DGO how do you add an Authorization token to dgraph queries

Hello, I have been trying to follow along with the authorization tutorial.

I have finally made it so I can query using Dgo however I am getting no query results because I’m missing the JWT authorization header. When I use postman and add the JWT header it works fine and I get my results but the admin API doesn’t seem to make a difference. How do I add authorization headers into DGO queries? The example in the docs only seems to work for alter commands.
The goal for me is to create a REST API in golang that checks for user accounts with the same email and if there is none it creates a new User and Pass. The first problem I’m having is that I’m unable to read users because of the authorization schema.

func newClient() *dgo.Dgraph {
	client, err := dgo.DialSlashEndpoint("https://realistic-rage.us-west-2.aws.cloud.dgraph.io/graphql", "my private API key that works")
	if err != nil {
		fmt.Println("error establishing graphQL connection")
	return dgo.NewDgraphClient(api.NewDgraphClient(client))

func main() {

	c := newClient()
	md := metadata.New(nil)
	md.Append("auth", "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJhZG1pbiIsImh0dHBzOi8veW91cmRvbWFpbi5jb20vand0L2NsYWltcyI6eyJVU0VSUk9MRSI6IkFETUlOSVNUUkFUT1IifSwiaWF0IjoxNTE2MjM5MDIyLCJpc3N1ZXIiOiJhdXRoZW50aWNhdGlvbiBzY3JpcHQiLCJleHAiOjQxMDI0NDQ3OTl9.KPGIVJWVT7Fc9KUwL6r9f3-Zh0FC27AuB7DBr9cOkqQ")

	ctx := metadata.NewOutgoingContext(context.Background(), md)

	fmt.Println("client created")

	txn := c.NewTxn()
	defer txn.Discard(ctx)

	q := `query all($a: string) {
		queryUser(func: eq(email, $a)) {

	resp, err := txn.QueryWithVars(ctx, q, map[string]string{"$a": "myEmail@gmail.com"})

	fmt.Println("tx started")
	// resp, err := txn.Query(context.Background(), query)
	if err != nil {
		fmt.Println("error querying ")
	fmt.Println("query completed")

	// After we get the user, we have to decode them into structs so that
	// we can manipulate the data.
	var decode struct {
		queryUser []struct {
			UID string

	if err := json.Unmarshal(resp.GetJson(), &decode); err != nil {
		fmt.Println("error Unmarshalling")

some additional questions.

  1. How do I use the client.Login method? does this help me solve my authorization problem?
  2. Is there an authorization schema that I can use to allow the admin API access? I want my golang backend to handle my signup flow. This requires that my client is authorized to view user accounts.
  3. How do i include the JWT token with my DGO transaction queries.