diff --git a/AUTHORS b/AUTHORS
index fee2d5ccf..7d93a5a97 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -76,6 +76,7 @@ Olivier Mengué <dolmen at cpan.org>
 oscarzhao <oscarzhaosl at gmail.com>
 Paul Bonser <misterpib at gmail.com>
 Peter Schultz <peter.schultz at classmarkets.com>
+Polina Osadcha <posadcha-ua at singlestore.com>
 Rebecca Chin <rchin at pivotal.io>
 Reed Allman <rdallman10 at gmail.com>
 Richard Wilkes <wilkes at me.com>
diff --git a/auth.go b/auth.go
index b2f19e8f0..a6ba7602d 100644
--- a/auth.go
+++ b/auth.go
@@ -17,6 +17,8 @@ import (
 	"encoding/pem"
 	"fmt"
 	"sync"
+
+	"github.com/openshift/gssapi"
 )
 
 // server pub keys registry
@@ -289,6 +291,36 @@ func (mc *mysqlConn) auth(authData []byte, plugin string) ([]byte, error) {
 		enc, err := encryptPassword(mc.cfg.Passwd, authData, pubKey)
 		return enc, err
 
+	case "auth_gssapi_client":
+		dl, err := gssapi.Load(nil)
+		if err != nil {
+			return nil, err
+		}
+
+		buf_name, err := dl.MakeBufferBytes(authData)
+		if err != nil {
+			return nil, err
+		}
+		name, err := buf_name.Name(dl.GSS_C_NT_USER_NAME)
+		input_buf, _ := dl.MakeBuffer(0)
+		if err != nil {
+			return nil, err
+		}
+		_, _, token, _, _, err := dl.InitSecContext(
+			dl.GSS_C_NO_CREDENTIAL,
+			nil,
+			name,
+			dl.GSS_C_NO_OID,
+			0,
+			0,
+			dl.GSS_C_NO_CHANNEL_BINDINGS,
+			input_buf)
+		if token == nil {
+			return nil, err
+		}
+
+		return token.Bytes(), err
+
 	default:
 		errLog.Print("unknown auth plugin:", plugin)
 		return nil, ErrUnknownPlugin
diff --git a/go.mod b/go.mod
index 251110478..cf4cecb81 100644
--- a/go.mod
+++ b/go.mod
@@ -1,3 +1,5 @@
 module github.com/go-sql-driver/mysql
 
 go 1.13
+
+require github.com/openshift/gssapi v0.0.0-20161010215902-5fb4217df13b