SDKs
One authorization check. Any language.
Official SDKs for Go, Node.js and Python. One call to authorize a request. Works with the Vengtoo cloud endpoint or the local Vengtoo Agent. Swap between them in one line.
Go
github.com/vengtoo/vengtoo-go
go get github.com/vengtoo/vengtoo-goNode.js
@vengtoo/sdk
npm install @vengtoo/sdkPython
vengtoo
pip install vengtooGo
Authorize in two lines of Go.
The Go SDK wraps the evaluation API with a typed client. Includes middleware for Gin, Chi, and Fiber, and supports batch evaluation for checking multiple access decisions in one call.
- ✓Gin / Chi / Fiber middleware helpers
- ✓Batch evaluation
- ✓OAuth2 client credentials for service-to-service
- ✓Context propagation for tracing
import vengtoo "github.com/vengtoo/vengtoo-go"
client := vengtoo.NewClient("your-api-key")
result, err := client.Evaluate(ctx, &vengtoo.EvaluationRequest{
Subject: &vengtoo.Subject{Type: "user", ID: "user_42"},
Resource: &vengtoo.Resource{Type: "document", ID: "q4_report"},
Action: &vengtoo.Action{Name: "read"},
})
if err != nil || !result.Allow {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
// --- Gin middleware ---
router.Use(vengtoo.GinMiddleware(client, vengtoo.MiddlewareConfig{
GetSubject: func(c *gin.Context) string { return c.GetString("user_id") },
GetResource: func(c *gin.Context) string { return c.Param("id") },
Action: "read",
}))import { Vengtoo } from '@vengtoo/sdk'
const client = new Vengtoo({ apiKey: process.env.VENGTOO_API_KEY })
const result = await client.evaluate({
subject: { type: 'user', id: req.user.id },
resource: { type: 'document', id: req.params.docId },
action: { name: 'read' },
})
if (!result.allow) {
return res.status(403).json({ error: 'Forbidden' })
}
// --- Express middleware ---
app.use(
client.expressMiddleware({
getSubject: (req) => req.user.id,
getResource: (req) => req.params.id,
action: 'read',
})
)Node.js
TypeScript-first. Express in one call.
The Node SDK is fully typed. Call client.evaluate() anywhere, or drop in the Express middleware to protect entire route groups.
- ✓Full TypeScript types
- ✓Express middleware
- ✓Works with any HTTP framework via client.evaluate()
- ✓Promise-based, works in async/await and callback styles
Python
Sync and async. FastAPI ready.
The Python SDK supports both sync and async usage. The FastAPI dependency makes it trivial to add authorization to any route.
- ✓Sync and async client (httpx under the hood)
- ✓FastAPI dependency helper
- ✓Pydantic models for all request/response types
- ✓Works in Django, Flask, or plain Python
from vengtoo import Vengtoo
client = Vengtoo(api_key="your-api-key")
result = client.evaluate(
subject={"type": "user", "id": "user_42"},
resource={"type": "document", "id": "q4_report"},
action={"name": "read"},
)
if not result.allow:
raise HTTPException(status_code=403, detail="Forbidden")
# --- FastAPI dependency ---
from vengtoo.fastapi import require_access
@app.get("/documents/{doc_id}")
async def get_document(
doc_id: str,
_: None = Depends(require_access(client, action="read")),
):
...Local agent
Point at the agent. Nothing else changes.
All three SDKs accept a baseUrl option. Set it to your local Vengtoo Agent and every call evaluates in-memory in under 5ms. The API, types, and middleware helpers are identical.
// Go
client := vengtoo.NewClient("",
vengtoo.WithBaseURL("http://localhost:8181"))
// Node.js
const client = new Vengtoo({
baseUrl: 'http://localhost:8181',
})
# Python
client = Vengtoo(base_url="http://localhost:8181")