Permissions (scopes) – Coinbase Developers

Permissions, also known spil scopes with OAuth2, permit you to specify fine grained access for your Coinbase Connect (OAuth2) applications and API keys. Getting your permissions right is the key to developing safe and trustworthy applications on Coinbase&rsquo,s APIs.

With OAuth2, permissions are set te the authorization URL. Some permissions, like sending funds, also requires extra settings. You can read more about them at Coinbase Connect permissions guide. Unlike Coinbase Connect permissions, API key permissions are defined when creating an API key and can be switches afterwards.

All authenticated endpoints, except GET /user , require a specific scope to access them. Some endpoints might also have extra scopes for extra information or access. Ter normal, permissions go after the service-name:resource:act pattern, where the service name is wallet for the main Coinbase API. Ter militar, most common deeds are:

  • read – List or read individual resources (e.g. listing your transactions)
  • create – Create fresh resources. For some resources there&rsquo,s more specific deeds (e.g. send and refund )
  • update – Update existing resource
  • delete – Delete a resource

With OAuth2, permissions should be considered spil grants: Users can select which permissions (scopes) they grant access to for the application. The application might need to request fresh scopes overheen the lifecycle of the authorization. To see which permissions the user has granted, you can use GET /user/auth endpoint.

Spil a normal rule, you should only ask for scopes which your application needs and avoid asking for access to unnecessary ones. Users more readily grant access to limited, clearly described scopes.

Below are listed all the available permissions for both Coinbase Connect application and API keys. For more information to understand which permission is required for a specific API activity/endpoint, please go after our API reference which includes Permissions section under each endpoint.

You may also like...

2 Responses

  1. amberlori says:

    I think this is a good case probe moving forward when other coins split, even tho’ I didn’t support Bcash I did want everyone to have to capability to access their rightful tokens. The argument now is everyone should be responsible for their deeds and Coinbase laid out their project of act weeks ahead of the hardfork. However I recall when Poloniex had to zekering serving residents te one state and many of those members never got an email or warning when logging on the webpagina. I’ll keep an eye out on the story even I don’t know who’s right or wrong on this one.

  2. spinknottle says:

    But what they did not say at the commence that they are going to punt them very late, at the early 2018, which is pretty bad spil the price is very likely going to be much lower by then.

Leave a Reply

Your email address will not be published. Required fields are marked *