Search code examples
coinbase-api

Invalid Signature Coinbase

I'm trying to use the API for Coinbase but I get invalid signature.

So probably I'm actually sign it wrong or I'm missing something.

what should I use on request? should i use POST or GET on method?

$urlapi = "https://api.coinbase.com/v2/time";
            $Key = "--------------";
            $Secret = "------------";               
            $fecha = new DateTime();
            $timestamp = $fecha->getTimestamp();
            $request="";
            $body="";
            $method="GET";  
            $Datas = $timestamp . $method . $request . $body;               
            $hmacSig = hash_hmac('sha256',$Datas,$Secret);
            $curl = curl_init($urlapi);
            curl_setopt($curl,CURLOPT_HTTPHEADER,array('Content-Type: application/json','CB-ACCESS-KEY: '.$Key,'CB-VERSION: 2015-07-07','CB-ACCESS-TIMESTAMP: '. $timestamp,'CB-ACCESS-SIGN: '.$hmacSig));
            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
            $resp = curl_exec($curl);
            if(!curl_exec($curl)){
            die('Error: "' . curl_error($curl) . '" - Code: ' . curl_errno($curl));
            }
            curl_close($curl);

            print_r($resp);
Solution

  • Get Current Time is a GET request (ref). The HTTP verb (GET/POST etc.) can be found in the docs for each type of request here:

    enter image description here

    In your example, the problem is that the $request variable in your message is blank. It should be $request="/v2/time";

    hash_hmac returns hex encoded string by default so the hashing part is correct.