```

Refer [Prometheus documentation](https://prometheus.io/docs/introduction/first_steps/) for more details.

### 2. Configure authentication type for Prometheus metrics

MinIO supports two authentication modes for Prometheus either `jwt` or `public`, by default MinIO runs in `jwt` mode. To allow public access without authentication for prometheus metrics set environment as follows.

```
export MINIO_PROMETHEUS_AUTH_TYPE="public"
minio server ~/test

  rotating credentials.

- Access to bucket(s) and object(s) are governed via IAM policies associated with the incoming
  login credentials.

- Allows authentication and access for all
  - Built-in IDP users and their respective service accounts
  - LDAP/AD users and their respective service accounts
  - OpenID/OIDC service accounts

	Local        string                      // Local host name.
	Hosts        []string                    // All hosts, including local in the grid.
	AddAuth      AuthFn                      // Add authentication to the given audience.
	AuthRequest  func(r *http.Request) error // Validate incoming requests.
	TLSConfig    *tls.Config                 // TLS to apply to the connections.

	// Settings specific to this transport.
	tr.ResponseHeaderTimeout = timeout
	return tr
}

// NewHTTPTransportWithClientCerts returns a new http configuration used for
// communicating with client cert authentication.
func (s ConnSettings) NewHTTPTransportWithClientCerts(ctx context.Context, clientCert, clientKey string) (*http.Transport, error) {
	transport := s.NewHTTPTransportWithTimeout(1 * time.Minute)

		if ok {
			tc.FuncName = "handler.MetricsV3"
			tc.ResponseRecorder.LogErrBody = true
		}

		innerHandler.ServeHTTP(w, r)
	})

	// Add authentication
	h.authFn(tracedHandler).ServeHTTP(w, r)

	pluginAuthnServiceFailedRequestsMinuteMD = NewCounterMD(pluginAuthnServiceFailedRequestsMinute, "When plugin authentication is configured, returns failed requests count in the last full minute")
	pluginAuthnServiceLastFailSecondsMD      = NewCounterMD(pluginAuthnServiceLastFailSeconds, "When plugin authentication is configured, returns time (in seconds) since the last failed request to the service")

	errAccessKeyDisabled  = errors.New("The access key you provided is disabled")
	errAuthentication     = errors.New("Authentication failed, check your access credentials")
	errNoAuthToken        = errors.New("JWT token missing")
	errSkewedAuthTime     = errors.New("Skewed authentication date/time")
	errMalformedAuth      = errors.New("Malformed authentication input")
)

type cacheKey struct {
	accessKey, secretKey, audience string
}

	case conf.AccessKey != "" && conf.SecretKey != "":
		creds = credentials.NewStaticV4(conf.AccessKey, conf.SecretKey, "")
	default:
		return nil, errors.New("insufficient parameters for S3 backend authentication")
	}
	opts := &minio.Options{
		Creds:     creds,
		Secure:    u.Scheme == "https",
		Transport: globalRemoteTargetTransport,
	}
	client, err := minio.New(u.Host, opts)
	if err != nil {