Receiving “message”:”CB-ACCESS-KEY header is required” when attempting to connect to coinbase pro api

I have been trying to mock up a cli script to connect to the coinbase pro api.

I have been able to get it to work successfully using python but I am looking to have a cli-based solution.


function make_request(){
    timestamp=$(date +%s)

    api_key=$(head -n 1 ./api_key)
    sec_key=$(head -n 1 ./sec_key)
    passphr=$(head -n 1 ./passphrase)
    hmac_key=$(echo -n $sec_key | base64 -d)
    # create a sha256 hmac with the secret
    signature_b64=$(echo -n $message | openssl dgst -sha256 -hmac $hmac_key -binary | base64)

    user_agent="Mozilla/5.0 (X11; Linux i686; rv:59.0) Gecko/20100101 Firefox/59.0"

    ## Build Header info ##
    cont_type="'Content-Type': 'Application/JSON'"
    accpt_enc="'Accept-Encoding': 'gzip, deflate'"
    head_sign="'CB-ACCESS-SIGN': '"$signature_b64"'"
    head_time="'CB-ACCESS-TIMESTAMP': '"$timestamp"'"
    head_key="'CB-ACCESS-KEY': '"$api_key"'"
    head_pass="'CB-ACCESS-PASSPHRASE': '"$passphr"'"
       # data=$( curl -v \
   #              -A "$user_agent" \
   #              -H "$head_key" \
   #              -H "$cont_type" \
   #              -H "$head_sign" \
   #              -H "$head_time" \
   #              -H "$head_pass" \
   #              "$url$path" )

    data=$( wget --verbose \
                 --debug \
                 --user-agent="$user_agent" \
                 --header="$head_key" \
                 --header="$cont_type" \
                 --header="$head_sign" \
                 --header="$head_time" \
                 --header="$head_pass" \
                 "$url$path" )

    echo $data


make_request GET "$path" "$body"

I get the same error whether I use curl or wget. I am not sure what is going on.

I have compared my headers from debug and verbose and they appear to be simmilar to me to my python headers.

Example python headers:

{'User-Agent': 'python-requests/2.20.0', 'Accept-Encoding': 'gzip, deflate', 'Accept': '*/*', 'Connection': 'keep-alive', 'Cookie': '__cfduid=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', 'Content-Type': 'Application/JSON', 'CB-ACCESS-SIGN': 'Gk+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=', 'CB-ACCESS-TIMESTAMP': '1592491810.1017096', 'CB-ACCESS-KEY': 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', 'CB-ACCESS-PASSPHRASE': 'xxxxxxxxxxx'}

wget headers:

---request begin---
GET /accounts/ HTTP/1.1
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:59.0) Gecko/20100101 Firefox/59.0
Accept: */*
Accept-Encoding: identity
Connection: Keep-Alive
'CB-ACCESS-KEY': 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
'Content-Type': 'Application/JSON'
'CB-ACCESS-SIGN': 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxQ='
'CB-ACCESS-TIMESTAMP': '1592492837'
'CB-ACCESS-PASSPHRASE': 'xxxxxxxxxxx'

---request end---

curl headers:

> GET /accounts/ HTTP/2
> Host:
> user-agent: Mozilla/5.0 (X11; Linux i686; rv:59.0) Gecko/20100101 Firefox/59.0
> accept: */*
> 'cb-access-key': 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
> 'content-type': 'Application/JSON'
> 'cb-access-sign': 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxc='
> 'cb-access-timestamp': '1592439326'
> 'cb-access-passphrase': 'xxxxxxxxxxx'

Leave a Comment