Currently Duplicacy supports authenticating with Amazon S3 using an access key and secret key, which serves most use cases. However, it would be great if it also supported AWS session tokens. These can be granted by the AWS Security Token Service (AWS STS) to provide temporary access to AWS resources.
Currently the session token is hardcoded to an empty string (as shown below). This request is to allow the user to be able to pass in the value of the token somehow, perhaps via an environment variable (akin to DUPLICACY_S3_ID and DUPLICACY_S3_SECRET).
When STS is used to generate the credentials then the user must supply all three parameters (accessKey, secretKey and token).
For more information on STS