Using the above `id_token` we can perform an STS request to MinIO to get temporary credentials for MinIO API operations. MinIO STS API uses [JSON Web Key Set Endpoint](https://docs.wso2.com/display/IS541/JSON+Web+Key+Set+Endpoint) to validate if JWT is valid and is properly signed.

## Results { #results }

With just that Python type declaration, **FastAPI** will:

* Read the body of the request as JSON.
* Convert the corresponding types (if needed).
* Validate the data.
    * If the data is invalid, it will return a nice and clear error, indicating exactly where and what was the incorrect data.
* Give you the received data in the parameter `item`.

			// mime package in MinIO, which correctly encodes strings with fixed B/Q encodings,
			// avoiding S3’s heuristic-driven issues.
			//
			// For MinIO developers, decode S3 metadata with mime.WordDecoder, validate outputs,
			// report encoding bugs to AWS, and use ASCII-only metadata to ensure reliable S3 API
			// compatibility.
			if needsMimeEncoding(v) {

     * Updates the LDAP configuration.
     */
    public void updateConfig() {
        isBind = false;
    }

    /**
     * Validates the LDAP connection.
     *
     * @return True if the LDAP connection is valid, otherwise false.
     */
    protected boolean validate() {
        if (!isBind) {
            if (fessConfig.getLdapAdminSecurityPrincipal() == null || fessConfig.getLdapAdminSecurityCredentials() == null) {

		return s.Delete(ctx, volume, path, DeleteOptions{
			Recursive: false,
			Immediate: false,
		})
	}

	volumeDir, err := s.getVolDir(volume)
	if err != nil {
		return err
	}

	// Validate file path length, before reading.
	filePath := pathJoin(volumeDir, path)
	if err = checkPathLength(filePath); err != nil {
		return err
	}

	var legacyJSON bool

	for i := range parts {
		if errs[i] == nil {
			if parts[i].Name == objectName {
				t.Errorf("path traversal allowed to allow writing to minioMetaBucket: %s", instanceType)
			}
		}
	}
}

// Tests validate bucket name.
func TestIsValidBucketName(t *testing.T) {
	testCases := []struct {
		bucketName string
		shouldPass bool
	}{
		// cases which should pass the test.
		// passing in valid bucket names.

/// info

To use `EmailStr`, first install <a href="https://github.com/JoshData/python-email-validator" class="external-link" target="_blank">`email-validator`</a>.

Make sure you create a [virtual environment](../virtual-environments.md){.internal-link target=_blank}, activate it, and then install it, for example:

```console
$ pip install email-validator
```

or with:

```console
$ pip install "pydantic[email]"
```

///

	// Setup and capture test results for directory with files and symlink.
	testResults = append(testResults, setupTestReadDirSymlink(t)...)

	// Remove all dirs once tests are over.
	defer teardown(testResults)

	// Validate all the results.
	for _, r := range testResults {
		if entries, err := readDir(r.dir); err != nil {
			t.Fatal("failed to run test.", err)
		} else {
			// Keep entries sorted for easier comparison.

    @Test
    @DisplayName("Parse accepts non-zero outer tag numbers (current implementation behavior)")
    void testParseAcceptsNonZeroOuterTag() throws Exception {
        // Note: The current implementation does not validate the outer APPLICATION tag number
        // This test documents the actual behavior - any tag number is accepted
        byte[] token =

	if err = json.Unmarshal(reqBytes, &updateReq); err != nil {
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErrWithErr(ErrAdminConfigBadJSON, err), r.URL)
		return
	}

	if err := updateReq.Validate(); err != nil {
		// Since this validation would happen client side as well, we only send
		// a generic error message here.
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrAdminResourceInvalidArgument), r.URL)