coinbase api returns {"errors":[{"id":"invalid_token","message":"The access token is invalid"}]}
coinbase api returns {"errors":[{"id":"invalid_token","message":"The access token is invalid"}]}
我正在尝试访问 coinbase api 以在我的 ubuntu 终端上生成地址。
curl -k -X GET "https://api.coinbase.com/v2/accounts/3e3835d3----/addresses" -H "CB-VERSION: 2015-04-08" -H "accept: application/json;charset=utf-8" -H "Authorization: Bearer abd90df5f27a7b170cd775abf89d632b350b7c1c9d53e08b340cd9832ce52c2c"
returns 低于错误。
{"errors":[{"id":"invalid_token","message":"The access token is invalid"}]}
我不知道要传递什么作为授权持有人。我只有 API 密钥和 API 秘密。如果还有其他步骤或其他文档,请告诉我。如果您需要更多信息,也可以询问。
举个例子会有帮助。提前致谢。
快速阅读 API 文档后发现您需要使用 OAuth 作为承载。请参阅 Coinbase integration documentation 示例代码。
请尝试为 python 理解此 documentation。
它说
> All REST requests must contain the following headers:
>
> CB-ACCESS-KEY API key as a string
> CB-ACCESS-SIGN Message signature (see below)
> CB-ACCESS-TIMESTAMP Timestamp for your request
>
> All request bodies should have content type application/json and be
> valid JSON.
>
> Example request:
>
> curl https://api.coinbase.com/v2/user \
--header "CB-ACCESS-KEY:<your api key>" \
--header "CB-ACCESS-SIGN: <the user generated message signature>" \
--header "CB-ACCESS-TIMESTAMP: <a timestamp for your request>"
>
> The CB-ACCESS-SIGN header is generated by creating a sha256 HMAC using
> the secret key on the prehash string timestamp + method + requestPath
> + body (where + represents string concatenation). The timestamp value is the same as the CB-ACCESS-TIMESTAMP header.
>
> The body is the request body string. It is omitted if there is no
> request body (typically for GET requests).
>
> The method should be UPPER CASE.
>
> The requestPath is the full path and query parameters of the URL,
> e.g.: /v2/exchange-rates?currency=USD.
>
> The CB-ACCESS-TIMESTAMP header MUST be number of seconds since Unix
> Epoch in UTC.
>
> Your timestamp must be within 30 seconds of the API service time, or
> your request will be considered expired and rejected.
所以我在 php 中所做的让授权持有者发送 curl 请求的方法如下:
$sig = hash_hmac('sha256', $requeststring, $coinbaseclientsecret);
我正在尝试访问 coinbase api 以在我的 ubuntu 终端上生成地址。
curl -k -X GET "https://api.coinbase.com/v2/accounts/3e3835d3----/addresses" -H "CB-VERSION: 2015-04-08" -H "accept: application/json;charset=utf-8" -H "Authorization: Bearer abd90df5f27a7b170cd775abf89d632b350b7c1c9d53e08b340cd9832ce52c2c"
returns 低于错误。
{"errors":[{"id":"invalid_token","message":"The access token is invalid"}]}
我不知道要传递什么作为授权持有人。我只有 API 密钥和 API 秘密。如果还有其他步骤或其他文档,请告诉我。如果您需要更多信息,也可以询问。
举个例子会有帮助。提前致谢。
快速阅读 API 文档后发现您需要使用 OAuth 作为承载。请参阅 Coinbase integration documentation 示例代码。
请尝试为 python 理解此 documentation。 它说
> All REST requests must contain the following headers:
>
> CB-ACCESS-KEY API key as a string
> CB-ACCESS-SIGN Message signature (see below)
> CB-ACCESS-TIMESTAMP Timestamp for your request
>
> All request bodies should have content type application/json and be
> valid JSON.
>
> Example request:
>
> curl https://api.coinbase.com/v2/user \
--header "CB-ACCESS-KEY:<your api key>" \
--header "CB-ACCESS-SIGN: <the user generated message signature>" \
--header "CB-ACCESS-TIMESTAMP: <a timestamp for your request>"
>
> The CB-ACCESS-SIGN header is generated by creating a sha256 HMAC using
> the secret key on the prehash string timestamp + method + requestPath
> + body (where + represents string concatenation). The timestamp value is the same as the CB-ACCESS-TIMESTAMP header.
>
> The body is the request body string. It is omitted if there is no
> request body (typically for GET requests).
>
> The method should be UPPER CASE.
>
> The requestPath is the full path and query parameters of the URL,
> e.g.: /v2/exchange-rates?currency=USD.
>
> The CB-ACCESS-TIMESTAMP header MUST be number of seconds since Unix
> Epoch in UTC.
>
> Your timestamp must be within 30 seconds of the API service time, or
> your request will be considered expired and rejected.
所以我在 php 中所做的让授权持有者发送 curl 请求的方法如下:
$sig = hash_hmac('sha256', $requeststring, $coinbaseclientsecret);