Search…
Go
Authenticate requests and manage Passage users with Go.
To use the Passage Go SDK, you'll need your Passage App ID. You can create a new Passage App in the console.

Authenticating a Request

Passage makes it easy to associate an HTTP request with an authenticated user. The following code can be used to validate that a request was made by an authenticated user.
1
import (
2
"net/http"
3
​
4
"github.com/passageidentity/passage-go"
5
)
6
​
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
​
9
// Authenticate this request using the Passage SDK:
10
psg, _ := passage.New("<PASSAGE_APP_ID>", nil)
11
_, err := psg.AuthenticateRequest(r)
12
if err != nil {
13
// 🚨 Authentication failed!
14
w.WriteHeader(http.StatusUnauthorized)
15
return
16
}
17
​
18
// βœ… Authentication successful. Proceed...
19
​
20
}
Copied!
By default, Passage looks for the user JWT from a cookie that is set by the Passage Element ( psg_auth_token ). If your application uses Authorization headers instead, you can pass the following option to the Passage Go SDK.
1
psg = Passage.new(PASSAGE_APP_ID, &passage.Config{
2
APIKey: PASSAGE_API_KEY,
3
HeaderAuth: true,
4
})
Copied!

Authorizing a User

It is important to remember that psg.AuthenticateRequest() validates that a request is properly authenticated and returns the authenticated user's Passage identifier, but an additional authorization check is typically required.
1
import (
2
"net/http"
3
​
4
"github.com/passageidentity/passage-go"
5
)
6
​
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
​
9
// Authenticate this request using the Passage SDK:
10
psg, _ := passage.New("<PASSAGE_APP_ID>", nil)
11
passageID, err := psg.AuthenticateRequest(r)
12
if err != nil {
13
// 🚨 Authentication failed!
14
w.WriteHeader(http.StatusUnauthorized)
15
return
16
}
17
​
18
// βœ‹ Authentication successful, but let's check authorization:
19
allowed := myAuthorizationCheck(passageID, "role.manager")
20
if !allowed {
21
// 🚨 Authorization failed!
22
w.WriteHeader(http.StatusForbidden)
23
return
24
}
25
26
// βœ… Authentication & authorization successful. Proceed...
27
​
28
}
Copied!

App Information

The Passage SDK provide a way to retreive information about an app.
1
import (
2
"net/http"
3
​
4
"github.com/passageidentity/passage-go"
5
)
6
​
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
​
9
psg, _ := passage.New("<PASSAGE_APP_ID>", nil)
10
11
passageAppInfo, err := psg.GetApp()
12
if err != nil {
13
// πŸ’€ Couldn't get the Passage App
14
w.WriteHeader(http.StatusInternalServerError)
15
return
16
}
17
}
18
​
Copied!

User Management

In addition to authenticating requests, the Passage SDK also provides a way to securely manage your users. These functions require authentication using a Passage API key. API keys can be managed in the Passage Console.
The functionality currently available on a user is:
  • Get a user's information
  • Activate or deactivate a user (a deactivated user will not be able to log in)
  • Update a user's information (email address or phone number)
Passage API Keys are sensitive! You should store them securely along with your other application secrets.
Get
Activate / Deactivate
Update
Delete
Create
1
import (
2
"net/http"
3
​
4
"github.com/passageidentity/passage-go"
5
)
6
​
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
​
9
psg, _ := passage.New("<PASSAGE_APP_ID>", &passage.Config{
10
APIKey: "<PASSAGE_API_KEY>",
11
})
12
passageUserID, err := psg.AuthenticateRequest(r)
13
if err != nil {
14
// 🚨 Authentication failed!
15
w.WriteHeader(http.StatusUnauthorized)
16
return
17
}
18
19
// The passageUserID returned above can be used to get user information:
20
passageUser, err := psg.GetUser(passageUserID)
21
if err != nil {
22
// πŸ’€ Couldn't get the Passage User
23
w.WriteHeader(http.StatusInternalServerError)
24
return
25
}
26
27
// The passageUser struct can now be inspected for detailed information
28
// about the user. A full list of fields can be found here:
29
// https://pkg.go.dev/github.com/passageidentity/passage-go#User
30
_ = passageUser
31
​
32
}
33
​
Copied!
1
import (
2
"net/http"
3
4
"github.com/passageidentity/passage-go"
5
)
6
​
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
​
9
psg, _ := passage.New("<PASSAGE_APP_ID>", &passage.Config{
10
APIKey: "<PASSAGE_API_KEY>",
11
})
12
​
13
// Get the Passage User ID from database
14
15
// The passageUserID returned above can be used deactivate a user
16
deactivatedUser, err := psg.DeactivateUser(passageUserID)
17
if err != nil {
18
// πŸ’€ Couldn't deactivate the user
19
w.WriteHeader(http.StatusInternalServerError)
20
return
21
}
22
23
// The passageUserID returned above can be used activate a user
24
activatedUser, err := psg.ActivateUser(passageUserID)
25
if err != nil {
26
// πŸ’€ Couldn't activate the user
27
w.WriteHeader(http.StatusInternalServerError)
28
return
29
}
30
​
31
}
Copied!
1
import (
2
"net/http"
3
4
"github.com/passageidentity/passage-go"
5
)
6
​
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
​
9
psg, _ := passage.New("<PASSAGE_APP_ID>", &passage.Config{
10
APIKey: "<PASSAGE_API_KEY>",
11
})
12
​
13
// Get the Passage User ID from database
14
15
// The passageUserID returned above can be used deactivate a user
16
userUpdateAttributes := UpdateBody{
17
18
Phone: "+15005550006"
19
}
20
passageUser, err := psg.updateUser(passageUserID, userUpdateAttributes)
21
if err != nil {
22
// πŸ˜” failed to update the user
23
w.WriteHeader(http.StatusInternalServerError)
24
return
25
}
26
​
27
}
Copied!
1
import (
2
"net/http"
3
4
"github.com/passageidentity/passage-go"
5
)
6
​
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
​
9
psg, _ := passage.New("<PASSAGE_APP_ID>", &passage.Config{
10
APIKey: "<PASSAGE_API_KEY>",
11
})
12
​
13
// Get the Passage User ID from database
14
15
// The passageUserID returned above can be used deactivate a user
16
passageUser, err := psg.DeleteUser(passageUserID)
17
if err != nil {
18
// πŸ’€ Couldn't delete the user
19
w.WriteHeader(http.StatusInternalServerError)
20
return
21
}
22
​
23
}
Copied!
1
import (
2
"net/http"
3
4
"github.com/passageidentity/passage-go"
5
)
6
​
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
​
9
psg, _ := passage.New("<PASSAGE_APP_ID>", &passage.Config{
10
APIKey: "<PASSAGE_API_KEY>",
11
})
12
​
13
// Get the Passage User ID from database
14
15
// The passageUserID returned above can be used deactivate a user
16
17
type CreateUserBody struct {
18
Email string `json:"email,omitempty"`
19
Phone string `json:"phone,omitempty"`
20
}
21
passageUser, err := psg.CreateUser(CreateUserBody{
22
23
})
24
if err != nil {
25
// πŸ’€ Couldn't create the user
26
w.WriteHeader(http.StatusInternalServerError)
27
return
28
}
29
​
30
}
Copied!

User Device Management

​
The functionality currently available is:
  • List all devices for a user
  • Revoke a particular device from a user
List Devices
Revoke Device
1
import (
2
"net/http"
3
4
"github.com/passageidentity/passage-go"
5
)
6
​
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
​
9
psg, _ := passage.New("<PASSAGE_APP_ID>", &passage.Config{
10
APIKey: "<PASSAGE_API_KEY>",
11
})
12
​
13
// Get the Passage User ID from database
14
15
// The passageUserID returned above can be used deactivate a user
16
passageDevices, err := psg.ListUserDevices(passageUserID)
17
if err != nil {
18
// πŸ’€ Couldn't list the user devices
19
w.WriteHeader(http.StatusInternalServerError)
20
return
21
}
22
​
Copied!
1
import (
2
"net/http"
3
4
"github.com/passageidentity/passage-go"
5
)
6
​
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
​
9
psg, _ := passage.New("<PASSAGE_APP_ID>", &passage.Config{
10
APIKey: "<PASSAGE_API_KEY>",
11
})
12
​
13
// Get the Passage User ID from database
14
15
// The passageUserID returned above can be used deactivate a user
16
success, err := psg.RevokeUserDevice(passageUserID, passageDeviceID)
17
if err != nil {
18
// πŸ’€ Couldn't delete the device
19
w.WriteHeader(http.StatusInternalServerError)
20
return
21
}
Copied!

Creating Magic Links

The Go SDK can be used to generate custom magic link (called "smart links") for users that can be embedded into any content medium. To learn more, see our full guide on Smart Links.
1
import (
2
"github.com/passageidentity/passage-go"
3
"fmt"
4
)
5
​
6
func main() {
7
psg, err := passage.New(PASSAGE_APP_ID, &passage.Config{
8
APIKey: PASSAGE_API_KEY,
9
})
10
11
createMagicLinkBody := passage.CreateMagicLinkBody{
12
13
RedirectURL: "/custom-path/1234",
14
}
15
16
magicLink, err := psg.CreateMagicLink(createMagicLinkBody)
17
// use magicLink.URL
18
fmt.Println(magicLink.URL)
19
}
Copied!

Go Reference

​​
​
​
For complete documentation on passage-go functions and types, check out the Go docs here.