Secrets Manager Go SDK
The Go language wrapper for interacting with the Bitwarden Secrets Manager. The SDK, like the Secrets Manager CLI built on-top of it, can be used to execute the following operations:
Authenticate using an access token.
Perform commands for secret and project including:
list
,create
,update
anddelete
.
note
This SDK is a beta release. Therefore, some functionality may be missing.
Setting up a Secrets Manager account prior to using the Go SDK is recommended. This includes:
Setting up machine accounts.
Setting up access tokens.
Go installed
C environment to run
CGO
On Linux, installing
musl-gcc
is recommended.
Locate the Go GitHub repository here.
To initialize the client, first import the SDK and create a new BitwardenClient
instance:
Bashimport "github.com/bitwarden/sdk-go"
apiURL := “https://api.bitwarden.com”
identityURL := “https://identity.bitwarden.com”
bitwardenClient, _ := sdk.NewBitwardenClient(&apiURL, &identityURL)
Login to the Secrets Manager client using an access token
. Define some statePath
and pass it to use state, or pass nil
instead to not use state.
BashstatePath := os.Getenv("STATE_PATH") // full path to desired state file
err := bitwardenClient.AccessTokenLogin(accessToken, &statePath)
Once the Bitwarden client has been created and authorized, Secrets Manager commands can be passed into the client.
The project command is used to access, manipulate, and create projects. The scope of access assigned to your machine account will determine what actions can be completed with the project
command.
create project
Bashproject, err := bitwardenClient.Projects.Create("organization_id", "project_name")
list projects
Bashprojects, err := bitwardenClient.Projects.List("organization_id")
update project
Bashproject, err := bitwardenClient.Projects.Update("project_id", "organization_id", "new_project_name")
delete project
Bashproject, err := bitwardenClient.Projects.Delete([]string{"project_id_1", "project_id_2"})
The secret command is used to access, manipulate and create secrets. As with all commands, secrets and projects outside your access token's scope of access cannot be read or written-to.
create secret
Bashsecret, err := bitwardenClient.Secrets.Create("key", "value", "note", "organization_id", []string{"project_id"})
list secrets
Bashsecrets, err := bitwardenClient.Secrets.List("organization_id")
get secret
Bashsecret, err := bitwardenClient.Secrets().Get("secret_id")
get multiple secrets
Bashsecrets, err := bitwardenClient.Secrets().GetByIDS([]string{"secret_id_1", "secret_id_2"})
update secret
Bashsecret, err := bitwardenClient.Secrets.Update("secret_id", "new_key", "new_value", "new_note", "organization_id", []string{"project_id"})
delete secrets
Bashsecret, err := bitwardenClient.Secrets.Delete([]string{"secret_id_1", "secret_id_2"})
sync secrets
BashsecretsSync, err := bitwardenClient.Secrets().Sync("organization_id", nil)
lastSyncedDate := time.Now()
secretsSync, err = bitwardenClient.Secrets().Sync("organization_id", lastSyncedDate)
Generate a password which can be used as a secret value
Bashrequest := sdk.PasswordGeneratorRequest{ AvoidAmbiguous: true, Length: 64, Lowercase: true, MinLowercase: new(int64), MinNumber: new(int64), MinSpecial: new(int64), MinUppercase: new(int64), Numbers: true, Special: true, Uppercase: true,
Bashdefer bitwardenClient.Close()
Suggest changes to this page
How can we improve this page for you?
For technical, billing, and product questions, please contact support