Overview
The official Go modulegithub.com/0xkey-io/sdk-go provides:
- Generated API client (go-swagger) for 0xkey activities
- API key generation and request signing (
pkg/apikey) - HPKE enclave encryption for OTP and import/export (
pkg/enclave_encrypt) - Session JWT verification (
pkg/crypto) - Local key storage (
pkg/store/local)
Prerequisites
- Go 1.21+
- A 0xkey organization (Quickstart)
- An API keypair registered to that organization (private key stays on your machine)
examples/apikey helper. A standalone 0xkey CLI is Coming soon.
Installation
v0.1.0 on pkg.go.dev.
Configure API keys
The SDK reads keys from~/.config/0xkey/keys/ when you pass sdk.WithAPIKeyName("default").
After creating a key with the CLI, ensure the key name matches what you pass to WithAPIKeyName. Alternatively, load a key programmatically:
First request (Whoami)
examples/whoami.
Custom API host
For staging or local-gateway:examples/email_otp.
Sub-packages
Import sub-packages independently when you do not need the full
sdk.New() wrapper.
Example workflows
Error handling
API errors can be inspected as*runtime.APIError:
sdk.WithLogger(yourLogger) — see Go SDK overview.
Next steps
Delegated access
Policy-scoped backend signing
TypeScript server
Node.js equivalent of server automation
API stamps
How requests are authenticated
pkg.go.dev
Generated API reference