```xml
<?xml version="1.0" encoding="UTF-8"?>
<AssumeRoleWithCustomTokenResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">
  <AssumeRoleWithCustomTokenResult>
    <Credentials>
      <AccessKeyId>24Y5H9VHE14H47GEOKCX</AccessKeyId>
      <SecretAccessKey>H+aBfQ9B1AeWWb++84hvp4tlFBo9aP+hUTdLFIeg</SecretAccessKey>
      <Expiration>2022-05-25T19:56:34Z</Expiration>

	// sha256 hash of "payload"
	payloadSHA256 := "239f59ed55e737c77147cf55ad0c1b030b6d7ee748a7426952f9b852d5a935e5"
	now := UTCNow()
	credentialTemplate := "%s/%s/%s/s3/aws4_request"

	region := globalSite.Region()
	accessKeyID := globalActiveCred.AccessKey
	testCases := []struct {
		queryParams map[string]string
		headers     map[string]string
		region      string
		expected    APIErrorCode
	}{

<AssumeRoleResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">
  <AssumeRoleResult>
    <AssumedRoleUser>
      <Arn/>
      <AssumeRoleId/>
    </AssumedRoleUser>
    <Credentials>
      <AccessKeyId>Y4RJU1RNFGK48LGO9I2S</AccessKeyId>
      <SecretAccessKey>sYLRKS1Z7hSjluf6gEbb9066hnx315wHTiACPAjg</SecretAccessKey>
      <Expiration>2019-08-08T20:26:12Z</Expiration>

		}

		// Retrieve the STS account's credential object.
		u, ok := globalIAMSys.GetUser(ctx, value.AccessKeyID)
		if !ok {
			c.Fatalf("Expected to find user %s", value.AccessKeyID)
		}

		if u.Credentials.AccessKey != value.AccessKeyID {
			c.Fatalf("Expected access key %s, got %s", value.AccessKeyID, u.Credentials.AccessKey)
		}

		// Retrieve the credential's claims.

	}

	v, err := li.Get()
	if err != nil {
		log.Fatalf("Error retrieving STS credentials: %v", err)
	}

	if displayCreds {
		fmt.Println("Only displaying credentials:")
		fmt.Println("AccessKeyID:", v.AccessKeyID)
		fmt.Println("SecretAccessKey:", v.SecretAccessKey)
		fmt.Println("SessionToken:", v.SessionToken)
		return
	}

	// Use generated credentials to authenticate with MinIO server

var AWS = require('aws-sdk');

var s3  = new AWS.S3({
    accessKeyId: 'YOUR-ACCESSKEYID' ,
    secretAccessKey: 'YOUR-SECRETACCESSKEY' ,
    endpoint: 'http://127.0.0.1:9000' ,
    s3ForcePathStyle: true,
    signatureVersion: 'v4'
});

// List all contents stored in the zip archive
s3.listObjectsV2({Bucket : 'your-bucket', Prefix: 'path/to/file.zip/'}).
    on('build', function(req) { req.httpRequest.headers['X-Minio-Extract'] = 'true'; }).

            result = root.find('AssumeRoleWithClientGrantsResult')
            creds = result.find('Credentials')
            return dict(
                access_key=creds.get_child_text('AccessKeyId'),
                secret_key=creds.get_child_text('SecretAccessKey'),
                token=creds.get_child_text('SessionToken'),
                expiry_time=parse(creds.get_child_text('Expiration')).isoformat())

#!/usr/bin/env/python

import boto3
from botocore.client import Config

s3 = boto3.client('s3',
        endpoint_url='http://localhost:9000',
        aws_access_key_id='YOUR-ACCESSKEYID',
        aws_secret_access_key='YOUR-SECRETACCESSKEY',
        config=Config(signature_version='s3v4'),
        region_name='us-east-1')


def _add_header(request, **kwargs):
    request.headers.add_header('x-minio-extract', 'true')

	}

	v, err := li.Get()
	if err != nil {
		log.Fatalf("Error retrieving STS credentials: %v", err)
	}

	if displayCreds {
		fmt.Println("Only displaying credentials:")
		fmt.Println("AccessKeyID:", v.AccessKeyID)
		fmt.Println("SecretAccessKey:", v.SecretAccessKey)
		fmt.Println("SessionToken:", v.SessionToken)
		return
	}

	// API requests are secure (HTTPS) if secure=true and insecure (HTTP) otherwise.

```
{
 "buckets": [
  "dl.minio.equipment",
  "dl.minio.service-fulfillment",
  "testbucket"
 ],
 "credentials": {
  "AccessKeyID": "Q31CVS1PSCJ4OTK2YVEM",
  "SecretAccessKey": "rmDEOKARqKYmEyjWGhmhLpzcncyu7Jf8aZ9bjDic",