Qeet Docs
SDKs

Go SDK

Server-side Go client (stdlib-only) — verify ES256 sessions against JWKS, run authorization checks, and manage users and tenants.

github.com/qeetgroup/qeetid-go is the server-side Go SDK — no third-party dependencies (standard library only). It verifies sessions against the public JWKS, runs authorization checks, and manages users and tenants.

terminal
Bash
go get github.com/qeetgroup/qeetid-go

Initialize

Import the package as qeetidsdk so the client value can be named qeetid without shadowing the package. Authenticate with a secret API key (qk_…) — never embed it in client code.

main.go
import (
    "context"
    "os"

    qeetidsdk "github.com/qeetgroup/qeetid-go"
)

qeetid := qeetidsdk.New(qeetidsdk.Options{APIKey: os.Getenv("QEETID_API_KEY")})
ctx := context.Background()

Verify a session

Local — verifies the ES256 signature against the cached JWKS, then expiry/issuer/audience.

Go
claims, err := qeetid.Sessions.Verify(ctx, accessToken)
// claims.UserID, claims.TenantID

Authorize

Go
ok, err := qeetid.Can(ctx, qeetidsdk.PermissionCheck{
    User:       claims.UserID,
    Tenant:     claims.TenantID,
    Permission: "billing:write",
})
// qeetid.CanAll(ctx, user, tenant, perms) → true only if all pass

Manage users & tenants

Go
user, err := qeetid.Users.Create(ctx, qeetidsdk.CreateUserInput{Email: "new@acme.com"})
page, err := qeetid.Users.List(ctx, qeetidsdk.ListParams{Tenant: "acme", Limit: 50})

Users.{Create,Get,Update,Delete,SetPassword,List} and Tenants.{Create,Get,Update,Delete,List} are available.

Errors

Failed calls return a *qeetid.Error with Status, Code, Message, and RequestID:

Go
user, err := qeetid.Users.Get(ctx, "usr_missing")
var apiErr *qeetidsdk.Error
if errors.As(err, &apiErr) {
    switch {
    case apiErr.IsNotFound():     // 404
    case apiErr.IsRateLimited():  // 429 — apiErr.RetryAfterSeconds
    case apiErr.IsUnauthorized(): // 401 — bad API key
    }
}

429 and idempotent 5xx are retried automatically with backoff, honoring Retry-After.

Configuration

Go
qeetidsdk.New(qeetidsdk.Options{
    APIKey:     "qk_…",                    // required
    BaseURL:    "https://api.qeetid.com",  // default
    HTTPClient: &http.Client{Timeout: 10 * time.Second},
})

Server-only

The Go SDK holds a qk_… API key and sends it as Authorization: ApiKey. Keep it server-side.

React SDK

@qeetid/react — client components and hooks for the hosted-login flow: SignedIn/SignedOut, useUser, useAuth, and sign-in/out buttons.

Python SDK

Server-side Python client — verify ES256 sessions locally against JWKS, run authorization checks, and manage users and tenants.

On this page

InitializeVerify a sessionAuthorizeManage users & tenantsErrorsConfiguration