我试图访问coinbase api以在我的ubuntu终端上生成地址。
curl -k -X GET "https://api.coinbase.com/v2/accounts/3e3835d3----/addresses" -H "CB-VERSION: 2015-04-08" -H "accept: application/json;charset=utf-8" -H "Authorization: Bearer abd90df5f27a7b170cd775abf89d632b350b7c1c9d53e08b340cd9832ce52c2c"
返回以下错误。
{“errors”:[{“id”:“invalid_token”,“message”:“访问令牌无效”}}}
我不知道作为授权持有人传递什么。我只有API密钥和API密码。如果还有其他步骤或其他文件,请告诉我。如果您需要更多信息,请同时询问。
一个例子会有所帮助。提前谢谢。
答案 0 :(得分:1)
请尝试理解这个documentation for python。 它说
> All REST requests must contain the following headers:
>
> CB-ACCESS-KEY API key as a string
> CB-ACCESS-SIGN Message signature (see below)
> CB-ACCESS-TIMESTAMP Timestamp for your request
>
> All request bodies should have content type application/json and be
> valid JSON.
>
> Example request:
>
> curl https://api.coinbase.com/v2/user \
--header "CB-ACCESS-KEY:<your api key>" \
--header "CB-ACCESS-SIGN: <the user generated message signature>" \
--header "CB-ACCESS-TIMESTAMP: <a timestamp for your request>"
>
> The CB-ACCESS-SIGN header is generated by creating a sha256 HMAC using
> the secret key on the prehash string timestamp + method + requestPath
> + body (where + represents string concatenation). The timestamp value is the same as the CB-ACCESS-TIMESTAMP header.
>
> The body is the request body string. It is omitted if there is no
> request body (typically for GET requests).
>
> The method should be UPPER CASE.
>
> The requestPath is the full path and query parameters of the URL,
> e.g.: /v2/exchange-rates?currency=USD.
>
> The CB-ACCESS-TIMESTAMP header MUST be number of seconds since Unix
> Epoch in UTC.
>
> Your timestamp must be within 30 seconds of the API service time, or
> your request will be considered expired and rejected.
所以我在php中做的是让授权持有者在curl请求中发送如下:
$sig = hash_hmac('sha256', $requeststring, $coinbaseclientsecret);
答案 1 :(得分:0)
快速阅读API文档后,您需要使用OAuth作为承载。有关示例代码,请参阅Coinbase integration documentation。