Requirements
- Go 1.21 or later
- No external dependencies (standard library only)
Installation
The module path isgithub.com/AuthForgeCC/authforge-go. Add a released version (pin a v1.x.y tag you rely on):
github.com/AuthForgeCC/authforge-go. Run go mod tidy after editing go.mod.
- Local replace (forks / air-gap)
replace at a directory that contains the SDK’s go.mod, then run go mod tidy.Quick start
Config reference
SessionTTL
Requested lifetime of the session token returned by /auth/validate. Leave at 0 to accept the server default (24 hours). The server clamps the final value to [1h, 7d]. The requested TTL is preserved across heartbeat refreshes, so long-lived apps using LOCAL mode can extend their offline window up to 7 days.
Billing
- Each successful
Login()orValidateLicense()costs 1 credit (one/auth/validatedebit). - Heartbeats cost 1 credit per 10 successful calls (billed on every 10th heartbeat). Any
HeartbeatInterval ≥ 1sis economically safe. - Revocations take effect on the next heartbeat regardless of interval.
Validate license (no heartbeat)
ValidateLicense performs the same /auth/validate request and signature verification as Login, but does not persist session fields on the client, start the heartbeat goroutine, or invoke OnFailure for validate failures (network errors still return an error; repeated network failure does not call OnFailure when using ValidateLicense).
The SDK recognizes AUTHFORGE_SDK_TEST_NONCE for integration tests only; never set it in production (it pins the validate nonce).
Methods reference
Login and ValidateLicense return a LoginResult with:
SessionTokenExpiresInAppVariablesLicenseVariablesRequestID
Error handling
The Go SDK exposes sentinel errors so you can branch witherrors.Is: