t.Fatalf("CreateInBatches failed: %v", err)
	}

	userIds := []uuid.UUID{}
	if err := gorm.G[User](DB).Select("name").Where("id in ?", []uint{users[0].ID, users[1].ID, users[2].ID}).Order("age").Scan(ctx, &userIds); err != nil || len(users) != 3 {
		t.Fatalf("Scan failed: %v, userids %v", err, userIds)
	}

	if s3Err != ErrNone {
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(s3Err), r.URL)
		return
	}

	users := r.Form["users"]
	isAll := r.Form.Get("all") == "true"
	selfOnly := !isAll && len(users) == 0

	if isAll && len(users) > 0 {
		// This should be checked on client side, so return generic error
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrInvalidRequest), r.URL)

            }

            // Compute User IDs with Domain ID to get User SIDs
            // First extra is user if userId is empty
            if (!userId.isEmpty() && !userId.isBlank()) {
                this.userSid = new SID(domainId, userId);
            } else if (this.extraSids.length > 0) {
                this.userSid = this.extraSids[0];
            }

				if err != nil {
					return err
				}
				c.mustNotListObjects(ctx, uClient, bucket)
				return nil
			}
		}(i), i)
	}
	if errs := g.Wait(); len(errs) > 0 {
		c.Fatalf("unable to remove users: %v", errs)
	}

					Schema:      "User",
					FieldSchema: "Toy",
					Polymorphic: Polymorphic{ID: "OwnerID", Type: "OwnerType", Value: "users"},
					References: []Reference{
						{ForeignKey: "OwnerType", ForeignSchema: "Toy", PrimaryValue: "users"},
						{ForeignKey: "OwnerType", ForeignSchema: "Toy", PrimaryValue: "users"},
					},
				},
				"Toys": {
					Name:        "Toys",
					Type:        schema.HasMany,

			}},
			References: []Reference{{"ID", "User", "UserID", "UserSpeak", "", true}, {"Code", "Language", "LanguageCode", "UserSpeak", "", false}},
		},
		{
			Name: "Friends", Type: schema.Many2Many, Schema: "User", FieldSchema: "User",
			JoinTable: JoinTable{Name: "user_friends", Table: "user_friends", Fields: []schema.Field{
				{
					Name: "UserID", DBName: "user_id", BindNames: []string{"UserID"}, DataType: schema.Uint,

**Please note that when AD/LDAP is configured, MinIO will not support long term users defined internally.** Only AD/LDAP users (and the root user) are allowed. In addition to this, the server will not support operations on users or groups using `mc admin user` or `mc admin group` commands except `mc admin user info` and `mc admin group info` to list set policies for users and groups. This is because users and groups are defined externally in AD/LDAP.

	if !credentials.IsServiceAccount() && !credentials.IsTemp() {
		return madmin.BuiltinProvider // regular users are always internal
	}

	claims := credentials.Claims
	if _, ok := claims[ldapUser]; ok {
		return madmin.LDAPProvider // ldap users
	}

	if _, ok := claims[subClaim]; ok {
		providerPrefix, _, found := strings.Cut(credentials.ParentUser, getKeySeparator())
		if found {

<img src="/img/tutorial/security/image05.png">

### Get your own user data { #get-your-own-user-data }

Now use the operation `GET` with the path `/users/me`.

You will get your user's data, like:

```JSON
{
  "username": "johndoe",
  "email": "******@****.***",
  "full_name": "John Doe",
  "disabled": false,
  "hashed_password": "fakehashedsecret"
}
```

The following example shows how to get the details of the user with `{userid}` from `{realm}` realm:

```
curl \
  -H "Authorization: Bearer eyJhbGciOiJSUz..." \
  "http://localhost:8080/auth/admin/realms/{realm}/users/{userid}"
```

### Configure MinIO

```
export MINIO_ROOT_USER=minio
export MINIO_ROOT_PASSWORD=minio123
minio server /mnt/export