Develop a Client Application With the IoT SDK

This section shows you how to create a client application for a Thing, named Gopher. The Thing is manually registered in AM and authenticated with a username/password authentication flow. For more information about the IoT SDK API, see the Go package documentation.

Develop a ForgeRock IoT Application

  1. Create a directory structure for your Go project:

    mkdir -p things/cmd/gopher
  2. Create an empty project file (main.go ):

    cd things
    touch cmd/gopher/main.go
  3. Open main.go in a text editor, and add the following code:

    package main
    import (
    func main() {
        amURL, err := url.Parse("")
        if err != nil {
        _, err = builder.Thing().
                callback.NameHandler{Name: "Gopher"},
                callback.PasswordHandler{Password: "5tr0ngG3n3r@ted"}).
        if err != nil {
        log.Println("Gopher successfully authenticated.")
  4. Create a Go module:

    go mod init
    go: creating new go.mod: module

    This step creates a go.mod file that specifies your project dependencies and versions.

  5. Build an executable for your client application:

    go build
    go: finding module for package
    go: finding module for package
    go: downloading v0.0.0-20200812141306-ee64981fa05f
    go: downloading v7.1.0
    go: found in v7.1.0
    go: found in v7.1.0

    This step builds an executable gopher application in the things directory.

Run the Client Application

  1. Before you can run the application, you must register an identity for Gopher in AM:

    • Obtain an admin SSO token from AM:

      curl \
      --header 'X-OpenAM-Username: amAdmin' \
      --header 'X-OpenAM-Password: changeit' \
      --header 'Content-Type: application/json' \
      --header 'Accept-API-Version: resource=2.0, protocol=1.0' \
      --request POST \
       "tokenId": "qGAzvBw20z5...AAA.*",
       "successUrl": "/openam/console",
       "realm": "/"
    • Save the tokenId returned in this request as a variable, for example:

      export tokenId=qGAzvBw20z5...AAA.*
      echo $tokenId
    • Register the Gopher application, with the ID Gopher:

      curl \
      --header 'Content-Type: application/json' \
      --header 'Accept-Api-Version: resource=4.0, protocol=2.1' \
      --cookie "iPlanetDirectoryPro=${tokenId}" \
      --data '{
          "userPassword": "5tr0ngG3n3r@ted",
          "thingType": "device"
      }' \
      --request PUT \
        "_id": "Gopher",
        "_rev": "-1",
        "realm": "/",
        "username": "Gopher",
        "uid": [
        "universalid": [
        "objectClass": [
        "dn": [
        "inetUserStatus": [
        "cn": [
        "sn": [
        "thingType": [
        "createTimestamp": [

      Sign in to the AM Admin UI and select Identities in the Top Level Realm, to see the Gopher identity in the list.

  2. Run the executable to authenticate your application to AM:

    2020/09/01 11:09:49 Gopher successfully authenticated.