New API Keys: Coinbase Increases Security
Coinbase, an online trading platform for Bitcoin, based in the USA, is going one step further with wallet security. Every user is now able to get many API keys instead of just one. The API keys have a special security feature which in order to protect the user; the user has to sign during transactions and requests. In addition, with the multiple API keys, the user is now able to set granular permissions, or control and access your data, and can whitelist IPs separately for each key.
API Keys with Different Permissions
An API is not a user interface, it is a software-to-software interface in which different applications talk to one another without the knowledge or intervention from users. Initially, Coinbase offered users only one API key that would enable users to make different requests to the Coinbase API. This fact meant that you had to be super cautious with your API key since you only had one.
Coinbase introducing multiple API keys is great because each key has different permissions. This means that you can now assign different roles to your keys. With this, the user has more control over their online wallet.
Old Keys and new HMAC keys
Coinbase is making another change in their system; they are “deprecating the old style of API keys.” Instead, they are making it so that all new keys,
“will be accompanied by a secret, that you will use to sign requests as you make them.”
This is known as HMAC Authentication. More information can be found in the Coinbase API docs.
Coinbase also says that the old API key is still working. It has just
“been migrated to the new multi-key architecture and you will see it in the list of API keys, marked as deprecated.”
Coinbase recommends that every user move onto the new API keys + Secret. If you still haven’t gotten the picture, Coinbase further says that they will be stopping any support for the old keys in August 2014.
Benefits of the Multiple API Keys
There is more security with every key. This is because when you create or edit the keys, you have the new option of specifying which job or permission the key will allow. You are also now able to whitelist certain IP addresses to ensure everything goes smoothly.
There is more security with each step. Coinbase has made it so that when you “create a new API key, edit an existing API key, or view an API key” you are asked for your password or the two-step authentication.
Coinbase also says,
“You are also prompted for a special security token that is e-mailed to you whenever you try to re-enable a disabled API key.”
In addition, the user can see when each API key was created and also when the last update was made to it. With all of this, Coinbase hopes to become a safe and reliable platform for Bitcoin users to store their coins.
Click for image
Good way of telling, and pleasant article to obtain information concerning my presentation subject, which i am going to convey in institution of higher education
I think that is one of the so much important info for me. And i am happy reading your article. But want to observation on few general issues, The website taste is great, the articles is truly excellent.
Every weekend i used to pay a quick visit this website, because i wish for enjoyment, since this this website conations really fastidious funny stuff too.
I carry on listening to the news update lecture about receiving boundless online grant applications so I have been looking around for the finest site to get one. Could you advise me please, where could i get some?