You will also get autocompletion for the payload to send:

<img src="/img/tutorial/generate-clients/image03.png">

/// tip

Notice the autocompletion for `name` and `price`, that was defined in the FastAPI application, in the `Item` model.

///

You will have inline errors for the data that you send:

<img src="/img/tutorial/generate-clients/image04.png">

```
curl -X PUT --data-binary @example.rego \
  localhost:8181/v1/policies/putobject
```

### 4. Setup MinIO with OPA

Set the `MINIO_POLICY_PLUGIN_URL` as the endpoint that MinIO should send authorization requests to. Then start the server.

```sh
export MINIO_POLICY_PLUGIN_URL=http://localhost:8181/v1/data/httpapi/authz/allow
export MINIO_CI_CD=1
export MINIO_ROOT_USER=minio

			os.Exit(0)
		}

		os.Exit(1)
	}

	stopProcess := func() bool {
		shutdownHealMRFWithTimeout() // this can take time sometimes, it needs to be executed
		// before stopping s3 operations

		// send signal to various go-routines that they need to quit.
		cancelGlobalContext()

		if httpServer := newHTTPServerFn(); httpServer != nil {
			if err := httpServer.Shutdown(); err != nil && !errors.Is(err, http.ErrServerClosed) {

                state = 0;
                throw ioe;
            }
        }
    }

    /**
     * Sends a DCERPC message and receives the response
     * @param msg the message to send
     * @throws DcerpcException if the RPC operation fails
     * @throws IOException if an I/O error occurs
     */
    public void sendrecv(final DcerpcMessage msg) throws DcerpcException, IOException {

    void getSendBufferSize_throws() throws Exception {
        // Arrange
        when(handle.getSendBufferSize()).thenThrow(new CIFSException("send size failed"));

        // Act + Assert
        CIFSException ex = assertThrows(CIFSException.class, () -> handle.getSendBufferSize());
        assertEquals("send size failed", ex.getMessage());
        verify(handle).getSendBufferSize();
    }

    @Test

```

## Example

MinIO exposes a custom S3 STS API endpoint as `Action=AssumeRoleWithCertificate`. A client has to send an HTTP `POST` request to `https://<host>:<port>?Action=AssumeRoleWithCertificate&Version=2011-06-15`. Since the authentication and authorization happens via X.509 certificates the client has to send the request over **TLS** and has to provide
a client certificate.

Then, the browser will send an HTTP `OPTIONS` request to the `:80`-backend, and if the backend sends the appropriate headers authorizing the communication from this different origin (`http://localhost:8080`) then the `:8080`-browser will let the JavaScript in the frontend send its request to the `:80`-backend.

To achieve this, the `:80`-backend must have a list of "allowed origins".

We are going to use **FastAPI** security utilities to get the `username` and `password`.

OAuth2 specifies that when using the "password flow" (that we are using) the client/user must send a `username` and `password` fields as form data.

And the spec says that the fields have to be named like that. So `user-name` or `email` wouldn't work.

		return
	}

	if err = validateConfig(ctx, cfg, subSys); err != nil {
		var validationErr ldap.Validation
		if errors.As(err, &validationErr) {
			// If we got an LDAP validation error, we need to send appropriate
			// error message back to client (likely mc).
			writeCustomErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrAdminConfigLDAPValidation),
				validationErr.FormatError(), r.URL)
			return
		}

public enum RdmaCapability {
    /**
     * Remote direct read operations
     */
    RDMA_READ,

    /**
     * Remote direct write operations
     */
    RDMA_WRITE,

    /**
     * Traditional send/receive with RDMA
     */
    RDMA_SEND_RECEIVE,

    /**
     * Dynamic memory registration
     */
    MEMORY_REGISTRATION,

    /**
     * Fast memory region registration
     */