if err != nil {
		return err
	}
	if numDays <= 0 {
		return errLifecycleInvalidDays
	}
	*eDays = ExpirationDays(numDays)
	return nil
}

// MarshalXML encodes number of days to expire if it is non-zero and
// encodes empty string otherwise
func (eDays ExpirationDays) MarshalXML(e *xml.Encoder, startElement xml.StartElement) error {
	if eDays == 0 {
		return nil
	}

		ACB_WSTRUST                = 0x00000080, /* 1 = Workstation trust account */
		ACB_SVRTRUST               = 0x00000100, /* 1 = Server trust account */
		ACB_PWNOEXP                = 0x00000200, /* 1 = User password does not expire */
		ACB_AUTOLOCK               = 0x00000400, /* 1 = Account auto locked */
		ACB_ENC_TXT_PWD_ALLOWED    = 0x00000800, /* 1 = Encryped text password is allowed */

    /**
     * Request counters per IP address.
     * Entries automatically expire after the configured window period.
     */
    protected Cache<String, AtomicLong> requestCounters;

    /**
     * Blocked IPs with automatic expiration.
     * Entries automatically expire after the configured block duration.
     */
    protected Cache<String, Boolean> blockedIps;

    /**

		c.onEvict(e.Key, e.Value)
	}
}

// deleteExpired deletes expired records from the oldest bucket, waiting for the newest entry
// in it to expire first.
func (c *LRU[K, V]) deleteExpired() {
	c.mu.Lock()
	bucketIdx := c.nextCleanupBucket
	timeToExpire := time.Until(c.buckets[bucketIdx].newestEntry)
	// wait for newest entry to expire before cleanup without holding lock
	if timeToExpire > 0 {
		c.mu.Unlock()

	KeyRotate *BatchJobKeyRotateV1 `yaml:"keyrotate" json:"keyrotate"`
	Expire    *BatchJobExpire      `yaml:"expire" json:"expire"`
	ctx       context.Context      `msg:"-"`
}

// RedactSensitive will redact any sensitive information in b.
func (j *BatchJobRequest) RedactSensitive() {
	j.Replicate.RedactSensitive()
	j.Expire.RedactSensitive()
	j.KeyRotate.RedactSensitive()
}

}
```

These credentials can now be used to perform MinIO API operations, these credentials automatically expire in 1hr. To understand more about credential expiry duration and client grants STS API read further [here](https://github.com/minio/minio/blob/master/docs/sts/client-grants.md).

## Explore Further

- [MinIO STS Quickstart Guide](https://docs.min.io/community/minio-object-store/developers/security-token-service.html)

        this.leaseKey = leaseKey;
        this.reconnecting = false;
    }

    /**
     * Check if this handle has expired
     * @return true if expired
     */
    public boolean isExpired() {
        if (type == HandleType.PERSISTENT) {
            return false; // Persistent handles don't expire
        }
        long elapsed = System.currentTimeMillis() - lastAccessTime;
        return elapsed > timeout;
    }

     */
    @Size(max = 20)
    public String name;

    /**
     * The expiration time for the crawling session.
     * This field indicates when the crawling session should expire or be cleaned up.
     */
    public String expiredTime;

    /**
     * The timestamp when this crawling session was created.
     * Stored as a long value representing milliseconds since epoch.
     */

time="2020-07-12T20:45:50Z" level=info msg="config signing keys expire after: 3h0m0s"
time="2020-07-12T20:45:50Z" level=info msg="config id tokens valid for: 3h0m0s"
time="2020-07-12T20:45:50Z" level=info msg="listening (http) on 0.0.0.0:5556"
```

### Configure MinIO server with Dex

```
~ export MINIO_IDENTITY_OPENID_CLAIM_NAME=name

			Key:         apiStaleUploadsExpiry,
			Description: `set to expire stale multipart uploads older than this values` + defaultHelpPostfix(apiStaleUploadsExpiry),
			Optional:    true,
			Type:        "duration",
		},
		config.HelpKV{
			Key:         apiStaleUploadsCleanupInterval,
			Description: `set to change intervals when stale multipart uploads are expired` + defaultHelpPostfix(apiStaleUploadsCleanupInterval),
			Optional:    true,