Coinbase developer blog and API updates

In 2015 we plan to make substantive improvements to our developer platform, making it easier for you to build bitcoin apps and to successfully grow your users. This is the first post in our brand new developer blog and going forward we’ll be using this blog to announce changes and improvements among other updates.

During the last several weeks we have been hard at work improving API documentation, adding new endpoints, and making significant security improvements. Here’s a short update on the latest changes.

New API reference

We redesigned and updated our API reference which is now available over at developers.coinbase.com/api. Along with a new design, more information about API usage and libraries can be found from the documentation.

OAuth2 changes and 2 factor authentication

To improve user and developer experiences, we’ve improved our OAuth2 flow and we have made several security related changes.

  • all scope has been removed from OAuth and is only available with API key authentication. This makes it easier for users to understand which permissions and actions your application can perform on their accounts.
  • When requesting access to send scope you need to supply daily, weekly or monthly limit. This will be visible for the user when authorizing the application and they can later change the limits from their settings. Read more.
  • 2FA has been added to POST /transactions/send_money endpoint and the user is required to supply a correct 2FA code when making certain requests. It works similarly to sending money at Coinbase’s web application and the token is only required when the user has 2FA enabled. Applications may bypass 2FA with special permission, but 2FA is strongly recommended for most apps. Read more.

These changes only affect newly created OAuth applications (after 04 Dec 2013) so no changes are required to legacy apps but we encourage you to update your applications now. We may require an update to all legacy apps in the future.

New endpoints

  • GET /users/:id and GET /users/self - Show authenticated user’s information
  • GET /accounts/:id and GET /accounts/primary - Show an account
  • GET /transfers/:id - Show a transfer
  • POST /transfers/:id/commit - Commit a pending buy or sell
  • GET /buttons/:id_or_idem - Show a payment button
  • GET /addresses/:id_or_address - Show an address
  • POST /transactions/transfer_money - Transfer funds between two BTC accounts

To keep up with future announcements, subscribe to this blog and follow @coinbaseapi on Twitter.

Please note: We’re hiring engineers (both in our San Francisco office and remote anywhere in the world). If you’re interested in speaking with us about a role we’ve set up a coding challenge that you can take in about 30–45 minutes. You can also apply through our careers site if you prefer to start the conversation that way.

Written by Jori Lallo