Coinbase Integration

Home Integrations Coinbase Integration

Overview

Coinbase is one of the most established and regulated cryptocurrency exchanges, particularly significant in the United States and among institutional participants. Coinbase Advanced Trade (formerly Coinbase Pro) provides the REST and WebSocket API that algorithmic traders, portfolio management systems, and trading applications use for programmatic access to Coinbase's spot and perpetual futures markets. For applications that need to interact with Coinbase — whether for order execution, market data, account management, or portfolio tracking — the Coinbase Advanced Trade API is the primary integration point.

Coinbase's regulatory standing makes it a preferred venue for institutional traders and compliance-conscious operations. Coinbase is a publicly listed company, holds money transmission licences across US states, and operates with the regulatory oversight that institutional participants require. For trading systems deployed in regulated environments, or for businesses that need to demonstrate compliance with cryptocurrency trading regulations, Coinbase's regulatory profile is a significant consideration alongside its trading capabilities.

The Coinbase Advanced Trade API uses a JWT-based authentication system for REST requests and a separate authentication mechanism for WebSocket connections — a change from the legacy API key plus signature approach used by Coinbase Pro. The JWT authentication generates short-lived tokens signed with an EC private key (ES256 algorithm), requiring a different authentication implementation than the HMAC-SHA256 signing used by most other cryptocurrency exchanges. The WebSocket authentication uses a similar JWT mechanism for establishing authenticated connections to private data streams.

We build Coinbase Advanced Trade integrations for algorithmic trading systems, portfolio tracking applications, compliance-oriented trading operations, and any application that needs reliable connectivity to Coinbase's trading and market data infrastructure.

What Coinbase Advanced Trade Integration Covers

JWT authentication. Coinbase Advanced Trade's authentication differs from most cryptocurrency exchange APIs — it uses JSON Web Tokens signed with an EC private key rather than HMAC-SHA256 request signatures.

API credentials: Coinbase Advanced Trade API credentials consist of an API key name (in the format organisations/{org_id}/apiKeys/{key_id}) and an EC private key in PEM format. These credentials are created in the Coinbase Advanced Trade developer portal, with permissions scoped to the operations the integration requires — view (read-only), trade (order placement), transfer (fund transfers).

JWT construction: the JWT for each REST request is constructed with a standard JWT header ({"alg":"ES256","kid":"{api_key_name}"}), a payload containing the sub (API key name), iss ("cdp"), nbf (not before, current timestamp), exp (expiry, typically 2 minutes after nbf), and uri (the request URI including method and path), and a signature computed using the ES256 algorithm with the EC private key. The Authorization: Bearer {jwt} header included in every authenticated REST request.

JWT per-request generation: unlike exchange APIs that sign request parameters, Coinbase's JWT includes the request URI in the payload — a different JWT must be generated for each unique API endpoint called. The JWT generation logic that produces a correctly structured, properly signed JWT for each API call without reusing tokens across different endpoints.

WebSocket authentication: the Coinbase Advanced Trade WebSocket API uses a similar JWT approach — the JWT included in the subscription message rather than in a connection-level header, with the channel, product_ids, and jwt fields in the subscribe message payload.

Orders API. The REST endpoints for order placement and management.

Order placement: the POST /api/v3/brokerage/orders endpoint for placing orders. Order configuration through the order_configuration object that specifies the order type — market_market_ioc for immediate-or-cancel market orders, sor_limit_ioc for smart order routing limit IOC orders, limit_limit_gtc for good-till-cancelled limit orders, limit_limit_gtd for good-till-date limit orders, stop_limit_stop_limit_gtc for stop-limit orders, stop_limit_stop_limit_gtd for time-bounded stop-limit orders. The client_order_id parameter for the integration's own order reference that can be used for subsequent order queries.

Order parameters: the product_id for the trading pair (formatted as BTC-USD, ETH-USD), the side (BUY or SELL), and the type-specific parameters within the order_configuration — base_size for the quantity in the base currency, limit_price for limit orders, stop_price for stop-limit orders.

Order response: the order_id (Coinbase's assigned identifier) and the success boolean with the success_response or error_response that indicates whether the order was accepted. The preview_failure_reason when the order was rejected with the specific reason — insufficient funds, invalid parameters, market closed.

Order queries: the GET /api/v3/brokerage/orders/historical/batch endpoint for retrieving historical orders with filtering by status, product, and time range. The GET /api/v3/brokerage/orders/historical/{order_id} endpoint for retrieving a specific order. The GET /api/v3/brokerage/orders/historical/fills endpoint for trade fills — the executed trades that resulted from order matches.

Order cancellation: the POST /api/v3/brokerage/orders/batch_cancel endpoint that cancels one or more orders by order ID. The bulk cancellation that allows cancelling multiple orders in a single API call.

Portfolio and account data. Coinbase Advanced Trade account and balance information.

Accounts: the GET /api/v3/brokerage/accounts endpoint that returns the accounts associated with the API credentials — the UUID, the currency, the available balance, the held balance, and the account name. Each tradeable currency has a separate account. Pagination with the cursor parameter for accounts lists that exceed the page size.

Portfolio management: Coinbase Advanced Trade supports named portfolios that group assets and positions. The GET /api/v3/brokerage/portfolios endpoint for listing portfolios. The GET /api/v3/brokerage/portfolios/{portfolio_uuid} endpoint for portfolio details including the current value breakdown by asset. The portfolio structure that allows segregating funds between different trading strategies or accounts within a single Coinbase account.

Transaction history: the GET /api/v3/brokerage/orders/historical/fills endpoint with time range filtering for the fill history — the executed trade records with price, size, commission, and timestamp that portfolio performance tracking requires.

Product and market data. Coinbase's REST and WebSocket market data for trading pairs.

Products: the GET /api/v3/brokerage/products endpoint that returns the tradeable products — the product ID, the base and quote currencies, the price increment (tick size), the base increment (minimum order size), the quote increment, the status (online, offline, post-only), and the trading limits. The product specifications that order sizing calculations use to produce valid orders.

Product ticker: the GET /api/v3/brokerage/products/{product_id} endpoint for the current best bid, best ask, and last trade price for a specific product. The price snapshot for applications that need current prices without maintaining a WebSocket connection.

Candles: the GET /api/v3/brokerage/products/{product_id}/candles endpoint for historical OHLCV bar data. The start and end Unix timestamps with the granularity parameter specifying the bar interval — ONE_MINUTE, FIVE_MINUTE, FIFTEEN_MINUTE, THIRTY_MINUTE, ONE_HOUR, TWO_HOUR, SIX_HOUR, ONE_DAY. Up to 300 candles per request, with pagination via time range adjustment for extended history.

Market trades: the GET /api/v3/brokerage/products/{product_id}/ticker endpoint for recent trades — the last 150 trades with price, size, side, and timestamp. The trade data for order book and market microstructure analysis.

WebSocket market data. Real-time streaming market data via the Coinbase Advanced Trade WebSocket API.

Connection: the WebSocket endpoint at wss://advanced-trade-ws.coinbase.com for public and private streams. The connection is a single endpoint for both market data and account data streams, with channel-based subscription distinguishing the data types.

Subscription format: the subscribe message containing the type ("subscribe"), the channel being subscribed to, the product_ids array for the symbols, and the jwt for authenticated channels. Multiple channels subscribed in separate messages or within a single connect-time subscribe sequence.

Heartbeat channel: the heartbeats channel that sends periodic messages to confirm the connection is alive — the keepalive mechanism that detects stale connections without requiring application-level ping/pong.

Candles channel: the candles channel for real-time OHLCV updates — the bar that updates as trades occur and is finalized at bar close. The candle update that trading systems use for real-time indicator calculation.

Market trades channel: the market_trades channel for individual executed trades — the price, size, side, trade ID, and timestamp for each trade. The tick data stream for real-time price discovery.

Level2 channel: the level2 channel for order book updates — the snapshot of the current best bid and ask followed by incremental updates as the order book changes. The bids and asks arrays in each update message representing the current state of the best price levels. Note that the Coinbase level2 channel provides a limited view compared to full-depth order books on some other exchanges.

Ticker channel: the ticker channel for best bid, best ask, and last trade price updates on each trade. The ticker_batch channel for batched ticker updates that reduce message frequency for applications that do not need every individual update.

User channel: the authenticated user channel for private account updates — order status changes, fills, and account balance changes. The channel that requires the JWT in the subscription message and provides the real-time account events that the trading system uses for order tracking without REST API polling.

Futures trading. Coinbase Advanced Trade supports perpetual futures for eligible accounts.

Futures products: futures products identified with a PERP suffix in the product ID — BTC-PERP-INTX, ETH-PERP-INTX. The perpetual futures on the Coinbase International Exchange (INTX) accessible to eligible non-US customers.

Futures positions: the GET /api/v3/brokerage/cfm/positions endpoint for current futures positions — the product, the number of contracts, the side, the entry price, the current price, the unrealised PnL, and the liquidation price.

Futures balance: the GET /api/v3/brokerage/cfm/balance_summary endpoint for the futures account balance — the total balance, the unrealised PnL, the initial margin, and the available margin.

Rate Limit Management

Coinbase Advanced Trade enforces rate limits on both REST and WebSocket operations.

REST rate limits: private endpoints are limited to a certain number of requests per second, with the limit varying by endpoint — order placement and cancellation have separate limits from account data queries. The X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset response headers that report the current rate limit status. The 429 response that indicates rate limit exceeded, with the Retry-After header specifying when the limit resets.

WebSocket subscription limits: limits on the number of product subscriptions per connection and the number of simultaneous WebSocket connections. The connection management that stays within these limits while providing the market data coverage the trading system requires.

Order book management. The Coinbase level2 WebSocket channel requires specific handling.

Snapshot and updates: the first message after subscribing to the level2 channel is a snapshot of the current best bid and ask. Subsequent messages are updates that replace the previous best bid and ask. The local order book maintenance that applies each update to maintain the current best price state.

Re-subscription on gaps: if the sequence of level2 updates has a gap — detected by a break in the sequence numbering — re-subscribing to the channel to receive a fresh snapshot and restart the incremental update sequence.

Coinbase in Regulated Trading Environments

Coinbase's regulatory standing makes it a preferred venue for trading operations that require regulatory compliance considerations.

KYC and AML compliance: Coinbase performs identity verification and AML checks on account holders, providing a compliance framework that some institutional and regulatory contexts require from their exchange counterparties.

Tax reporting: Coinbase provides transaction history in formats compatible with common tax reporting requirements — useful for trading operations that need to report cryptocurrency trading gains and losses.

Institutional services: Coinbase Prime for institutional clients provides additional services beyond Advanced Trade — custody, OTC trading, and prime brokerage services. The Prime API is a separate integration from Advanced Trade for institutional clients that use both retail and institutional services.

Technologies Used

  • Rust — high-performance WebSocket stream processing, JWT generation, low-latency order placement
  • Python — Coinbase connectivity for algorithmic strategy development, backtesting, and portfolio analysis
  • C# / ASP.NET Core — Coinbase integration for .NET-based portfolio management and compliance systems
  • TypeScript / Node.js — Coinbase integration for web-based trading dashboards and portfolio trackers
  • ES256 / EC private key — Coinbase Advanced Trade JWT authentication
  • WebSocket — real-time market data and user account stream connectivity
  • REST / HTTP — order management, account data, and historical market data
  • Redis — JWT caching, order state, rate limit management
  • SQL (PostgreSQL / MySQL) — trade history, order records, portfolio performance data
  • Docker — containerised integration deployment
  • GitHub Actions — CI/CD pipeline for integration service deployment

Coinbase in the Multi-Exchange Architecture

For trading systems that operate across multiple exchanges, the Coinbase Advanced Trade connector handles the Coinbase-specific authentication (ES256 JWT per request rather than HMAC-SHA256 per request), the Coinbase-specific product ID format (BTC-USD rather than BTCUSDT or BTC/USD), the Coinbase-specific WebSocket subscription model, and the Coinbase-specific order configuration structure — insulating the strategy and portfolio management layers from the exchange-specific implementation details.

The normalisation layer that maps Coinbase's data model to the internal trading system's data model — converting product IDs, normalising order statuses, converting balance representations, and translating fill events into the internal trade record format — allows the strategy logic to operate against a consistent internal interface regardless of which exchange is executing the orders.

Compliant, Reliable Coinbase Connectivity

Coinbase Advanced Trade integrations built to production standards — correct ES256 JWT generation for each request, comprehensive WebSocket channel management, accurate real-time order tracking through the user channel, rate limit management, and the operational monitoring that surfaces connectivity and authentication issues before they affect trading operations.