NTLM handshake authentication

This type of authentication uses HTTP NTLM handshake in order to obtain authentication header.


type AuthCnfg struct {
  // SPSite or SPWeb URL, which is the context target for the API calls
  SiteURL  string `json:"siteUrl"`
  Domain   string `json:"domain"`   // AD domain name
  Username string `json:"username"` // AD user name
  Password string `json:"password"` // AD user password

Gosip uses github.com/Azure/go-ntlmssp NTLM negotiator, however a custom one also can be provided in case of demand.


private.json sample:

  "siteUrl": "https://www.contoso.com/sites/test",
  "username": "contoso\\john.doe",
  "password": "this-is-not-a-real-password"


  "siteUrl": "https://www.contoso.com/sites/test",
  "username": "john.doe",
  "domain": "contoso",
  "password": "this-is-not-a-real-password"

Code sample

package main

import (
	// "os"

	strategy "github.com/koltyakov/gosip/auth/ntlm"

func main() {
	// authCnfg := &strategy.AuthCnfg{
	// 	SiteURL:  os.Getenv("SPAUTH_SITEURL"),
	// 	Username: os.Getenv("SPAUTH_USERNAME"),
	// 	Password: os.Getenv("SPAUTH_PASSWORD"),
	// }
	// or using `private.json` creds source

	authCnfg := &strategy.AuthCnfg{}
	configPath := "./config/private.json"
	if err := authCnfg.ReadConfig(configPath); err != nil {
		log.Fatalf("unable to get config: %v", err)

	client := &gosip.SPClient{AuthCnfg: authCnfg}
	// use client in raw requests or bind it with Fluent API ...

If this strategy doesn't work in your environment yet you know for sure it's NTLM used try this alternative.

Last updated