> ## Documentation Index
> Fetch the complete documentation index at: https://docs.kavachos.com/llms.txt
> Use this file to discover all available pages before exploring further.
# Coinbase
> Authenticate users via Coinbase OAuth 2.0 with `coinbaseProvider`. Covers app registration, redirect URI setup, and wallet read scopes for account sign-in.
## Get credentials
### Create an OAuth application
Go to [Coinbase Developer Platform](https://www.coinbase.com/settings/api) and create a new OAuth2 application.
Set the **Redirect URI** to:
```
https://your-app.com/api/kavach/auth/oauth/callback/coinbase
```
### Copy your credentials
After creating the app, copy the **Client ID** and **Client Secret** from the application settings.
## Configuration
```typescript title="lib/kavach.ts" theme={"system"}
import { createKavach } from 'kavachos';
import { oauth, coinbaseProvider } from 'kavachos/auth';
const kavach = await createKavach({
database: { provider: 'postgres', url: process.env.DATABASE_URL! },
secret: process.env.KAVACH_SECRET!,
baseUrl: 'https://your-app.com',
plugins: [
oauth({
providers: [
coinbaseProvider(
process.env.COINBASE_CLIENT_ID!,
process.env.COINBASE_CLIENT_SECRET!,
),
],
}),
],
});
```
```bash theme={"system"}
COINBASE_CLIENT_ID=...
COINBASE_CLIENT_SECRET=...
```
## Scopes
Default scope: `wallet:user:read`, `wallet:user:email`
| Scope | What it unlocks |
| ---------------------- | ---------------------------------- |
| `wallet:user:read` | Read user profile and account info |
| `wallet:user:email` | Read user's email address |
| `wallet:accounts:read` | Read wallet account balances |
Coinbase scopes use a namespaced format (`wallet:resource:action`). Request only the scopes your app needs. Users see the full permission list during authorization.
## Endpoints
| Method | Path | Description |
| ------ | -------------------------------- | -------------------- |
| GET | `/auth/oauth/authorize/coinbase` | Redirect to Coinbase |
| GET | `/auth/oauth/callback/coinbase` | Handle callback |