```
{
  buckets: [ ],
  credentials: {
    AccessKeyID: "EJOLVY3K3G4BF37YD1A0",
    SecretAccessKey: "1b+w8LlDqMQOquKxIlZ2ggP+bgE51iwNG7SUVPJJ",

##### Credentials
{
 "accessKey": "IRBLVDGN5QGMDCMO1X8V",
 "secretKey": "KzS3UZKE7xqNdtRbKyfcWgxBS6P1G4kwZn4DXKuY",
 "expiration": "2018-08-21T15:49:38-07:00",

    }

    @Test
    public void test_inheritanceFromFessSystemException() {
        // Test that InvalidAccessTokenException is properly inherited from FessSystemException
        String type = "SessionToken";
        String message = "Session expired";
        InvalidAccessTokenException exception = new InvalidAccessTokenException(type, message);

        assertTrue(exception instanceof FessSystemException);

```
{
  "buckets": [
    "bucket-x"
  ],
  "credentials": {
    "AccessKeyID": "6N2BALX7ELO827DXS3GK",
    "SecretAccessKey": "23JKqAD+um8ObHqzfIh+bfqwG9V8qs9tFY6MqeFR+xxx",

	s.RestartTestServer(c)

	s.iamSetup(c)
}

func (s *TestSuiteIAM) getAdminClient(c *check, accessKey, secretKey, sessionToken string) *madmin.AdminClient {
	madmClnt, err := madmin.NewWithOptions(s.endpoint, &madmin.Options{
		Creds:  credentials.NewStaticV4(accessKey, secretKey, sessionToken),
		Secure: s.secure,
	})
	if err != nil {
		c.Fatalf("error creating user admin client: %s", err)
	}

```
{
  "buckets": [
    "bucket-x"
  ],
  "credentials": {
    "AccessKeyID": "6N2BALX7ELO827DXS3GK",
    "SecretAccessKey": "23JKqAD+um8ObHqzfIh+bfqwG9V8qs9tFY6MqeFR+xxx",

func (f *sftpDriver) getMinIOClient() (*minio.Client, error) {
	mcreds := credentials.NewStaticV4(
		f.permissions.CriticalOptions["AccessKey"],
		f.permissions.CriticalOptions["SecretKey"],
		f.permissions.CriticalOptions["SessionToken"],
	)
	// Set X-Forwarded-For on all requests.
	tr := http.RoundTripper(globalRemoteFTPClientTransport)
	if f.remoteIP != "" {
		tr = forwardForTransport{tr: tr, fwd: f.remoteIP}
	}

			}
		case "SecretKey":
			z.SecretKey, err = dc.ReadString()
			if err != nil {
				err = msgp.WrapError(err, "SecretKey")
				return
			}
		case "SessionToken":
			z.SessionToken, err = dc.ReadString()
			if err != nil {
				err = msgp.WrapError(err, "SessionToken")
				return
			}
		default:
			err = dc.Skip()
			if err != nil {
				err = msgp.WrapError(err)
				return
			}
		}
	}
	return
}

		// non-empty session tokens.
		if (!cred.IsServiceAccount() && !cred.IsTemp()) ||
			cred.SessionToken == "" {
			continue
		}

		var (
			err    error
			claims *jwt.MapClaims
		)

		if cred.IsServiceAccount() {
			claims, err = getClaimsFromTokenWithSecret(cred.SessionToken, cred.SecretKey)
		} else if cred.IsTemp() {
			var secretKey string

	}

	// Check that the LDAP sts cred is actually working.
	minioClient, err := minio.New(s.endpoint, &minio.Options{
		Creds:     cr.NewStaticV4(value.AccessKeyID, value.SecretAccessKey, value.SessionToken),
		Secure:    s.secure,
		Transport: s.TestSuiteCommon.client.Transport,
	})
	if err != nil {
		c.Fatalf("Error initializing client: %v", err)
	}