Reference the ITSME® library to get started.

import (


Initialize the ITSME® client with your configuration. Replace my_private_jwks.json with your actual key file by reading the content or adding it as a string.

jwks, err := ioutil.ReadFile("jwks_private.json")
if (err != nil) {
    return err
settings := pip.ItsmeSettings{
    ClientID: "my_client_id",
	RedirectURI: "https://i/redirect",
	PrivateJWKSet : string(jwks),
itsme := pip.NewItsmeClient(settings)

Crafting an ITSME® redirect URL:

urlConfig := pip.URLConfiguration{
    Scopes:      []string{"profile", "email"},
    ServiceCode: "my_service_code",
url, err := itsme.GetAuthenticationURL(urlConfig)

Once generated, you can use this to redirect to itsme. After succesful authentication by the user, ITSME® will redirect to your configured backend url with an authorization code.

Exchanging the authorization_code

user, err := itsme.GetUserDetails("authorization_code")

The returned user contains all the information requested by you. Make sure to only use the sub identifier to link or reference an ITSME® user from your data as all other parameters can be subject to change.

As an extra means of flexibility, allow the update of the sub identifier for existing users as well. Due to security reasons, it can happen existing users are migrated to a new identifier, so for logged in users allow to update their ITSME® linked account.