Infrastructure Go daemon
SECTION 5.4

Authentication Patterns

Loading Credentials

2 · Worked example — read every step
// From environment (preferred in containers)
apiKey := os.Getenv("CLOUD_API_KEY")
if apiKey == "" {
    return fmt.Errorf("CLOUD_API_KEY environment variable is required")
}

// From config file
type Config struct {
    APIKey  string `yaml:"api_key"`
    BaseURL string `yaml:"base_url"`
}

Never hardcode secrets. You know this from ops. In Go code, enforce it: read from env or file, fail loudly if missing.

Token Types

// Bearer token (most common)
req.Header.Set("Authorization", "Bearer "+token)

// API key in header
req.Header.Set("X-API-Key", apiKey)

// Basic auth
req.SetBasicAuth(username, password)
3 · Fill the gaps
Load the key, fail loudly, attach it — from memory.
apiKey := os.("CLOUD_API_KEY")
if apiKey ==  {
    return fmt.Errorf("CLOUD_API_KEY environment variable is required")
}

req.Header.Set("Authorization", )