Programming language: Go
License: BSD 2-clause "Simplified" License

yubigo alternatives and similar packages

Based on the "Authentication & OAuth" category.
Alternatively, view yubigo alternatives based on common mentions on social networks and blogs.

Do you think we are missing an alternative of yubigo or a related project?

Add another 'Authentication & OAuth' Package



Yubigo is a Yubikey client API library that provides an easy way to integrate the Yubikey into any Go application.


Installation is simple. Use go get: go get github.com/GeertJohan/yubigo


Make sure to import the library: import "github.com/GeertJohan/yubigo"

For use with the default Yubico servers, make sure you have an API key. Request a key.

Basic OTP checking usage:

// create a new yubiAuth instance with id and key
yubiAuth, err := yubigo.NewYubiAuth("1234", "fdsaffqaf4vrc2q3cds=")
if err != nil {
    // probably an invalid key was given

// verify an OTP string
result, ok, err := yubiAuth.Verify("ccccccbetgjevivbklihljgtbenbfrefccveiglnjfbc")
if err != nil {

if ok {
    // succes!! The OTP is valid!
    log.Printf("Used query was: %s\n", result.GetRequestQuery()) // this query string includes the url of the api-server that responded first.
} else {
    // fail! The OTP is invalid or has been used before.
    log.Println("The given OTP is invalid!!!")

Use your own HTTP Client with fine-tuned config: While the library works out of the box, it's not recommended to use the default http client. It is better to configure your own http client with useful timeouts.

For example:

yubigo.HTTPClient = &http.Client{
    Timeout: time.Second * 15,
    Transport: &http.Transport{
        MaxConnsPerHost:     20,
        MaxIdleConnsPerHost: 5,
        DialContext: (&net.Dialer{
            Timeout:   30 * time.Second,
            KeepAlive: 60 * time.Second,
        TLSHandshakeTimeout:   10 * time.Second,
        ResponseHeaderTimeout: 10 * time.Second,
        ExpectContinueTimeout: 1 * time.Second,

Do not verify HTTPS certificate:

// Disable HTTPS cert verification. Use true to enable again.

HTTP instead of HTTPS:

// Disable HTTPS. Use true to enable again.

Custom API server:

// Set a list of n servers, each server as host + path. 
// Do not prepend with protocol
yubiAuth.SetApiServerList("api0.server.com/api/verify", "api1.server.com/api/verify", "otherserver.com/api/verify")


This project is licensed under a Simplified BSD license. Please read the LICENSE file.


  • Test files
  • More documentation
  • Getters/Setters for some options on the YubiAuth object.

Protocol & Package documentation

This project is implementing a pure-Go Yubico OTP Validation Client and is following the Yubico Validation Protocol Version 2.0.

You will find "go doc"-like package documentation at go.pkgdoc.org.

*Note that all licence references and agreements mentioned in the yubigo README section above are relevant to that project's source code only.