cdp.auth package

Subpackages

Module contents

Authentication package for the SDK.

This package provides authentication utilities and JWT token handling functionality.

class cdp.auth.GetAuthHeadersOptions(**data)

Bases: BaseModel

Options for generating authentication headers.

api_key_id - The API key ID
api_key_secret - The API key secret
request_method - The HTTP method
request_host - The request host
request_path - The request path
[request_body] - Optional request body
[wallet_secret] - Optional wallet secret for wallet authentication
[source] - Optional source identifier
[source_version] - Optional source version
[expires_in] - Optional JWT expiration time in seconds
[audience] - Optional audience claim for the JWT
api_key_id: str
api_key_secret: str
audience: list[str] | None
expires_in: int | None
model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

request_body: dict[str, Any] | None
request_host: str
request_method: str
request_path: str
source: str | None
source_version: str | None
wallet_secret: str | None
class cdp.auth.GetWebSocketAuthHeadersOptions(**data)

Bases: BaseModel

Options for generating WebSocket authentication headers.

api_key_id - The API key ID
api_key_secret - The API key secret
[source] - Optional source identifier
[source_version] - Optional source version
[expires_in] - Optional JWT expiration time in seconds
[audience] - Optional audience claim for the JWT
api_key_id: str
api_key_secret: str
audience: list[str] | None
expires_in: int | None
model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

source: str | None
source_version: str | None
class cdp.auth.JwtOptions(**data)

Bases: BaseModel

Configuration options for JWT generation.

This class holds all necessary parameters for generating a JWT token for authenticating with Coinbase’s REST APIs. It supports both EC (ES256) and Ed25519 (EdDSA) keys.

api_key_id - The API key ID

Examples

‘xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx’ ‘organizations/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/apiKeys/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx’

api_key_secret - The API key secret

Examples

‘xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx==’ (Edwards key (Ed25519)) ‘—–BEGIN EC PRIVATE KEY—–\n…\n…\n…==\n—–END EC PRIVATE KEY—–\n’ (EC key (ES256))

request_method - The HTTP method for the request
Type:

e.g. ‘GET’, ‘POST’

request_host - The host for the request
Type:

e.g. ‘api.cdp.coinbase.com’

request_path - The path for the request
Type:

e.g. ‘/platform/v1/wallets’

expires_in - Optional expiration time in seconds
Type:

defaults to 120

audience - Optional audience claim for the JWT
api_key_id: str
api_key_secret: str
audience: list[str] | None
expires_in: int | None
model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

request_host: str | None
request_method: str | None
request_path: str | None
classmethod validate_request_method(v)

Validate the HTTP request method.

Parameters:

v (str | None) – The request method to validate, or None for JWTs intended for websocket connections

Return type:

str | None

Returns:

The validated request method in uppercase, or None

Raises:

ValueError – If the request method is invalid

class cdp.auth.Urllib3AuthClient(options, base_url, debug=False)

Bases: object

HTTP client that automatically adds authentication headers.

request(method, url, headers=None, body=None, **kwargs)

Make an authenticated HTTP request.

Parameters:

  • method (str) – The HTTP method

  • url (str) – The URL to request (relative or absolute)

  • headers (Optional[dict[str, str]]) – Optional additional headers

  • body (Union[dict[str, Any], bytes, None]) – Optional request body (can be a dict for JSON or bytes)

  • **kwargs (Any) – Additional arguments passed to urllib3.request()

Return type:

HTTPResponse

Returns:

urllib3.HTTPResponse

class cdp.auth.Urllib3AuthClientOptions(**data)

Bases: BaseModel

Configuration options for the authenticated HTTP client.

api_key_id - The API key ID

Examples

‘xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx’ ‘organizations/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/apiKeys/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx’

api_key_secret - The API key secret

Examples

‘xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx==’ (Edwards key (Ed25519)) ‘—–BEGIN EC PRIVATE KEY—–n…n…n…==n—–END EC PRIVATE KEY—–n’ (EC key (ES256))

[wallet_secret] - Optional wallet secret for authenticating with endpoints that require wallet authentication.
[source] - Optional source of the request
[source_version] - Optional version of the source of the request
[expires_in] - Optional expiration time in seconds
Type:

defaults to 120

api_key_id: str
api_key_secret: str
expires_in: int | None
model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

source: str | None
source_version: str | None
wallet_secret: str | None
class cdp.auth.WalletJwtOptions(**data)

Bases: BaseModel

Configuration options for Wallet Auth JWT generation.

This class holds all necessary parameters for generating a Wallet Auth JWT for authenticating with endpoints that require wallet authentication.

wallet_auth_key - The wallet authentication key
request_method - The HTTP method for the request
Type:

e.g. ‘GET’, ‘POST’

request_host - The host for the request
Type:

e.g. ‘api.cdp.coinbase.com’

request_path - The path for the request
Type:

e.g. ‘/platform/v1/wallets/{wallet_id}/addresses’

request_data - The request data for the request (e.g. { "wallet_id"

“1234567890” })

model_config: ClassVar[ConfigDict] = {}

Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

request_data: dict[str, Any]
request_host: str
request_method: str
request_path: str
classmethod validate_request_method(v)

Validate the HTTP request method.

Parameters:

v (str) – The request method to validate

Return type:

str

Returns:

The validated request method in uppercase

Raises:

ValueError – If the request method is invalid

wallet_auth_key: str
cdp.auth.generate_jwt(options)

Generate a JWT (Bearer token) for authenticating with Coinbase’s APIs.

Supports both EC (ES256) and Ed25519 (EdDSA) keys. Also supports JWTs meant for websocket connections by allowing request_method, request_host, and request_path to all be None, in which case the ‘uris’ claim is omitted from the JWT.

Parameters:

options (JwtOptions) – The configuration options for generating the JWT

Return type:

str

Returns:

The generated JWT (Bearer token) string

Raises:

ValueError – If required parameters are missing, invalid, or if JWT signing fails

cdp.auth.generate_wallet_jwt(options)

Build a wallet authentication JWT for the given API endpoint URL.

Used for authenticating with specific endpoints that require wallet authentication.

Parameters:

options (WalletJwtOptions) – The configuration options for generating the wallet auth JWT

Return type:

str

Returns:

The generated JWT (Bearer token) string

Raises:

ValueError – If required parameters are missing or if JWT signing fails

cdp.auth.get_auth_headers(options)

Get authentication headers for a request.

Parameters:

options (GetAuthHeadersOptions) – The authentication header options

Return type:

dict[str, str]

Returns:

Dict with authentication headers

cdp.auth.get_websocket_auth_headers(options)

Get authentication headers for a WebSocket connection.

Parameters:

options (GetWebSocketAuthHeadersOptions) – The WebSocket authentication header options

Return type:

dict[str, str]

Returns:

Dict with authentication headers