key name
and key secret
with your key name and private key. key secret
is a multi-line key and newlines must be preserved to properly parse the key. Do this on one line with \n
escaped newlines, or with a multi-line string./v2/accounts/f603f97c-37d7-4e58-b264-c27e9e393dd9/addresses
.export JWT=...
.python main.py
(or whatever your file name is).
export JWT=$(python main.py)
.
curl -H "Authorization: Bearer $JWT" 'https://api.coinbase.com/api/v3/brokerage/accounts'
api_secret
with the transfer
permission, they will be able to send all the digital currency out of your account.
Avoid storing API keys in your code base (which gets added to version control). The recommended best practice is to store them in environment variables. Learn more about environment variables here. Separating credentials from your code base and database is always good practice.
API Key access is turned off by default on all accounts. To implement an API Key integration, you therefore must first enable it,and then take necessary precautions to store the API Key securely. You can always regenerate your API Key (or disable it) if you feel it has been compromised.
https
. This helps prevent a man in the middle attack. If you are using a client library, this may be turned on by default, but you should confirm this. Whenever you see ‘verify SSL’ you should always ensure it is set to true.