minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-04-19 21:02:14 +03:00
Code
docs/source/developers/security-token-service.rst
Daryl White dbb34f4b3e
Adds STS info for Operator (#841) 
Creates a new page for STS tokens specifically for Operator.

Closes #792

Staged:
http://192.241.195.202:9000/staging/k8s-sts/developers/sts-for-operator.html
2023-05-04 14:51:44 -05:00

1.5 KiB
Raw Permalink Blame History

Security Token Service (STS)

minio

Table of Contents

The MinIO Security Token Service (STS) APIs allow applications to generate temporary credentials for accessing the MinIO deployment.

The STS API is required for MinIO deployments configured to use external identity managers, as the API allows conversion of the external IDP credentials into AWS Signature v4-compatible credentials.

STS API Endpoints

MinIO supports the following STS API endpoints:

Endpoint Supported IDP Description
AssumeRoleWithWebIdentity <minio-sts-assumerolewithwebidentity> OpenID Connect Generates an access key and secret key using the JWT token returned by the OIDC provider
AssumeRoleWithLDAPIdentity <minio-sts-assumerolewithldapidentity> Active Directory / LDAP Generates an access key and secret key using the AD/LDAP credentials specified to the API endpoint.
AssumeRoleWithCustomToken <minio-sts-assumerolewithcustomtoken> MinIO Identity Plugin Generates a token for use with an external identity provider and the MinIO Identity Plugin <minio-external-identity-management-plugin>.

/developers/security-token-service/*