wallet:transactions:send scope.
When 2FA is required, the API responds with a 402 status and two_factor_required error. To successfully complete the request, you must make the same request again with the user’s 2FA token in the CB-2FA-TOKEN header together with the current access token.
Here’s a step by step example:
- User sends funds and the app calls POST api.coinbase.com/v2/accounts/primary/transactions.
- Server responds with 402and sends the user a 2FA token via SMS if he doesn’t have Authy installed.
- App re-plays the request from step 1 with exactly same parameters and the 2FA token in the CB-2FA-TOKENheader.
- Transaction is sent and 201 CREATEDstatus code is returned.
2FA tokens expire quickly, so you must re-try the request after the user supplies their token.