Go SDK Authentication - Documentation

Authentication

This section covers how to authenticate your requests when using the Go SDK. Securely accessing your resources is paramount, and our SDK provides straightforward methods to manage your credentials.

API Key Authentication

The primary method of authentication involves using an API key. You can obtain your API key from your account dashboard. It's crucial to keep your API key confidential.

To authenticate, you need to initialize the client with your API key. This can be done during client instantiation.

// Initialize the client with your API key
apiKey := "YOUR_SUPER_SECRET_API_KEY"
client, err := sdk.NewClient(apiKey)
if err != nil {
    // Handle error
    log.Fatalf("Failed to create client: %v", err)
}

// Now you can use the client to make authenticated requests
// For example:
// _, err = client.GetService().DoSomething(context.Background())
// if err != nil {
//     // Handle API error
// }

Environment Variables

For better security and flexibility, it is highly recommended to use environment variables to manage your API key. The Go SDK automatically looks for the environment variable YOUR_SDK_API_KEY.

Using Environment Variable:

Set the environment variable before running your application:

export YOUR_SDK_API_KEY="YOUR_SUPER_SECRET_API_KEY"

Then, initialize the client without passing the key explicitly:

// Initialize the client, it will automatically read from YOUR_SDK_API_KEY
client, err := sdk.NewClient("") // Empty string tells it to use env var
if err != nil {
    // Handle error
    log.Fatalf("Failed to create client: %v", err)
}

Token-based Authentication (OAuth 2.0)

For more advanced use cases involving user authorization, you might utilize token-based authentication (e.g., OAuth 2.0). This typically involves obtaining an access token from an authorization server and then using that token in your requests.

The Go SDK supports passing an OAuth 2.0 access token. You would typically manage the token acquisition process externally and then provide the token to the SDK.

// Obtain your OAuth 2.0 access token
accessToken := "YOUR_OAUTH_ACCESS_TOKEN"

// Initialize the client with the access token
client, err := sdk.NewClientWithToken(accessToken)
if err != nil {
    // Handle error
    log.Fatalf("Failed to create client: %v", err)
}

// Use the client for authenticated requests

Client Initialization Options

Function	Description	Example
`sdk.NewClient(apiKey string)`	Initializes the client using a provided API key.	`sdk.NewClient("my_key")`
`sdk.NewClient("")`	Initializes the client by reading the API key from the `YOUR_SDK_API_KEY` environment variable.	`sdk.NewClient("")`
`sdk.NewClientWithToken(token string)`	Initializes the client using an OAuth 2.0 access token.	`sdk.NewClientWithToken("bearer token123")`

Security Best Practices

Never hardcode API keys directly in your source code, especially if it's checked into version control.
Use environment variables or a secure secret management system.
Rotate your API keys periodically.
Grant the minimum necessary permissions to your API keys.
If using tokens, ensure your token acquisition and refresh mechanisms are secure.