Skip to main content
Request options allow you to customize the behavior of individual API calls in the Auth0 Go SDK. These options can be passed as the last parameter to most API methods.

Overview

All request option functions return a RequestOption type that can be passed to API methods. Multiple options can be combined by passing them as separate arguments. Example: 
import (
    "net/http"
    "github.com/auth0/go-auth0/v2/management"
    "github.com/auth0/go-auth0/v2/management/option"
)

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithHTTPHeader(http.Header{
        "X-Custom-Header": []string{"value"},
    }),
    option.WithMaxAttempts(3),
)

Authentication Options

WithToken

func WithToken(token string) *core.TokenOption
Sets the Authorization: Bearer <token> request header with a static token. Note: If a TokenSource is also configured (via WithClientCredentials, WithClientCredentialsPrivateKeyJwt, or WithTokenSource), the TokenSource takes priority and this static token will be ignored. Example: 
import "github.com/auth0/go-auth0/v2/management/option"

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithToken("your-access-token"),
)

WithClientCredentials

func WithClientCredentials(
    ctx context.Context,
    clientID string,
    clientSecret string,
) *core.ClientCredentialsOption
Configures OAuth2 client credentials authentication using a client ID and secret. The SDK will automatically fetch and refresh tokens from the Auth0 token endpoint. This option is mutually exclusive with other token source options. Example: 
import "github.com/auth0/go-auth0/v2/management/option"

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithClientCredentials(ctx, "client-id", "client-secret"),
)

WithClientCredentialsAndAudience

func WithClientCredentialsAndAudience(
    ctx context.Context,
    clientID string,
    clientSecret string,
    audience string,
) *core.ClientCredentialsAndAudienceOption
Configures OAuth2 client credentials authentication using a client ID, secret, and a custom audience. Example: 
import "github.com/auth0/go-auth0/v2/management/option"

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithClientCredentialsAndAudience(
        ctx,
        "client-id",
        "client-secret",
        "https://example.auth0.com/api/v2/",
    ),
)

WithClientCredentialsPrivateKeyJwt

func WithClientCredentialsPrivateKeyJwt(
    ctx context.Context,
    clientID string,
    privateKey string,
    algorithm string,
) *core.ClientCredentialsPrivateKeyJwtOption
Configures OAuth2 client credentials authentication using private key JWT assertion. Example: 
import "github.com/auth0/go-auth0/v2/management/option"

privateKey := `-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----`

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithClientCredentialsPrivateKeyJwt(
        ctx,
        "client-id",
        privateKey,
        "RS256",
    ),
)

WithClientCredentialsPrivateKeyJwtAndAudience

func WithClientCredentialsPrivateKeyJwtAndAudience(
    ctx context.Context,
    clientID string,
    privateKey string,
    algorithm string,
    audience string,
) *core.ClientCredentialsPrivateKeyJwtAndAudienceOption
Configures OAuth2 client credentials authentication using private key JWT assertion with a custom audience. Example: 
import "github.com/auth0/go-auth0/v2/management/option"

privateKey := `-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----`

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithClientCredentialsPrivateKeyJwtAndAudience(
        ctx,
        "client-id",
        privateKey,
        "RS256",
        "https://example.auth0.com/api/v2/",
    ),
)

WithTokenSource

func WithTokenSource(tokenSource oauth2.TokenSource) *core.TokenSourceOption
Sets a custom oauth2.TokenSource for acquiring access tokens. This allows users to provide their own token management strategy, such as caching tokens across multiple services or using a custom token provider. The SDK calls TokenSource.Token() on every request to obtain the access token. If token caching is desired, wrap the source with oauth2.ReuseTokenSource: 
option.WithTokenSource(oauth2.ReuseTokenSource(nil, myTokenSource))
This option is mutually exclusive with other token source options. Note: When a TokenSource is configured, it takes priority over any static token set via WithToken. Example: 
import (
    "golang.org/x/oauth2"
    "github.com/auth0/go-auth0/v2/management/option"
)

tokenSource := oauth2.StaticTokenSource(
    &oauth2.Token{AccessToken: "your-token"},
)

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithTokenSource(tokenSource),
)

HTTP Configuration

WithBaseURL

func WithBaseURL(baseURL string) *core.BaseURLOption
Sets the base URL, overriding the default environment, if any. Example: 
import "github.com/auth0/go-auth0/v2/management/option"

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithBaseURL("https://custom.auth0.com"),
)

WithHTTPClient

func WithHTTPClient(httpClient core.HTTPClient) *core.HTTPClientOption
Uses the given HTTPClient to issue the request. Example: 
import (
    "net/http"
    "time"
    "github.com/auth0/go-auth0/v2/management/option"
)

customClient := &http.Client{
    Timeout: 30 * time.Second,
}

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithHTTPClient(customClient),
)

WithHTTPHeader

func WithHTTPHeader(httpHeader http.Header) *core.HTTPHeaderOption
Adds the given http.Header to the request. The headers are cloned so they can’t be modified after the option call. Example: 
import (
    "net/http"
    "github.com/auth0/go-auth0/v2/management/option"
)

headers := http.Header{
    "X-Custom-Header": []string{"value"},
    "X-Request-ID":    []string{"12345"},
}

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithHTTPHeader(headers),
)

WithMaxAttempts

func WithMaxAttempts(attempts uint) *core.MaxAttemptsOption
Configures the maximum number of retry attempts. Example: 
import "github.com/auth0/go-auth0/v2/management/option"

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithMaxAttempts(5),
)

Request Parameters

WithQueryParameters

func WithQueryParameters(queryParameters url.Values) *core.QueryParametersOption
Adds the given query parameters to the request. The parameters are copied so they can’t be modified after the option call. Example: 
import (
    "net/url"
    "github.com/auth0/go-auth0/v2/management/option"
)

queryParams := url.Values{
    "include_fields": []string{"true"},
    "fields":         []string{"client_id,name"},
}

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithQueryParameters(queryParams),
)

WithBodyProperties

func WithBodyProperties(
    bodyProperties map[string]interface{},
) *core.BodyPropertiesOption
Adds the given body properties to the request. The properties are copied so they can’t be modified after the option call. Example: 
import "github.com/auth0/go-auth0/v2/management/option"

bodyProps := map[string]interface{
    "custom_field": "value",
    "metadata": map[string]string{
        "key": "value",
    },
}

err := api.Client.Update(
    ctx,
    clientID,
    &management.Client{Name: auth0.String("Updated Name")},
    option.WithBodyProperties(bodyProps),
)

Debugging and Diagnostics

WithDebug

func WithDebug(debug bool) *core.DebugOption
Configures the HTTP client to enable debug logging of requests and responses. Example: 
import "github.com/auth0/go-auth0/v2/management/option"

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithDebug(true),
)

WithUserAgent

func WithUserAgent(userAgent string) *core.UserAgentOption
Configures the HTTP client to use a custom User-Agent header. Example: 
import "github.com/auth0/go-auth0/v2/management/option"

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithUserAgent("MyApp/1.0"),
)

WithAuth0ClientEnvEntry

func WithAuth0ClientEnvEntry(
    key string,
    value string,
) *core.Auth0ClientEnvEntryOption
Allows adding extra environment keys to the client information. Example: 
import "github.com/auth0/go-auth0/v2/management/option"

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithAuth0ClientEnvEntry("runtime", "go1.24"),
)

WithNoAuth0ClientInfo

func WithNoAuth0ClientInfo() *core.NoAuth0ClientInfoOption
Configures the client to not send the “Auth0-Client” header at all. Example: 
import "github.com/auth0/go-auth0/v2/management/option"

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithNoAuth0ClientInfo(),
)

Advanced Options

WithCustomDomainHeader

func WithCustomDomainHeader(domain string) *core.CustomDomainHeaderOption
Sets the custom domain for the Management instance. The custom domain header is only sent for whitelisted API endpoints. Example: 
import "github.com/auth0/go-auth0/v2/management/option"

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithCustomDomainHeader("login.example.com"),
)

WithInsecure

func WithInsecure() *core.InsecureOption
Configures the client to allow HTTP instead of HTTPS and sets a static “insecure” token for testing. This option is available for testing purposes and should not be used in production. Note: Users should pass the domain without a scheme (e.g., “localhost:8080”). Example: 
import "github.com/auth0/go-auth0/v2/management/option"

// For testing only
client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithInsecure(),
)

Combining Multiple Options

You can pass multiple request options to customize the behavior of a single API call: 
import (
    "net/http"
    "net/url"
    "github.com/auth0/go-auth0/v2/management/option"
)

client, err := api.Client.Read(
    ctx,
    clientID,
    option.WithHTTPHeader(http.Header{
        "X-Request-ID": []string{"12345"},
    }),
    option.WithQueryParameters(url.Values{
        "include_fields": []string{"true"},
    }),
    option.WithMaxAttempts(3),
    option.WithDebug(true),
)

Best Practices

  1. Use request options sparingly: Most API calls work fine with default settings. Only use options when you need custom behavior.
  2. Prefer client-level configuration: If you need the same option for all requests, configure it at the client level instead of passing it to every method.
  3. Be careful with authentication options: Token source options are mutually exclusive. Only use one per request.
  4. Don’t use WithInsecure in production: This option is for testing only and should never be used in production environments.
  5. Enable debug logging carefully: Debug mode logs sensitive information. Only enable it during development.

See Also

Build docs developers (and LLMs) love

Get started for freeTalk to us