A minimal example using Turso/LibSQL with JWT-based authentication in Go.
This template helps you:
- Generate a JWT keypair
- Create a JWT for accessing your database
- Connect to LibSQL using the
authToken - Run a basic query in
main.go - Runs it on railway!
- Go 1.21+ must be installed:
https://go.dev/dl/ - LibSQL database deployed:
go mod tidygo run jwtgen.go --genExample output:
🔐 PRIVATE KEY (keep this safe):
uNvD4CzPyA2VTzbO1O4BAWTcpgtNrqD3hlu31gvGw6CwOscCRmSj2XkG8WGEAqJXScnREpiGVfJ0olKw-854Bg
📣 PUBLIC KEY (Railway → SQLD_AUTH_JWT_KEY):
sDrHAkZko9l5BvFhhAKiV0nJ0RKYhlXydKJSsPvOeAYStore the private key in a password manager.
On railway project -> Variables -> SQLD_AUTH_JWT_KEY
SQLD_AUTH_JWT_KEY=sDrHAkZko9l5BvFhhAKiV0nJ0RKYhlXydKJSsPvOeAY
Update the value with the public key you generated.
Fill in the 🔐 PRIVATE KEY from the previous step. And generate your JWT token.
876000h = 100 years.
go run jwtgen.go \
--priv uNvD4CzPyA2VTzbO1O4BAWTcpgtNrqD3hlu31gvGw6CwOscCRmSj2XkG8WGEAqJXScnREpiGVfJ0olKw-854Bg \
--user user \
--exp 876000hResult:
📈 JWT:
eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJleHAiOjQ5MDYwMTg5NTQsInN1YiI6InVzZXIifQ.GaOet8Jv_WOUYEv71oSp-ps0XfJAzAkQY34W3zxAcE70xFZa8KRGpkt4ql-7IDXBHwVWpckHnynMgthsBpghDgUse this as your authToken.
const authToken = "eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9..." // JWT token from previous step
const appDomain = "libsql-production-8db1.up.railway.app" // railway domain
dsn := fmt.Sprintf("libsql://%s?authToken=%s", appDomain, authToken)go run main.goExpected outcome:
User 1: Alice
User 2: BobInvalid keypair:
2025/07/13 17:07:02 drop failed: failed to execute SQL:
error code 401: Unauthorized: `The JWT is invalid`
exit status 1✅ Troubleshooting:
- Did you update the Railway environment with the correct public key?
- Did you use the correct JWT in main.go?