Skip to main content

Advanced Trade WebSocket Authentication

To authenticate Advanced Trade WebSocket channels, you can use Coinbase Cloud API Trading keys or our legacy API keys. See the Authentication Overview for information on legacy API keys.

Making Requests

Use the code samples below to generate/export a JSON Web Token (JWT) and make an authenticated request.


The differences between the code snippets for WebSockets (below) and REST calls are:

  • WebSocket JWTs are not built with a request method or request path.
  • The service_name is set to public_websocket_api instead of retail_rest_api_proxy.

Generating a JWT

Regardless of which code snippet you use, follow these steps:

  1. Replace key name and key secret with your key name and private key. key secret is a multi-line key and newlines must be preserved to properly parse the key. Do this on one line with \n escaped newlines, or with a multi-line string.

  2. Run the generation script that prints the command export JWT=....

  3. Run the generated command to save your JWT.


    Your JWT expires after 2 minutes, after which all requests are unauthenticated.

Code samples

The easiest way to generate a JWT is to use the built-in functions in our Python SDK as described below. Otherwise, use the code samples below to generate/export a JWT and make an authenticated request.

  1. Install the SDK.

    pip3 install coinbase-advanced-py
  2. In the console, run: python (or whatever your file name is).

  3. Set the JWT to that output, or export the JWT to the environment with eval $(python

from coinbase import jwt_generator

api_key = "organizations/{org_id}/apiKeys/{key_id}"
api_secret = "-----BEGIN EC PRIVATE KEY-----\nYOUR PRIVATE KEY\n-----END EC PRIVATE KEY-----\n"

def main():
jwt_token = jwt_generator.build_ws_jwt(api_key, api_secret)
print(f"export JWT={jwt_token}")

if __name__ == "__main__":

Was this helpful?