Question 1

How do I set up go-oidc with Google Sign-In?

Accepted Answer

Use Google's issuer URL ('https://accounts.google.com') with `oidc.NewProvider`, configure the OAuth2 client with the provider's endpoint, and verify the ID token after the OAuth2 callback, as shown in the README example. Include the 'openid' scope and any additional scopes like 'email'.

Question 2

What's the difference between go-oidc and golang.org/x/oauth2?

Accepted Answer

go-oidc extends the standard OAuth2 package by adding OpenID Connect-specific features like ID token verification and provider discovery, whereas OAuth2 alone handles only OAuth2 authorization flows without OIDC support for user authentication.

Question 3

Does go-oidc handle refresh tokens automatically?

Accepted Answer

No, go-oidc does not automatically handle refresh tokens; you need to manage token refresh using the underlying OAuth2 package's capabilities, such as `oauth2.Config.Exchange`, as it focuses solely on OIDC verification and claims extraction.

Question 4

How to migrate from v2 to v3 of go-oidc?

Accepted Answer

Update your import path from 'github.com/coreos/go-oidc' to 'github.com/coreos/go-oidc/v3/oidc', and adjust any code using `NewRemoteKeySet` as its return type changed from an interface to `*RemoteKeySet`, as noted in the README's breaking changes section.

Question 5

Can I use go-oidc with Auth0 or Okta?

Accepted Answer

Yes, go-oidc works with any OIDC-compliant provider like Auth0 or Okta; simply use their issuer URLs (e.g., 'https://your-domain.auth0.com') when creating the provider and follow the standard integration steps from the README.

Question 6

What are common errors when verifying ID tokens with go-oidc?

Accepted Answer

Common errors include invalid token signatures (due to JWKS issues), expired tokens, or mismatched client IDs; ensure your verifier is configured with the correct client ID and that the token meets OIDC standards, handling errors in the `verifier.Verify` call.

go-oidc

What is go-oidc?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions