For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Logo
ContactLearn More
GuidesReferenceSamplesLicenseChangelog
GuidesReferenceSamplesLicenseChangelog
  • Concepts
    • Overview
    • Principles
  • Getting started
    • Set up
    • Authenticate
    • Quickstart
  • Best practices
    • Choose a protocol
    • Connect offline
    • Retry connections
  • Developer tools
    • Sandboxes
  • Entities
    • Overview
    • Watch
    • Publish
  • Tasks
    • Overview
    • Operate
    • Listen
    • Update
  • Objects
    • Overview
    • Upload
    • Download
    • Manage
ContactLearn More
On this page
  • Before you begin
  • Configure your client
  • What’s next
Best practices

Connect to offline environments

Configure the Lattice SDK for environments without access to the internet.
Previous

Retry connections

Build a reusable retry utility to handle transient failures across every Lattice SDK call.
Next

By default, the Lattice SDK validates TLS certificates to ensure a secure connection.

If the Lattice environment you are integrating with does not have access to the internet and you are connecting to it on a local network, you can use self-signed certificates.

This guide explains how to configure the SDK to use self-signed certificates.

Before you begin

  • Complete the steps in Set up to configure your environment variables: LATTICE_ENDPOINT, LATTICE_CLIENT_ID, and LATTICE_CLIENT_SECRET.

  • Verify that you have access to your Lattice environment and can connect to it. If you cannot access the environment, contact your Anduril representative for help.

  • Set a SKIP_TLS_VERIFY environment variable:

    $export SKIP_TLS_VERIFY=true
gRPC authentication

If you are using gRPC with client credentials, set up the token refresh module before running the examples on this page.

Configure your client

By default, the SDK validates certificates against the system’s trusted Certificate Authority (CA) store.

This is the recommended configuration for any non-development environment. In development environments where CA infrastructure is not accessible, configure a custom HTTP client to accept self-signed certificates:

1

Initialize the client

Import your environment variables and Initialize the client. In the following, SKIP_TLS_VERIFY is a boolean set up as an environment variable. You can achieve the same result using a local .env file, as well:

1package main
2
3import (
4	"context"
5	"crypto/tls"
6	"fmt"
7	"net/http"
8	"os"
9
10	Lattice "github.com/anduril/lattice-sdk-go/v4"
11	"github.com/anduril/lattice-sdk-go/v4/client"
12	"github.com/anduril/lattice-sdk-go/v4/option"
13)
14
15func main() {
16	latticeEndpoint := os.Getenv("LATTICE_ENDPOINT")
17	clientID := os.Getenv("LATTICE_CLIENT_ID")
18	clientSecret := os.Getenv("LATTICE_CLIENT_SECRET")
19	sandboxesToken := os.Getenv("SANDBOXES_TOKEN")
20
21	// Load the SKIP_TLS_VERIFY variable
22	skipTLSVerify := os.Getenv("SKIP_TLS_VERIFY") == "true"
23
24	// Initialize the client
25	LatticeClient, err := createLatticeClient(latticeEndpoint, clientID, clientSecret,
26		sandboxesToken,
27		skipTLSVerify,
28	)
29	if err != nil {
30		fmt.Printf("Error creating Lattice client: %v\n", err)
31		os.Exit(1)
32	}
33
34	// Use the client
35	ctx := context.Background()
36	entity, err := LatticeClient.Entities.GetEntity(
37		ctx,
38		&Lattice.GetEntityRequest{
39			EntityID: "Demo-Sim-Asset1",
40		},
41	)
42
43	if err != nil {
44		fmt.Printf("Error fetching entity: %v\n", err)
45	} else {
46		fmt.Printf("Asset name     | %s\n", *entity.GetAliases().GetName())
47		fmt.Printf("Asset location | %f, %f\n", *entity.GetLocation().GetPosition().GetLatitudeDegrees(),
48			*entity.GetLocation().GetPosition().GetLongitudeDegrees())
49	}
50}
51
52func createLatticeClient(endpoint string, clientID string, clientSecret string,
53	sandboxesToken string,
54	skipTLSVerify bool,
55) (*client.Client, error) {
56
57	headers := http.Header{}
58	if sandboxesToken != "" {
59		headers.Add("Anduril-Sandbox-Authorization", fmt.Sprintf("Bearer %s", sandboxesToken))
60	}
61
62	// Configure the InsecureSkipVerify option
63	httpClient := &http.Client{
64		Transport: &http.Transport{
65			TLSClientConfig: &tls.Config{
66				InsecureSkipVerify: skipTLSVerify,
67			},
68		},
69	}
70
71	latticeClient := client.NewClient(
72		option.WithClientCredentials(clientID, clientSecret),
73		option.WithBaseURL(fmt.Sprintf("https://%s", endpoint)),
74		option.WithHTTPHeader(headers),
75		option.WithHTTPClient(httpClient),
76	)
77
78	return latticeClient, nil
79}
2

Create a custom client

Configure the HTTP client to set the InsecureSkipVerify option. This specifies whether the Lattice client skips verification, and enables you to use self-signed certificates. If enabled, Lattice still performs basic validation of the certificate’s hostname, and its expiry date.

1package main
2
3import (
4	"context"
5	"crypto/tls"
6	"fmt"
7	"net/http"
8	"os"
9
10	Lattice "github.com/anduril/lattice-sdk-go/v4"
11	"github.com/anduril/lattice-sdk-go/v4/client"
12	"github.com/anduril/lattice-sdk-go/v4/option"
13)
14
15func main() {
16	latticeEndpoint := os.Getenv("LATTICE_ENDPOINT")
17	clientID := os.Getenv("LATTICE_CLIENT_ID")
18	clientSecret := os.Getenv("LATTICE_CLIENT_SECRET")
19	sandboxesToken := os.Getenv("SANDBOXES_TOKEN")
20
21	// Load the SKIP_TLS_VERIFY variable
22	skipTLSVerify := os.Getenv("SKIP_TLS_VERIFY") == "true"
23
24	// Initialize the client
25	LatticeClient, err := createLatticeClient(latticeEndpoint, clientID, clientSecret,
26		sandboxesToken,
27		skipTLSVerify,
28	)
29	if err != nil {
30		fmt.Printf("Error creating Lattice client: %v\n", err)
31		os.Exit(1)
32	}
33
34	// Use the client
35	ctx := context.Background()
36	entity, err := LatticeClient.Entities.GetEntity(
37		ctx,
38		&Lattice.GetEntityRequest{
39			EntityID: "Demo-Sim-Asset1",
40		},
41	)
42
43	if err != nil {
44		fmt.Printf("Error fetching entity: %v\n", err)
45	} else {
46		fmt.Printf("Asset name     | %s\n", *entity.GetAliases().GetName())
47		fmt.Printf("Asset location | %f, %f\n", *entity.GetLocation().GetPosition().GetLatitudeDegrees(),
48			*entity.GetLocation().GetPosition().GetLongitudeDegrees())
49	}
50}
51
52func createLatticeClient(endpoint string, clientID string, clientSecret string,
53	sandboxesToken string,
54	skipTLSVerify bool,
55) (*client.Client, error) {
56
57	headers := http.Header{}
58	if sandboxesToken != "" {
59		headers.Add("Anduril-Sandbox-Authorization", fmt.Sprintf("Bearer %s", sandboxesToken))
60	}
61
62	// Configure the InsecureSkipVerify option
63	httpClient := &http.Client{
64		Transport: &http.Transport{
65			TLSClientConfig: &tls.Config{
66				InsecureSkipVerify: skipTLSVerify,
67			},
68		},
69	}
70
71	latticeClient := client.NewClient(
72		option.WithClientCredentials(clientID, clientSecret),
73		option.WithBaseURL(fmt.Sprintf("https://%s", endpoint)),
74		option.WithHTTPHeader(headers),
75		option.WithHTTPClient(httpClient),
76	)
77
78	return latticeClient, nil
79}
3

Use the client

Use the client to call the Lattice API. In the following, we use GetEntity
to fetch an entity using its entityId:

1package main
2
3import (
4	"context"
5	"crypto/tls"
6	"fmt"
7	"net/http"
8	"os"
9
10	Lattice "github.com/anduril/lattice-sdk-go/v4"
11	"github.com/anduril/lattice-sdk-go/v4/client"
12	"github.com/anduril/lattice-sdk-go/v4/option"
13)
14
15func main() {
16	latticeEndpoint := os.Getenv("LATTICE_ENDPOINT")
17	clientID := os.Getenv("LATTICE_CLIENT_ID")
18	clientSecret := os.Getenv("LATTICE_CLIENT_SECRET")
19	sandboxesToken := os.Getenv("SANDBOXES_TOKEN")
20
21	// Load the SKIP_TLS_VERIFY variable
22	skipTLSVerify := os.Getenv("SKIP_TLS_VERIFY") == "true"
23
24	// Initialize the client
25	LatticeClient, err := createLatticeClient(latticeEndpoint, clientID, clientSecret,
26		sandboxesToken,
27		skipTLSVerify,
28	)
29	if err != nil {
30		fmt.Printf("Error creating Lattice client: %v\n", err)
31		os.Exit(1)
32	}
33
34	// Use the client
35	ctx := context.Background()
36	entity, err := LatticeClient.Entities.GetEntity(
37		ctx,
38		&Lattice.GetEntityRequest{
39			EntityID: "Demo-Sim-Asset1",
40		},
41	)
42
43	if err != nil {
44		fmt.Printf("Error fetching entity: %v\n", err)
45	} else {
46		fmt.Printf("Asset name     | %s\n", *entity.GetAliases().GetName())
47		fmt.Printf("Asset location | %f, %f\n", *entity.GetLocation().GetPosition().GetLatitudeDegrees(),
48			*entity.GetLocation().GetPosition().GetLongitudeDegrees())
49	}
50}
51
52func createLatticeClient(endpoint string, clientID string, clientSecret string,
53	sandboxesToken string,
54	skipTLSVerify bool,
55) (*client.Client, error) {
56
57	headers := http.Header{}
58	if sandboxesToken != "" {
59		headers.Add("Anduril-Sandbox-Authorization", fmt.Sprintf("Bearer %s", sandboxesToken))
60	}
61
62	// Configure the InsecureSkipVerify option
63	httpClient := &http.Client{
64		Transport: &http.Transport{
65			TLSClientConfig: &tls.Config{
66				InsecureSkipVerify: skipTLSVerify,
67			},
68		},
69	}
70
71	latticeClient := client.NewClient(
72		option.WithClientCredentials(clientID, clientSecret),
73		option.WithBaseURL(fmt.Sprintf("https://%s", endpoint)),
74		option.WithHTTPHeader(headers),
75		option.WithHTTPClient(httpClient),
76	)
77
78	return latticeClient, nil
79}

When you need to connect to a offline environment, you set the SKIP_TLS_VERIFY to true and enable your integration to use self-signed certificates.

What’s next

  • Learn how to publish entities to Lattice.
  • Explore tasking to learn how you can task an agent in Lattice.
  • Learn more about the Lattice OAuth 2.0 endpoint.