<div class="screenshot">
<img src="/img/tutorial/request-form-models/image01.png">
</div>

## Forbid Extra Form Fields { #forbid-extra-form-fields }

In some special use cases (probably not very common), you might want to **restrict** the form fields to only those declared in the Pydantic model. And **forbid** any **extra** fields.

/// note

This is supported since FastAPI version `0.114.0`. 🤓

///

<img src="/img/tutorial/query-param-models/image01.png">
</div>

## Forbid Extra Query Parameters { #forbid-extra-query-parameters }

In some special use cases (probably not very common), you might want to **restrict** the query parameters that you want to receive.

You can use Pydantic's model configuration to `forbid` any `extra` fields:

{* ../../docs_src/query_param_models/tutorial002_an_py310.py hl[10] *}

- BucketCORS (CORS enabled by default on all buckets for all HTTP verbs, you can optionally restrict the CORS domains)
- BucketWebsite (Use [`caddy`](https://github.com/caddyserver/caddy) or [`nginx`](https://www.nginx.com/resources/wiki/))

        /*
         * NOTE: Metadata at the g:a level contains a collection of available versions. After merging, we can't tell
         * which repository provides which version so the metadata manager must not restrict the artifact resolution to
         * the repository with the most recent updates.
         */
    }

```
~ mc admin config set myminio identity_openid config_url="http://localhost:8080/auth/realms/{your-realm-name}/.well-known/openid-configuration" client_id="account"
```

> NOTE: You can configure the `scopes` parameter to restrict the OpenID scopes requested by minio to the IdP, for example, `"openid,policy_role_attribute"`, being `policy_role_attribute` a client_scope / client_mapper that maps a role attribute called policy to a `policy` claim returned by Keycloak

<div class="screenshot">
<img src="/img/tutorial/header-param-models/image01.png">
</div>

## Forbid Extra Headers { #forbid-extra-headers }

In some special use cases (probably not very common), you might want to **restrict** the headers that you want to receive.

You can use Pydantic's model configuration to `forbid` any `extra` fields:

{* ../../docs_src/header_param_models/tutorial002_an_py310.py hl[10] *}

///

## Forbid Extra Cookies { #forbid-extra-cookies }

In some special use cases (probably not very common), you might want to **restrict** the cookies that you want to receive.

## In summary

We welcome AI-assisted contributions from people who understand what they're submitting and are ready to collaborate on it.

We reserve the right to close PRs and restrict future contributions from submitters who repeatedly violate this policy, submit low-effort AI-generated content, or fail to engage meaningfully in the review process. 

  annotations: {}

  ## service.loadBalancerSourceRanges Addresses that are allowed when service is LoadBalancer
  ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
  ##
  #loadBalancerSourceRanges:
  #   - 10.10.10.0/24
  loadBalancerSourceRanges: []

  ## service.externalTrafficPolicy minio service external traffic policy

            queryContext.addSorts(defaultSortBuilders);
        }
        return queryContext;
    }

    /**
     * Builds virtual host query filters to restrict search results to the current virtual host.
     * This method adds filters based on the virtual host key, except for admin searches.
     *
     * @param queryContext the query context to modify