Coinbase Developer Platform (CDP) vs Legacy Keys

Advanced Trade and Sign in with Coinbase APIs support API key authentication with keys generated on CDP. This FAQ is for developers upgrading their integration for use with CDP keys.

How do CDP and Legacy headers differ?

Legacy keys set custom request headers (CB-ACCESS-*) while CDP keys use standard Authorization Header. CDP keys are used to generate a JWT that's set as a Authorization Bearer token.

Which key should I use in my app?

If you already have users with legacy keys, you should continue to authenticate them using CB-ACCESS-* headers; but you should accept our new key inputs and generate Authorization Bearer token headers.

How do I distinguish CDP and Legacy API keys?

CDP API Keys

Key names match the following string format: “organizations/-/apiKeys/-“.

Example: "organizations/test-organization/apiKeys/test-api-key"

Key secrets are in PEM format.

Example: "-----BEGIN EC PRIVATE KEY-----\key-secret\n-----END EC PRIVATE KEY-----\n"

Legacy API Keys

Legacy keys are random alphanumeric strings, both for their key name and secret.

How do I generate Bearer tokens with new keys?

See our authentication guide on how to Create API Keys.

Was this helpful?

How do CDP and Legacy headers differ?​

Which key should I use in my app?​

How do I distinguish CDP and Legacy API keys?​

CDP API Keys​

Legacy API Keys​

How do I generate Bearer tokens with new keys?​