- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 56 for Claims (0.03 sec)
-
cmd/jwt.go
// Check if the access key is part of users credentials. u, ok := globalIAMSys.GetUser(req.Context(), claims.AccessKey) if !ok { return nil, nil, false, errInvalidAccessKeyID } ucred := u.Credentials // get embedded claims eclaims, s3Err := checkClaimsFromToken(req, ucred) if s3Err != ErrNone { return nil, nil, false, errAuthentication } maps.Copy(claims.MapClaims, eclaims)
Registered: Sun Sep 07 19:28:11 UTC 2025 - Last Modified: Fri Aug 29 02:39:48 UTC 2025 - 4.5K bytes - Viewed (0) -
cmd/user-provider-utils.go
func guessUserProvider(credentials auth.Credentials) string { if !credentials.IsServiceAccount() && !credentials.IsTemp() { return madmin.BuiltinProvider // regular users are always internal } claims := credentials.Claims if _, ok := claims[ldapUser]; ok { return madmin.LDAPProvider // ldap users } if _, ok := claims[subClaim]; ok {
Registered: Sun Sep 07 19:28:11 UTC 2025 - Last Modified: Fri Aug 29 02:39:48 UTC 2025 - 4.1K bytes - Viewed (0) -
docs/sts/wso2.md
**We recommend setting `policy` as a custom claim for the JWT service provider follow [here](https://docs.wso2.com/display/IS550/Configuring+Claims+for+a+Service+Provider) and [here](https://docs.wso2.com/display/IS550/Handling+Custom+Claims+with+the+JWT+Bearer+Grant+Type) for relevant docs on how to configure claims for a service provider.** ### 5. Setup MinIO with OpenID configuration URL
Registered: Sun Sep 07 19:28:11 UTC 2025 - Last Modified: Tue Aug 12 18:20:36 UTC 2025 - 8.7K bytes - Viewed (0) -
cmd/bucket-policy.go
// JWT specific values // // Add all string claims for k, v := range claims { vStr, ok := v.(string) if ok { // Trim any LDAP specific prefix args[strings.ToLower(strings.TrimPrefix(k, "ldap"))] = []string{vStr} } } // Add groups claim which could be a list. This will ensure that the claim // `jwt:groups` works. if grpsVal, ok := claims["groups"]; ok { if grpsIs, ok := grpsVal.([]any); ok {Registered: Sun Sep 07 19:28:11 UTC 2025 - Last Modified: Fri Aug 29 02:39:48 UTC 2025 - 7.9K bytes - Viewed (0) -
cmd/admin-handlers-idp-openid.go
_, ok := accessKey.Claims[subClaim] if !ok { continue // OpenID access keys must have a sub claim } if (!listSTSKeys && !accessKey.IsServiceAccount()) || (!listServiceAccounts && accessKey.IsServiceAccount()) { continue // skip if not the type we want } arn, ok := accessKey.Claims[roleArnClaim].(string) if !ok { if _, ok := accessKey.Claims[iamPolicyClaimNameOpenID()]; !ok {Registered: Sun Sep 07 19:28:11 UTC 2025 - Last Modified: Sat Sep 06 17:38:46 UTC 2025 - 7.6K bytes - Viewed (0) -
docs/iam/identity-manager-plugin.go
Registered: Sun Sep 07 19:28:11 UTC 2025 - Last Modified: Wed May 01 21:31:13 UTC 2024 - 2.1K bytes - Viewed (0) -
docs/distributed/samples/myminio-iam-info-openid.zip
ject"],"Resource":["arn:aws:s3:::*"]}]}} iam-assets/users.json {} iam-assets/groups.json {} iam-assets/svcaccts.json {"dillon-service-2":{"parent":"oCnAoSQFtdVQtKwrB73j","accessKey":"dillon-service-2","secretKey":"dillon-service-2","groups":null,"claims":{"accessKey":"dillon-service-2","at_hash":"LL4jvrkBRNQhOKiC83RL","aud":"minio-client-app","c_hash":"fjGB4ldChsaf9vSFdZ1P","email":"******@****.***","email_verified":true,"groups":["projecta","projectb"],"iat":1726558680,"iss":"http://127.0.0.1...
Registered: Sun Sep 07 19:28:11 UTC 2025 - Last Modified: Tue Sep 17 16:45:46 UTC 2024 - 2K bytes - Viewed (0) -
cmd/signature-v4-utils.go
return cred, false, ErrAccessKeyDisabled } return cred, false, ErrInvalidAccessKeyID } cred = u.Credentials } claims, s3Err := checkClaimsFromToken(r, cred) if s3Err != ErrNone { return cred, false, s3Err } cred.Claims = claims owner := cred.AccessKey == globalActiveCred.AccessKey || (cred.ParentUser == globalActiveCred.AccessKey && cred.AccessKey != siteReplicatorSvcAcc)
Registered: Sun Sep 07 19:28:11 UTC 2025 - Last Modified: Mon Nov 25 17:10:22 UTC 2024 - 9.1K bytes - Viewed (0) -
docs/distributed/samples/myminio-iam-info.zip
]}]}} iam-assets/users.json {} iam-assets/groups.json {} iam-assets/svcaccts.json {"bobfisher-svcacct-1":{"parent":"uid=bobfisher,ou=people,ou=hwengg,dc=min,dc=io","accessKey":"bobfisher-svcacct-1","secretKey":"bobfisher-svcacct-1","groups":null,"claims":{"accessKey":"bobfisher-svcacct-1","ldapActualUser":"uid=bobfisher,ou=people,ou=hwengg,dc=min,dc=io","ldapUser":"uid=bobfisher,ou=people,ou=hwengg,dc=min,dc=io","ldapUsername":"bobfisher","parent":"uid=bobfisher,ou=people,ou=hwengg,dc=min,dc=io"...Registered: Sun Sep 07 19:28:11 UTC 2025 - Last Modified: Thu Sep 12 15:59:00 UTC 2024 - 1.9K bytes - Viewed (0) -
docs/iam/identity-management-plugin.md
| maxValiditySeconds | integer (>= 900 seconds and < 365 days) | Maximum allowed expiry duration for the credentials | | claims | key-value pairs | Claims to be associated with the requested credentials | The keys "exp", "parent" and "sub" in the `claims` object are reserved and if present are ignored by MinIO.
Registered: Sun Sep 07 19:28:11 UTC 2025 - Last Modified: Fri May 27 00:58:09 UTC 2022 - 4.2K bytes - Viewed (0)