Go SDK for Jamf Pro API

A Go client library for the Jamf Pro API, supporting both the Classic API and the Jamf Pro API (REST). Uses OAuth2 or Basic auth with bearer token exchange, automatic token refresh, and production-ready transport (retries, sticky sessions, logging, optional OpenTelemetry tracing).

Quick Start

Get started quickly with the SDK using the Quick Start Guide, which includes:

• Installation instructions
• Your first API call
• Common operations (list, get, create, update, delete)
• Authentication from environment or config file
• Error handling and response metadata
• Links to configuration guides for production use

Examples

The examples directory contains working examples for many SDK services:

• Jamf Pro API: examples/jamf_pro_api/ — API integrations, API roles, buildings, categories, computer groups, computer prestages, departments, dock items, enrollment settings, packages, reenrollment, SSO settings, volume purchasing, and more
• Classic API: examples/classic_api/ — Network segments, printers, restricted software, webhooks, and other Classic endpoints

Each example includes a complete main.go you can run with your Jamf Pro credentials.

HTTP Client Configuration

The SDK includes a powerful HTTP client with production-ready configuration options:

• Authentication - OAuth2 and Basic auth with secure credential management
• Timeouts & Retries - Configurable timeouts and automatic retry logic with exponential backoff
• TLS/SSL Configuration - Custom certificates, mutual TLS, and security settings
• Proxy Support - HTTP/HTTPS/SOCKS5 proxy configuration
• Custom Headers - Global and per-request header management
• Structured Logging - Integration with zap for production logging
• OpenTelemetry Tracing - Distributed tracing and observability
• Debug Mode - Detailed request/response inspection

Configuration Options

Creating a client

import (
    "github.com/deploymenttheory/go-sdk-jamfpro-v2/jamfpro"
)

// From environment (INSTANCE_DOMAIN, AUTH_METHOD, CLIENT_ID, CLIENT_SECRET or BASIC_AUTH_*)
jamfClient, err := jamfpro.NewClientFromEnv()

// From AuthConfig (e.g. from file or secret manager)
authConfig := jamfpro.AuthConfigFromEnv() // or jamfpro.LoadAuthConfigFromFile(path)
jamfClient, err := jamfpro.NewClient(authConfig, jamfpro.WithLogger(logger))

AuthConfig fields

import "github.com/deploymenttheory/go-sdk-jamfpro-v2/jamfpro/constants"

&jamfpro.AuthConfig{
    InstanceDomain:           "https://your-instance.jamfcloud.com",
    AuthMethod:               constants.AuthMethodOAuth2, // or constants.AuthMethodBasic
    ClientID:                 "your-client-id",
    ClientSecret:             "your-client-secret",
    TokenRefreshBufferPeriod: 5 * time.Minute,  // refresh before expiry
    HideSensitiveData:        true,              // redact tokens in logs
}

Optional client options

The SDK client supports extensive configuration through functional options. Below is the complete list of available configuration options grouped by category.

Basic Configuration

jamfpro.WithBaseURL("https://...")                    // Custom base URL
jamfpro.WithTimeout(30*time.Second)                   // Request timeout
jamfpro.WithRetryCount(3)                             // Number of retry attempts
jamfpro.WithRetryWaitTime(2*time.Second)              // Initial retry wait time
jamfpro.WithRetryMaxWaitTime(10*time.Second)          // Maximum retry wait time
jamfpro.WithTotalRetryDuration(2*time.Minute)         // Total retry budget

TLS/Security

jamfpro.WithTLSClientConfig(tlsConfig)                // Custom TLS configuration
jamfpro.WithInsecureSkipVerify()                      // Skip cert verification (dev only!)

Network

jamfpro.WithProxy("http://proxy:8080")                // HTTP/HTTPS/SOCKS5 proxy
jamfpro.WithTransport(customTransport)                // Custom HTTP transport

Headers

jamfpro.WithUserAgent("MyApp/1.0")                    // Set User-Agent header
jamfpro.WithGlobalHeader("X-Custom-Header", "value")  // Add single global header
jamfpro.WithGlobalHeaders(map[string]string{...})     // Add multiple global headers

Observability

jamfpro.WithLogger(zapLogger)                         // Structured logging with zap
jamfClient.EnableTracing(otelConfig)                 // OpenTelemetry distributed tracing (call after NewClient)
jamfpro.WithDebug()                                   // Enable debug mode (dev only!)

Concurrency & Rate Limiting

jamfpro.WithMaxConcurrentRequests(5)                  // Limit concurrent requests (Jamf Pro recommendation: ≤5)
jamfpro.WithMandatoryRequestDelay(100*time.Millisecond) // Add delay between requests

Example: Production Configuration

import (
    "time"
    "go.uber.org/zap"
    "github.com/deploymenttheory/go-sdk-jamfpro-v2/jamfpro"
)

logger, _ := zap.NewProduction()
authConfig := jamfpro.AuthConfigFromEnv()

jamfClient, err := jamfpro.NewClient(
    authConfig,
    jamfpro.WithTimeout(30*time.Second),
    jamfpro.WithRetryCount(3),
    jamfpro.WithLogger(logger),
    jamfpro.WithMaxConcurrentRequests(5),
    jamfpro.WithGlobalHeader("X-Application-Name", "MyJamfIntegration"),
)

// Enable OpenTelemetry tracing (optional)
jamfClient.EnableTracing(&jamfpro.OTelConfig{
    ServiceName: "my-jamf-integration",
})

See the configuration guides for detailed documentation on each option.

Documentation

• Jamf Pro API Reference
• GoDoc

Contributing

Contributions are welcome. Please read our Contributing Guidelines before submitting pull requests.

License

This project is licensed under the MIT License — see the LICENSE file for details.

Support

• Issues: GitHub Issues
• Jamf Pro API docs: developer.jamf.com

Disclaimer

This is a community SDK and is not affiliated with or endorsed by Jamf LLC.