go

How to set up communication with Kerberos in a Golang application?

Hello comrades! Please help me figure it out.
The task is as follows: when an employee of the company contacts a certain URL address, return information about him. In other words, I'm trying to implement SSO (single sign-on) in a Golang application via Kerberos and Active Directory . I found the gokrb5
library , which seems to solve this problem. It is not entirely clear to me the sequence of actions that should lead me to solving this problem. 1) Let's start by adding an SPN name for my microservice in Active Directory. 2) We generated the "krb5.keytab" key for the microservice.
3) The Active Directory itself and the Kerberos server are located on a remote Windows machine.
4) On a Linux server, in a Docker container, I installed the Kerberos client.
5) Threw the "krb5.keytab" key into the "etc" directory in the Docker container.
If the value of Kerberos Realm is EXAMPLE.LOCAL and the hostname for the KDC Server is CS001, CS002, CS003, what should the "krb5.conf" configuration file for the Kerberos client look like correctly? What is the right way to send a token for verification in Kerberos in the Golang application itself?