diff --git a/services/sso/client.go b/services/sso/client.go
new file mode 100644
index 0000000..8685694
--- /dev/null
+++ b/services/sso/client.go
@@ -0,0 +1,36 @@
+package sso
+
+import "golib.gaore.com/GaoreGo/gaore-common-sdk-go/sdk"
+
+const (
+	HOST    = "sso"
+	VERSION = "2020-08-07"
+)
+
+type Client struct {
+	sdk.Client
+}
+
+func (c *Client) CodeAuth(req *CodeAuthRequest) (response *CodeAuthResponse, err error) {
+	response = CreateCodeAuthResponse()
+	err = c.DoAction(req, response)
+	return
+}
+
+func (c *Client) GetUserInfo(req *GetUserInfoRequest) (response *GetUserInfoResponse, err error) {
+	response = CreateGetUserInfoResponse()
+	err = c.DoAction(req, response)
+	return
+}
+
+func (c *Client) RefreshToken(req *RefreshTokenRequest) (response *RefreshTokenResponse, err error) {
+	response = CreateRefreshTokenResponse()
+	err = c.DoAction(req, response)
+	return
+}
+
+func NewClientWithAccessKey(accesskey, secrect, source string) (client *Client, err error) {
+	client = &Client{}
+	err = client.InitWithAccessKey(accesskey, secrect, source)
+	return
+}
diff --git a/services/sso/code_auth.go b/services/sso/code_auth.go
new file mode 100644
index 0000000..20f6147
--- /dev/null
+++ b/services/sso/code_auth.go
@@ -0,0 +1,40 @@
+package sso
+
+import (
+	"golib.gaore.com/GaoreGo/gaore-common-sdk-go/sdk/requests"
+	"golib.gaore.com/GaoreGo/gaore-common-sdk-go/sdk/responses"
+)
+
+type CodeAuthRequest struct {
+	*requests.RpcRequest
+	OauthCode string `position:"Body" field:"oauthCode" default:"" `
+	Ident     string `position:"Body" field:"ident" default:"" `
+}
+
+type CodeAuthResponseData struct {
+	*requests.RpcRequest
+	RefreshToken        string `json:"refreshToken"`
+	RefreshTokenExpires int64  `json:"refreshTokenExpires"`
+	Token               string `json:"token"`
+	TokenExpires        int64  `json:"tokenExpires"`
+	User                User   `json:"user"`
+}
+
+type CodeAuthResponse struct {
+	*responses.BaseResponse
+	Data CodeAuthResponseData `json:"data"`
+}
+
+func CreateCodeAuthRequest() (req *CodeAuthRequest) {
+	req = &CodeAuthRequest{RpcRequest: &requests.RpcRequest{}}
+	req.InitWithApiInfo(HOST, VERSION, "/api/userSess/codeAuth")
+	req.Method = requests.POST
+	return
+}
+
+func CreateCodeAuthResponse() (response *CodeAuthResponse) {
+	response = &CodeAuthResponse{
+		BaseResponse: &responses.BaseResponse{},
+	}
+	return
+}
diff --git a/services/sso/get_user.go b/services/sso/get_user.go
new file mode 100644
index 0000000..8498601
--- /dev/null
+++ b/services/sso/get_user.go
@@ -0,0 +1,36 @@
+package sso
+
+import (
+	"golib.gaore.com/GaoreGo/gaore-common-sdk-go/sdk/requests"
+	"golib.gaore.com/GaoreGo/gaore-common-sdk-go/sdk/responses"
+)
+
+type GetUserInfoRequest struct {
+	*requests.RpcRequest
+	OauthCode string `position:"Body" field:"oauthCode" default:"" `
+	Ident     string `position:"Body" field:"ident" default:"" `
+}
+
+type GetUserInfoResponseData struct {
+	*requests.RpcRequest
+	User User `json:"user"`
+}
+
+type GetUserInfoResponse struct {
+	*responses.BaseResponse
+	Data GetUserInfoResponseData `json:"data"`
+}
+
+func CreateGetUserInfoRequest() (req *GetUserInfoRequest) {
+	req = &GetUserInfoRequest{RpcRequest: &requests.RpcRequest{}}
+	req.InitWithApiInfo(HOST, VERSION, "/api/userSess/getUserInfo")
+	req.Method = requests.POST
+	return
+}
+
+func CreateGetUserInfoResponse() (response *GetUserInfoResponse) {
+	response = &GetUserInfoResponse{
+		BaseResponse: &responses.BaseResponse{},
+	}
+	return
+}
diff --git a/services/sso/refresh_token.go b/services/sso/refresh_token.go
new file mode 100644
index 0000000..9057dfa
--- /dev/null
+++ b/services/sso/refresh_token.go
@@ -0,0 +1,38 @@
+package sso
+
+import (
+	"golib.gaore.com/GaoreGo/gaore-common-sdk-go/sdk/requests"
+	"golib.gaore.com/GaoreGo/gaore-common-sdk-go/sdk/responses"
+)
+
+type RefreshTokenRequest struct {
+	*requests.RpcRequest
+	OauthCode string `position:"Body" field:"oauthCode" default:"" `
+	Ident     string `position:"Body" field:"ident" default:"" `
+}
+
+type RefreshTokenResponseData struct {
+	*requests.RpcRequest
+	Token        string `json:"token"`
+	TokenExpires int64  `json:"tokenExpires"`
+	User         User   `json:"user"`
+}
+
+type RefreshTokenResponse struct {
+	*responses.BaseResponse
+	Data GetUserInfoResponseData `json:"data"`
+}
+
+func CreateRefreshTokenRequest() (req *RefreshTokenRequest) {
+	req = &RefreshTokenRequest{RpcRequest: &requests.RpcRequest{}}
+	req.InitWithApiInfo(HOST, VERSION, "/api/userSess/refreshToken")
+	req.Method = requests.POST
+	return
+}
+
+func CreateRefreshTokenResponse() (response *RefreshTokenResponse) {
+	response = &RefreshTokenResponse{
+		BaseResponse: &responses.BaseResponse{},
+	}
+	return
+}
diff --git a/services/sso/struct.go b/services/sso/struct.go
new file mode 100644
index 0000000..2a493da
--- /dev/null
+++ b/services/sso/struct.go
@@ -0,0 +1,27 @@
+package sso
+
+type User struct {
+	Uid        string     `json:"uid"`
+	UidNumber  string     `json:"uidNumber"`
+	Name       string     `json:"name"`
+	FirstName  string     `json:"firstname"`
+	LastName   string     `json:"lastname"`
+	RealName   string     `json:"realname"`
+	Mobile     string     `json:"mobile"`
+	Mail       string     `json:"mail"`
+	Department Department `json:"department"`
+	Roles      []Role     `json:"roles"`
+	Domains    []string   `json:"domains"`
+}
+
+type Department struct {
+	Gid  string `json:"gid"`
+	Name string `json:"name"`
+	Abbr string `json:"abbr"`
+}
+
+type Role struct {
+	Name    string   `json:"name"`
+	Domains []string `json:"domains"`
+	Abbr    string   `json:"abbr"`
+}