Use the official Corbado Go SDK to simplify integrating passkey authentication and session management into your Go applications.
Once Corbado is integrated into your frontend, users can log in using passkeys. Upon successful login, they will receive a session-token.
By default, this session-token is stored in a cookie and sent to your backend with every request (if same-origin; refer to session-token handling for more details).
To verify if a user is authenticated and to retrieve user data, you must validate the session-token in your backend. The official SDK for your language facilitates this process with its validateToken()
(or similar) function.
The session-token is a JWT that requires validation. The validateToken()
(or similar) function performs the following tasks:
Below is an example of how to use the ValidateToken()
function. As previously mentioned, by default, the session-token is stored in a cookie and sent to your backend. You will need to retrieve this cookie based on the HTTP framework you are using.
You can find instructions for installing and initializing the Corbado Go SDK in the official README.
For more details, see the Corbado Go SDK documentation.