Skip to content
Get help

Coinbase Wallet API - Spend Permissions

The coinbase_fetchPermissions RPC method retrieves permissions associated with a specific account, chain, and spender. This method excludes permissions that have expired or been revoked.

Overview

RPC Method: coinbase_fetchPermissions

Endpoint: https://rpc.wallet.coinbase.com

This RPC method allows you to query active spend permissions for an account on a specific chain and spender.

Example Request

Below is an example of how to use the coinbase_fetchPermissions method with a cURL request:

curl --location 'https://rpc.wallet.coinbase.com' \
--header 'Content-Type: application/json' \
--data '{
  "jsonrpc": "2.0",
  "method": "coinbase_fetchPermissions",
  "params": [
    {
      "account": "0xfB2adc8629FC9F54e243377ffcECEb437a42934C",
      "chainId": "0x14A34",
      "spender": "0x2a83b0e4462449660b6e7567b2c81ac6d04d877d"
    }
  ],
  "id": 1
}'

Request Schema

type FetchPermissionsRequest = {
  chainId: string; // hex, uint256
  account: string; // address
  spender: string; // address
  pageOptions?: {
    pageSize: number; // number of items requested, defaults to 50
    cursor: string; // identifier for where the page should start
  };
};

Parameters

  • chainId: The ID of the blockchain, in hexadecimal format.
  • account: The address of the account whose permissions are being queried.
  • spender: The entity granted with the permission to spend the account's funds.
  • pageOptions (optional):
    • pageSize: The number of permissions to fetch in a single request (default: 50).
    • cursor: A unique identifier to start fetching from a specific page.

Response Schema

type FetchPermissionsResult = {
  permissions: FetchPermissionsResultItem[];
  pageDescription: {
    pageSize: number; // number of items returned
    nextCursor: string; // identifier for where the next page should start
  };
};
 
type FetchPermissionsResultItem = {
  createdAt: number; // UTC timestamp for when the permission was granted
  permissionHash: string; // hex
  signature: string; // hex
  permission: {
    account: string; // address
    spender: string; // address
    token: string; // address
    allowance: string; // base 10 numeric string
    period: number; // unix seconds
    start: number; // unix seconds
    end: number; // unix seconds
    salt: string; // base 10 numeric string
    extraData: string; // hex
  };
};

Fields

  • permissions: An array of permission objects.
  • pageDescription:
    • pageSize: Number of permissions returned in this response.
    • nextCursor: The cursor to be used for the next page of results.

Permission Object

  • createdAt: The UTC timestamp when the permission was granted.
  • permissionHash: A unique hash representing the permission.
  • signature: The cryptographic signature for the permission.
  • permission:
    • account: The address of the account granting the permission.
    • spender: The address of the spender receiving the permission.
    • token: The address of the token involved.
    • allowance: The amount allowed, represented as a base 10 numeric string.
    • period: Duration of the permission in Unix seconds.
    • start: Start time of the permission in Unix seconds.
    • end: End time of the permission in Unix seconds.
    • salt: A unique salt value as a base 10 numeric string.
    • extraData: Additional data in hexadecimal format.

Notes

  • Ensure the chainId, account, and spender parameters are correctly formatted and valid for the blockchain you are querying.
  • This RPC method only returns active permissions.