ConductorOne · robert-chiniquy · Feb 8, 2026
diff --git a/cmd/baton-segment/config.go b/cmd/baton-segment/config.go
@@ -12,7 +12,8 @@ import (
 type config struct {
 	cli.BaseConfig `mapstructure:",squash"` // Puts the base config options in the same place as the connector options
 
-	Token string `mapstructure:"token"`
+	Token   string `mapstructure:"token"`
+	BaseURL string `mapstructure:"base-url"`
 }
 
 // validateConfig is run after the configuration is loaded, and should return an error if it isn't valid.
@@ -27,4 +28,5 @@ func validateConfig(ctx context.Context, cfg *config) error {
 // cmdFlags sets the cmdFlags required for the connector.
 func cmdFlags(cmd *cobra.Command) {
 	cmd.PersistentFlags().String("token", "", "The Segment access token used to connect to the Segment API. ($BATON_TOKEN)")
+	cmd.PersistentFlags().String("base-url", "", "Override the Segment API URL (for testing). ($BATON_BASE_URL)")
 }
diff --git a/cmd/baton-segment/main.go b/cmd/baton-segment/main.go
@@ -39,7 +39,7 @@ func main() {
 func getConnector(ctx context.Context, cfg *config) (types.ConnectorServer, error) {
 	l := ctxzap.Extract(ctx)
 
-	cb, err := connector.New(ctx, cfg.Token)
+	cb, err := connector.New(ctx, cfg.Token, cfg.BaseURL)
 	if err != nil {
 		l.Error("error creating connector", zap.Error(err))
 		return nil, err

diff --git a/pkg/connector/connector.go b/pkg/connector/connector.go
@@ -49,13 +49,13 @@ func (s *Segment) Validate(ctx context.Context) (annotations.Annotations, error)
 }
 
 // New returns a new instance of the connector.
-func New(ctx context.Context, token string) (*Segment, error) {
+func New(ctx context.Context, token string, baseURL string) (*Segment, error) {
 	httpClient, err := uhttp.NewClient(ctx, uhttp.WithLogger(true, ctxzap.Extract(ctx)))
 	if err != nil {
 		return nil, err
 	}
 
-	client := segment.NewClient(httpClient, token)
+	client := segment.NewClient(httpClient, token, baseURL)
 
 	return &Segment{
 		client: client,

diff --git a/pkg/segment/client.go b/pkg/segment/client.go
@@ -10,7 +10,7 @@ import (
 )
 
 const (
-	BaseUrl = "https://api.segmentapis.com/"
+	DefaultBaseURL = "https://api.segmentapis.com/"
 
 	groups      = "groups"
 	users       = "users"
@@ -40,16 +40,21 @@ type Payload struct {
 type Client struct {
 	httpClient *http.Client
 	token      string
+	baseURL    string
 }
 
 type PermissionsPayload struct {
 	Permissions []Permission `json:"permissions"`
 }
 
-func NewClient(httpClient *http.Client, token string) *Client {
+func NewClient(httpClient *http.Client, token, baseURL string) *Client {
+	if baseURL == "" {
+		baseURL = DefaultBaseURL
+	}
 	return &Client{
 		httpClient: httpClient,
 		token:      token,
+		baseURL:    baseURL,
 	}
 }
 
@@ -64,7 +69,7 @@ func (c *Client) ListUsers(ctx context.Context, cursor string) ([]User, string,
 	}
 
 	params := c.setParams(cursor)
-	url, _ := url.JoinPath(BaseUrl, users)
+	url, _ := url.JoinPath(c.baseURL, users)
 	if err := c.doRequest(ctx, url, &res, http.MethodGet, params, nil); err != nil {
 		return nil, "", err
 	}
@@ -91,7 +96,7 @@ func (c *Client) ListSources(ctx context.Context, cursor string) ([]Source, stri
 	}
 
 	params := c.setParams(cursor)
-	url, _ := url.JoinPath(BaseUrl, sources)
+	url, _ := url.JoinPath(c.baseURL, sources)
 	if err := c.doRequest(ctx, url, &res, http.MethodGet, params, nil); err != nil {
 		return nil, "", err
 	}
@@ -118,7 +123,7 @@ func (c *Client) ListWarehouses(ctx context.Context, cursor string) ([]Warehouse
 	}
 
 	params := c.setParams(cursor)
-	url, _ := url.JoinPath(BaseUrl, sources)
+	url, _ := url.JoinPath(c.baseURL, sources)
 	if err := c.doRequest(ctx, url, &res, http.MethodGet, params, nil); err != nil {
 		return nil, "", err
 	}
@@ -146,7 +151,7 @@ func (c *Client) ListFunctions(ctx context.Context, cursor string, fnType string
 
 	params := c.setParams(cursor)
 	params.Add("resourceType", fnType)
-	url, _ := url.JoinPath(BaseUrl, functions)
+	url, _ := url.JoinPath(c.baseURL, functions)
 	if err := c.doRequest(ctx, url, &res, http.MethodGet, params, nil); err != nil {
 		return nil, "", err
 	}
@@ -173,7 +178,7 @@ func (c *Client) ListSpaces(ctx context.Context, cursor string) ([]Space, string
 	}
 
 	params := c.setParams(cursor)
-	url, _ := url.JoinPath(BaseUrl, sources)
+	url, _ := url.JoinPath(c.baseURL, sources)
 	if err := c.doRequest(ctx, url, &res, http.MethodGet, params, nil); err != nil {
 		return nil, "", err
 	}
@@ -200,7 +205,7 @@ func (c *Client) ListGroups(ctx context.Context, cursor string) ([]Group, string
 	}
 
 	params := c.setParams(cursor)
-	url, _ := url.JoinPath(BaseUrl, groups)
+	url, _ := url.JoinPath(c.baseURL, groups)
 	if err := c.doRequest(ctx, url, &res, http.MethodGet, params, nil); err != nil {
 		return nil, "", err
 	}
@@ -227,7 +232,7 @@ func (c *Client) ListGroupMembers(ctx context.Context, groupId, cursor string) (
 	}
 
 	params := c.setParams(cursor)
-	url, _ := url.JoinPath(BaseUrl, groups, groupId, users)
+	url, _ := url.JoinPath(c.baseURL, groups, groupId, users)
 	if err := c.doRequest(ctx, url, &res, http.MethodGet, params, nil); err != nil {
 		return nil, "", err
 	}
@@ -252,7 +257,7 @@ func (c *Client) GetWorkspace(ctx context.Context) (*Workspace, error) {
 		Errors []Error `json:"errors,omitempty"`
 	}
 
-	if err := c.doRequest(ctx, BaseUrl, &res, http.MethodGet, nil, nil); err != nil {
+	if err := c.doRequest(ctx, c.baseURL, &res, http.MethodGet, nil, nil); err != nil {
 		return nil, err
 	}
 
@@ -272,7 +277,7 @@ func (c *Client) GetUser(ctx context.Context, userID string) (*User, error) {
 		Errors []Error `json:"errors,omitempty"`
 	}
 
-	url, _ := url.JoinPath(BaseUrl, users, userID)
+	url, _ := url.JoinPath(c.baseURL, users, userID)
 	if err := c.doRequest(ctx, url, &res, http.MethodGet, nil, nil); err != nil {
 		return nil, err
 	}
@@ -293,7 +298,7 @@ func (c *Client) GetGroup(ctx context.Context, groupID string) (*Group, error) {
 		Errors []Error `json:"errors,omitempty"`
 	}
 
-	url, _ := url.JoinPath(BaseUrl, groups, groupID)
+	url, _ := url.JoinPath(c.baseURL, groups, groupID)
 	if err := c.doRequest(ctx, url, &res, http.MethodGet, nil, nil); err != nil {
 		return nil, err
 	}
@@ -316,7 +321,7 @@ func (c *Client) ListRoles(ctx context.Context, cursor string) ([]Role, string,
 	}
 
 	params := c.setParams(cursor)
-	url, _ := url.JoinPath(BaseUrl, roles)
+	url, _ := url.JoinPath(c.baseURL, roles)
 	if err := c.doRequest(ctx, url, &res, http.MethodGet, params, nil); err != nil {
 		return nil, "", err
 	}
@@ -334,7 +339,7 @@ func (c *Client) ListRoles(ctx context.Context, cursor string) ([]Role, string,
 
 // AddGroupMembers adds user to a group.
 func (c *Client) AddGroupMembers(ctx context.Context, groupId, userEmail string) error {
-	url, _ := url.JoinPath(BaseUrl, groups, groupId, users)
+	url, _ := url.JoinPath(c.baseURL, groups, groupId, users)
 	body := Payload{
 		Emails: []string{userEmail},
 	}
@@ -367,7 +372,7 @@ func (c *Client) UpdatePermissions(ctx context.Context, principalId, principalTy
 		principal = groups
 	}
 
-	url, _ := url.JoinPath(BaseUrl, principal, principalId, permissions)
+	url, _ := url.JoinPath(c.baseURL, principal, principalId, permissions)
 	body := PermissionsPayload{Permissions: newPermissions}
 	var res struct {
 		Data struct {
@@ -390,7 +395,7 @@ func (c *Client) UpdatePermissions(ctx context.Context, principalId, principalTy
 
 // RemoveGroupMember removes member from the group.
 func (c *Client) RemoveGroupMember(ctx context.Context, groupId, userEmail string) error {
-	url, _ := url.JoinPath(BaseUrl, groups, groupId, users)
+	url, _ := url.JoinPath(c.baseURL, groups, groupId, users)
 	var res struct {
 		Data struct {
 			Status string `json:"status"`