// hijacking the policies. We need to make sure that this is
	// based on admin credential such that token cannot be decoded
	// on the client side and is treated like an opaque value.
	claims, err := auth.ExtractClaims(token, secret)
	if err != nil {
		if subtle.ConstantTimeCompare([]byte(secret), []byte(globalActiveCred.SecretKey)) == 1 {
			return nil, errAuthentication
		}

//
// Conventions:
// * We use the prefix TF_ for everything in the API.
// * Objects are always passed around as pointers to opaque structs
//   and these structs are allocated/deallocated via the API.
// * TF_Status holds error information.  It is an object type
//   and therefore is passed around as a pointer to an opaque
//   struct as mentioned above.
// * Every call that has a TF_Status* argument clears it on success

	writeSuccessResponseXML(w, encodeResponse(response))
}

// AssumeRoleWithCustomToken implements user authentication with custom tokens.
// These tokens are opaque to MinIO and are verified by a configured (external)
// Identity Management Plugin.
//
// API endpoint: https://minio:9000?Action=AssumeRoleWithCustomToken&Token=xxx

Secret metadata: name: {{ template "minio.secretName" . }} namespace: {{ .Release.Namespace | quote }} labels: app: {{ template "minio.name" . }} chart: {{ template "minio.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} type: Opaque data: rootUser: {{ if .Values.rootUser }}{{ .Values.rootUser | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 20 | b64enc | quote }}{{ end }} rootPassword: {{ if .Values.rootPassword }}{{ .Values.rootPassword | toString | b64enc | quote }}{{...

		// Valid URL style endpoint is
		// - Scheme field must contain "http" or "https"
		// - All field should be empty except Host and Path.
		if !((u.Scheme == "http" || u.Scheme == "https") &&
			u.User == nil && u.Opaque == "" && !u.ForceQuery && u.RawQuery == "" && u.Fragment == "") {
			return ep, fmt.Errorf("invalid URL endpoint format")
		}

		var port string
		host, port, err = net.SplitHostPort(u.Host)
		if err != nil {

// off, and an execution operation for named operations. Often execution will
// simply wrap op execution on one or more physical devices.
//
// device_info is an opaque caller-defined type stored with the custom device
// which is passed to the functions referenced in the TFE_CustomDevice struct
// `device` (execute, delete_device, etc.). It can for example contain the

.Values.existingSecret }} apiVersion: v1 kind: Secret metadata: name: {{ template "minio.secretName" . }} labels: app: {{ template "minio.name" . }} chart: {{ template "minio.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} type: Opaque data: rootUser: {{ if .Values.rootUser }}{{ .Values.rootUser | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 20 | b64enc | quote }}{{ end }} rootPassword: {{ if .Values.rootPassword }}{{ .Values.rootPassword | toString | b64enc | quote }}{{...

```
KEY:
notify_webhook[:name]  publish bucket notifications to webhook endpoints

ARGS:
endpoint*    (url)       webhook server endpoint e.g. http://localhost:8080/minio/events
auth_token   (string)    opaque string or JWT authorization token
queue_dir    (path)      staging dir for undelivered messages e.g. '/home/events'
queue_limit  (number)    maximum limit for undelivered messages, defaults to '100000'

.Values.existingSecret }} apiVersion: v1 kind: Secret metadata: name: {{ template "minio.secretName" . }} labels: app: {{ template "minio.name" . }} chart: {{ template "minio.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} type: Opaque data: rootUser: {{ if .Values.rootUser }}{{ .Values.rootUser | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 20 | b64enc | quote }}{{ end }} rootPassword: {{ if .Values.rootPassword }}{{ .Values.rootPassword | toString | b64enc | quote }}{{...

.Values.existingSecret }} apiVersion: v1 kind: Secret metadata: name: {{ template "minio.secretName" . }} labels: app: {{ template "minio.name" . }} chart: {{ template "minio.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} type: Opaque data: rootUser: {{ if .Values.rootUser }}{{ .Values.rootUser | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 20 | b64enc | quote }}{{ end }} rootPassword: {{ if .Values.rootPassword }}{{ .Values.rootPassword | toString | b64enc | quote }}{{...