Fix LDAP responseXML to be named appropriately (#8285)

This PR additionally also adds support for missing - Session policy support for AD/LDAP - Add API request/response parameters detail - Update example to take ldap username, password input from the command line - Fixes session policy handling for ClientGrants and WebIdentity
2025-12-08 16:53:11 -05:00 · 2019-09-23 15:21:16 -07:00
parent 975134e42b
commit 77dc2031a2
8 changed files with 190 additions and 58 deletions
--- a/docs/sts/web-identity.md
+++ b/docs/sts/web-identity.md
@@ -3,7 +3,24 @@ Calling AssumeRoleWithWebIdentity does not require the use of MinIO default cred

 By default, the temporary security credentials created by AssumeRoleWithWebIdentity last for one hour. However, use the optional DurationSeconds parameter to specify the duration of the credentials. This value varies from 900 seconds (15 minutes) up to the maximum session duration to 12 hours.

-### Request Parameters
+### API Request Parameters
+#### WebIdentityToken
+The OAuth 2.0 access token that is provided by the web identity provider. Application must get this token by authenticating the user who is using your application with a web identity provider before the application makes an AssumeRoleWithWebIdentity call.
+
+| Params               | Value                                          |
+| :--                  | :--                                            |
+| *Type*               | *String*                                       |
+| *Length Constraints* | *Minimum length of 4. Maximum length of 2048.* |
+| *Required*           | *Yes*                                          |
+
+#### Version
+Indicates STS API version information, the only supported value is '2011-06-15'. This value is borrowed from AWS STS API documentation for compatibility reasons.
+
+| Params     | Value    |
+| :--        | :--      |
+| *Type*     | *String* |
+| *Required* | *Yes*    |
+
 #### DurationSeconds
 The duration, in seconds. The value can range from 900 seconds (15 minutes) up to 12 hours. If value is higher than this setting, then operation fails. By default, the value is set to 3600 seconds.

@@ -22,23 +39,6 @@ An IAM policy in JSON format that you want to use as an inline session policy. T
 | *Valid Range* | *Minimum length of 1. Maximum length of 2048.* |
 | *Required*    | *No*                                           |

-#### WebIdentityToken
-The OAuth 2.0 access token that is provided by the web identity provider. Application must get this token by authenticating the user who is using your application with a web identity provider before the application makes an AssumeRoleWithWebIdentity call.
-
-| Params               | Value                                          |
-| :--                  | :--                                            |
-| *Type*               | *String*                                       |
-| *Length Constraints* | *Minimum length of 4. Maximum length of 2048.* |
-| *Required*           | *Yes*                                          |
-
-#### Version
-Indicates STS API version information, the only supported value is '2011-06-15'. This value is borrowed from AWS STS API documentation for compatibility reasons.
-
-| Params     | Value    |
-| :--        | :--      |
-| *Type*     | *String* |
-| *Required* | *Yes*    |
-
 #### Response Elements
 XML response for this API is similar to [AWS STS AssumeRoleWithWebIdentity](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html#API_AssumeRoleWithWebIdentity_ResponseElements)