## Sample `POST` Request

```
http://minio:9000/?Action=AssumeRole&DurationSeconds=3600&Version=2011-06-15&Policy={"Version":"2012-10-17","Statement":[{"Sid":"Stmt1","Effect":"Allow","Action":"s3:*","Resource":"arn:aws:s3:::*"}]}&AUTHPARAMS
```

## Sample Response

```
<?xml version="1.0" encoding="UTF-8"?>
<AssumeRoleResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">

	actionValue := m["action"].(string)

	// Allow user `minio` to perform any action.
	var res Result
	if accountValue == "minio" {
		res.Result = true
	} else {
		// All other users may not perform any `s3:Put*` operations.
		res.Result = true
		if strings.HasPrefix(actionValue, "s3:Put") {
			res.Result = false
		}
	}
	fmt.Printf("account: %v | action: %v | allowed: %v\n", accountValue, actionValue, res.Result)

    protected String groupPrefix = "{group}";

    /** Prefix used to identify user-based permissions */
    protected String userPrefix = "{user}";

    /** Prefix used to identify allow permissions */
    protected String allowPrefix = "(allow)";

    /** Prefix used to identify deny permissions */
    protected String denyPrefix = "(deny)";

    /** System helper for user/group/role search operations */
    @Resource

    }
    return Integer.MAX_VALUE
  }

  companion object {
    /**
     * How many redirects and auth challenges should we attempt? Chrome follows 21 redirects; Firefox,
     * curl, and wget follow 20; Safari follows 16; and HTTP/1.0 recommends 5.
     */
    private const val MAX_FOLLOW_UPS = 20
  }

    # o isEntityJavaDocDbCommentValid: (NotRequired - Default true)
    #  Does it allow DB comment to be on java-doc?
    #
    #; isEntityJavaDocDbCommentValid = true
    # - - - - - - - - - -/

    # /- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    # o isEntityDBMetaDbCommentValid: (NotRequired - Default false)
    #  Does it allow DB comment to be on DB meta of entity?
    #
    #; isEntityDBMetaDbCommentValid = false

			sshPrivateKey = tokens[1]
		case "pub-key-algos":
			allowPubKeys = filterAlgos(arg, strings.Split(tokens[1], ","), supportedPubKeyAuthAlgos)
		case "kex-algos":
			allowKexAlgos = filterAlgos(arg, strings.Split(tokens[1], ","), supportedKexAlgos)
		case "cipher-algos":
			allowCiphers = filterAlgos(arg, strings.Split(tokens[1], ","), supportedCiphers)
		case "mac-algos":

## Creating a hotfix branch

Customers in MinIO are allowed LTS on any release they choose to standardize. Production setups seldom change and require maintenance. Hotfix branches are such maintenance branches that allow customers to operate a production cluster without drastic changes to their deployment.

## Backporting a fix

### 2. Configure authentication type for Prometheus metrics

MinIO supports two authentication modes for Prometheus either `jwt` or `public`, by default MinIO runs in `jwt` mode. To allow public access without authentication for prometheus metrics set environment as follows.

```
export MINIO_PROMETHEUS_AUTH_TYPE="public"
minio server ~/test
```

### 3. Configuring Prometheus

#### 3.1 Authenticated Prometheus config

# Header Parameter Models { #header-parameter-models }

If you have a group of related **header parameters**, you can create a **Pydantic model** to declare them.

This would allow you to **re-use the model** in **multiple places** and also to declare validations and metadata for all the parameters at once. 😎

/// note

This is supported since FastAPI version `0.115.0`. 🤓

///

                maxAttemptsPerIp, maxGlobalAttemptsPerMinute);
    }

    /**
     * Check if authentication attempt is allowed
     *
     * @param username the username attempting authentication
     * @param sourceIp the source IP address
     * @return true if attempt is allowed, false if rate limited
     * @throws SmbException if account is locked out
     */