Secrets Manager Go SDK

The Go language wrapper for interacting with the Bitwarden Secrets Manager. The SDK, like the Secrets Manager CLI built on-top of it, can be used to execute the following operations:

• Authenticate using an access token.

• Retrieve a single secret or all secrets in a project.

• List all secrets, secrets in a project, or projects.

Setting up a Secrets Manager account prior to using the Go SDK is recommended. This includes:

• Enabling the Secrets Manager CLI.

• Setting up machine accounts.

• Setting up access tokens.

• Go installed

• C environment to run CGO

Locate the Go GitHub repository here.

To initialize the client, first import the SDK and create a new BitwardenClient instance:

BashCopy
import "github.com/bitwarden/sdk/languages/go"

bitwardenClient, _ := sdk.NewBitwardenClient(&apiURL, &identityURL)

Login to the Secrets Manager client using an access token. Define some statePath and pass it to use state, or pass nil instead to not use state.

BashCopy
statePath := os.Getenv("STATE_PATH")

err := bitwardenClient.AccessTokenLogin(accessToken, &statePath)

Once the Bitwarden client has been created and authorized, Secrets Manager CLI commands can be passed into the client.

The project command is used to access, manipulate, and create projects. The scope of access assigned to your machine account will determine what actions can be completed with the project command.

create project

BashCopy
project, err := client.Projects.Create("organization_id", "project_name")

list projects

BashCopy
projects, err := client.Projects.List("organization_id")

update project

BashCopy
project, err := client.Projects.Update("project_id", "organization_id", "new_project_name")

delete project

BashCopy
project, err := client.Projects.Delete([]string{"project_id_1", "project_id_2"})

The secret command is used to access, manipulate and create secrets. As with all commands, secrets and projects outside your access token's scope of access cannot be read or written-to.

create secret

BashCopy
secret, err := client.Secrets.Create("key", "value", "note", "organization_id", []string{"project_id"})

list secrets

BashCopy
secrets, err := client.Secrets.List("organization_id")

update secret

BashCopy
secret, err := client.Secrets.Update("secret_id", "new_key", "new_value", "new_note", "organization_id", []string{"project_id"})

delete secrets

BashCopy
secret, err := client.Secrets.Delete([]string{"secret_id_1", "secret_id_2"})

BashCopy
defer bitwardenClient.Close()