cc6634C0532925a3b844Bc454e4438f44e"
]
evmSmartAccounts
string[]
required

The list of EVM smart accounts associated with the end user. Currently, only one EVM smart account is supported per end user.

The address of the EVM smart account associated with the end user.

Example:
[
"0x742d35Cc6634C0532925a3b844Bc454e4438f44e"
]
solanaAccounts
string[]
required

The list of Solana accounts associated with the end user. Currently, only one Solana account is supported per end user.

The base58 encoded address of the Solana account associated with the end user.

Example:
[
"HpabPRRCFbBKSuJr5PdkVvQc85FyxyTWkFM2obBRSvHT"
]