Skip to main content
The Authentication API provides methods for authenticating users, managing tokens, and performing authentication-related operations using the Auth0 Authentication API.

Installation

go get github.com/auth0/go-auth0/v2

Basic Usage

import (
    "context"
    "github.com/auth0/go-auth0/v2/authentication"
    "github.com/auth0/go-auth0/v2/authentication/oauth"
)

auth, err := authentication.New(
    context.TODO(),
    "your-domain.auth0.com",
    authentication.WithClientID("your-client-id"),
    authentication.WithClientSecret("your-client-secret"),
)
if err != nil {
    // handle error
}

Available Managers

The Authentication client provides access to several specialized managers:
  • Database - Database authentication (signup, password change)
  • OAuth - OAuth 2.0 flows (authorization code, password, client credentials, etc.)
  • MFA - Multi-factor authentication operations
  • Passwordless - Passwordless authentication via email or SMS
  • CIBA - Client-Initiated Backchannel Authentication

Configuration Options

The client can be configured with various options during initialization: 
auth, err := authentication.New(
    context.TODO(),
    domain,
    authentication.WithClientID("your-client-id"),
    authentication.WithClientSecret("your-client-secret"),
    authentication.WithIDTokenSigningAlg("RS256"),
    authentication.WithIDTokenClockTolerance(10 * time.Second),
    authentication.WithRetryStrategy(authentication.RetryStrategy{
        MaxRetries: 3,
        Statuses:   []int{429, 500, 502, 503, 504},
    }),
)

User Info

Retrieve user profile information using an access token: 
user, err := auth.UserInfo(ctx, accessToken)
if err != nil {
    // handle error
}

fmt.Println("User ID:", user.Sub)
fmt.Println("Email:", user.Email)
fmt.Println("Name:", user.Name)

Error Handling

The package exports an authentication.Error type for handling API errors: 
tokens, err := auth.OAuth.LoginWithPassword(ctx, oauth.LoginWithPasswordRequest{
    Username: "[email protected]",
    Password: "password",
}, oauth.IDTokenValidationOptions{})

if err != nil {
    if aerr, ok := err.(*authentication.Error); ok {
        if aerr.Err == "mfa_required" {
            // Handle MFA requirement
        }
    }
}

Types

UserInfoResponse

Response from the user info API:
sub
string
The Auth0 user identifier
name
string
Full name of the user
given_name
string
Given name(s) or first name(s) of the user
family_name
string
Surname(s) or last name(s) of the user
middle_name
string
Middle name(s) of the user
nickname
string
Casual name of the user
preferred_username
string
Shorthand name by which the user wishes to be referred
profile
string
URL of the user’s profile page
picture
string
URL of the user’s profile picture
website
string
URL of the user’s web page or blog
email
string
The user’s preferred email address
email_verified
bool
Whether the user’s email address has been verified
gender
string
The user’s gender
birthdate
string
The user’s birthday in ISO 8601:2004 YYYY-MM-DD format
zoneinfo
string
User’s time zone as a tz database name
locale
string
The user’s locale as a BCP47 language tag
phone_number
string
The user’s preferred telephone number
phone_number_verified
bool
Whether the user’s phone number has been verified
address
*UserAddress
The user’s preferred postal address
updated_at
*time.Time
Time and date the user’s information was last updated
additional_claims
map[string]interface{}
Unknown claims in the response that are not defined in the struct

UserAddress

formatted
string
Full mailing address, formatted for display
street_address
string
Full street address component
locality
string
City or locality component of the address
region
string
State, province, or region component
postal_code
string
Zip or postal code component
country
string
Country component of the address

See Also

Build docs developers (and LLMs) love

Get started for freeTalk to us