List spend permissions
curl --request GET \
--url https://api.cdp.coinbase.com/platform/v2/evm/smart-accounts/{address}/spend-permissions/list \
--header 'Authorization: Bearer <token>'import requests
url = "https://api.cdp.coinbase.com/platform/v2/evm/smart-accounts/{address}/spend-permissions/list"
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, headers=headers)
print(response.text)const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
fetch('https://api.cdp.coinbase.com/platform/v2/evm/smart-accounts/{address}/spend-permissions/list', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.cdp.coinbase.com/platform/v2/evm/smart-accounts/{address}/spend-permissions/list",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://api.cdp.coinbase.com/platform/v2/evm/smart-accounts/{address}/spend-permissions/list"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("Authorization", "Bearer <token>")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.get("https://api.cdp.coinbase.com/platform/v2/evm/smart-accounts/{address}/spend-permissions/list")
.header("Authorization", "Bearer <token>")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.cdp.coinbase.com/platform/v2/evm/smart-accounts/{address}/spend-permissions/list")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Get.new(url)
request["Authorization"] = 'Bearer <token>'
response = http.request(request)
puts response.read_body{
"spendPermissions": [
{
"permission": {
"account": "0xd53Ee96438383Bb1eff07958D110B81363E9Ab47",
"spender": "0x9Fb909eA400c2b8D99Be292DADf07e63B814527c",
"token": "0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE",
"allowance": "1000000000000000000",
"period": "86400",
"start": "0",
"end": "281474976710655",
"salt": "0",
"extraData": "0x"
},
"permissionHash": "0x62bc94756bb6221a7913beab6024171fc60d3380fdc06759bfac76e8ccb3f63d",
"revoked": false,
"createdAt": "2025-03-25T12:00:00Z",
"network": "base",
"revokedAt": "2025-03-25T12:00:00Z"
}
],
"nextPageToken": "eyJsYXN0X2lkIjogImFiYzEyMyIsICJ0aW1lc3RhbXAiOiAxNzA3ODIzNzAxfQ=="
}{
"errorType": "invalid_request",
"errorMessage": "Invalid request. Please check the request body and parameters."
}{
"errorType": "not_found",
"errorMessage": "Smart account not found."
}{
"errorType": "internal_server_error",
"errorMessage": "An internal server error occurred. Please try again later."
}{
"errorType": "bad_gateway",
"errorMessage": "Bad gateway. Please try again later."
}{
"errorType": "service_unavailable",
"errorMessage": "Service unavailable. Please try again later."
}EVM Smart Accounts
List spend permissions
Lists spend permission for the given smart account address.
GET
/
v2
/
evm
/
smart-accounts
/
{address}
/
spend-permissions
/
list
List spend permissions
curl --request GET \
--url https://api.cdp.coinbase.com/platform/v2/evm/smart-accounts/{address}/spend-permissions/list \
--header 'Authorization: Bearer <token>'import requests
url = "https://api.cdp.coinbase.com/platform/v2/evm/smart-accounts/{address}/spend-permissions/list"
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, headers=headers)
print(response.text)const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
fetch('https://api.cdp.coinbase.com/platform/v2/evm/smart-accounts/{address}/spend-permissions/list', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.cdp.coinbase.com/platform/v2/evm/smart-accounts/{address}/spend-permissions/list",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://api.cdp.coinbase.com/platform/v2/evm/smart-accounts/{address}/spend-permissions/list"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("Authorization", "Bearer <token>")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.get("https://api.cdp.coinbase.com/platform/v2/evm/smart-accounts/{address}/spend-permissions/list")
.header("Authorization", "Bearer <token>")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.cdp.coinbase.com/platform/v2/evm/smart-accounts/{address}/spend-permissions/list")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Get.new(url)
request["Authorization"] = 'Bearer <token>'
response = http.request(request)
puts response.read_body{
"spendPermissions": [
{
"permission": {
"account": "0xd53Ee96438383Bb1eff07958D110B81363E9Ab47",
"spender": "0x9Fb909eA400c2b8D99Be292DADf07e63B814527c",
"token": "0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE",
"allowance": "1000000000000000000",
"period": "86400",
"start": "0",
"end": "281474976710655",
"salt": "0",
"extraData": "0x"
},
"permissionHash": "0x62bc94756bb6221a7913beab6024171fc60d3380fdc06759bfac76e8ccb3f63d",
"revoked": false,
"createdAt": "2025-03-25T12:00:00Z",
"network": "base",
"revokedAt": "2025-03-25T12:00:00Z"
}
],
"nextPageToken": "eyJsYXN0X2lkIjogImFiYzEyMyIsICJ0aW1lc3RhbXAiOiAxNzA3ODIzNzAxfQ=="
}{
"errorType": "invalid_request",
"errorMessage": "Invalid request. Please check the request body and parameters."
}{
"errorType": "not_found",
"errorMessage": "Smart account not found."
}{
"errorType": "internal_server_error",
"errorMessage": "An internal server error occurred. Please try again later."
}{
"errorType": "bad_gateway",
"errorMessage": "Bad gateway. Please try again later."
}{
"errorType": "service_unavailable",
"errorMessage": "Service unavailable. Please try again later."
}Authorizations
A JWT signed using your CDP API Key Secret, encoded in base64. Refer to the Generate Bearer Token section of our Authentication docs for information on how to generate your Bearer Token.
Path Parameters
The address of the Smart account to list spend permissions for.
Pattern:
^0x[0-9a-fA-F]{40}$Query Parameters
The number of spend permissions to return per page.
The token for the next page of spend permissions. Will be empty if there are no more spend permissions to fetch.
Was this page helpful?
⌘I