Avnology ID
SDKsGo SDKAuthentication

Login

Authenticate users server-side with the Go SDK.

Login

Server-side authentication methods. The Go SDK is typically used for backend services that validate tokens, manage users, and check permissions -- not for initiating browser-based auth flows.

Login()

Authenticate with email and password (server-to-server).

func (a *AuthService) Login(ctx context.Context, params *LoginParams) (*Session, error)

Parameters

FieldTypeRequiredDescription
EmailstringyesUser's email address
PasswordstringyesUser's password
OrganizationIDstringnoScope to an organization

Basic usage

session, err := client.Auth.Login(ctx, &avnologyid.LoginParams{
    Email:    "[email protected]",
    Password: "SecurePassword123!",
})
if err != nil {
    log.Fatal(err)
}

fmt.Println(session.ID)                        // "ses_abc123"
fmt.Println(session.Identity.Email)            // "[email protected]"
fmt.Println(session.AuthenticatorAssuranceLevel) // "aal1"

Error handling

import "github.com/avnology/sdk-go/errors"

session, err := client.Auth.Login(ctx, params)
if err != nil {
    var invalidCreds *errors.InvalidCredentialsError
    var accountLocked *errors.AccountLockedError
    var mfaRequired *errors.MfaRequiredError
    var rateLimited *errors.RateLimitError

    switch {
    case errors.As(err, &invalidCreds):
        fmt.Println("Invalid email or password")
    case errors.As(err, &accountLocked):
        fmt.Printf("Account locked. Retry after %d seconds\n", accountLocked.RetryAfter)
    case errors.As(err, &mfaRequired):
        fmt.Printf("MFA required. Flow: %s, Methods: %v\n",
            mfaRequired.FlowID, mfaRequired.AvailableMethods)
    case errors.As(err, &rateLimited):
        fmt.Printf("Rate limited. Retry after %d seconds\n", rateLimited.RetryAfter)
    default:
        log.Fatalf("Unexpected error: %v", err)
    }
}

GetSession()

Validate a session token and retrieve session data.

func (a *AuthService) GetSession(ctx context.Context, params *GetSessionParams) (*Session, error)

Parameters

FieldTypeRequiredDescription
SessionTokenstringnoSession token (from cookie or header)
SessionCookiestringnoSession cookie value

Basic usage

session, err := client.Auth.GetSession(ctx, &avnologyid.GetSessionParams{
    SessionToken: tokenFromHeader,
})
if err != nil {
    // Session invalid or expired
    http.Error(w, "Unauthorized", http.StatusUnauthorized)
    return
}

fmt.Println(session.Identity.Email)

ListSessions()

List all active sessions for a user.

sessions, err := client.Auth.ListSessions(ctx, &avnologyid.ListSessionsParams{
    PageSize: 25,
})

Logout()

Revoke the current session.

err := client.Auth.Logout(ctx)

RevokeSession()

Revoke a specific session by ID.

err := client.Auth.RevokeSession(ctx, &avnologyid.RevokeSessionParams{
    SessionID: "ses_abc123",
})

See also

Configuration

Advanced configuration options for the Go SDK including retry policies, custom HTTP clients, and context usage.

Register

Create user accounts programmatically with the Go SDK.

On this page

LoginLogin()ParametersBasic usageError handlingGetSession()ParametersBasic usageListSessions()Logout()RevokeSession()See also