IAMAwsProvider throws 'JWTSupplier JWT Token supplier cannot be null" error

[SM-Software]

I am using the minio operator and deploy the sts service with minio tenant.
And I am trying to get the temporary credentials for the application using .net sdk (following the example here

But I am getting below error while running the image as a job:

Value cannot be null. (Parameter 'JWTSupplier JWT Token supplier cannot be null.')
at Minio.Credentials.WebIdentityClientGrantsProvider1.Validate() in /root/.q/sources/minio-dotnet/Minio/Credentials/WebIdentityClientGrantsProvider.cs:line 80 at Minio.Credentials.WebIdentityProvider.WithJWTSupplier(Func1f) in /root/.q/sources/minio-dotnet/Minio/Credentials/WebIdentityProvider.cs:line 64
at Minio.Credentials.IAMAWSProvider.GetAccessCredentials(String tokenFile) in /root/.q/sources/minio-dotnet/Minio/Credentials/IAMAWSProvider.cs:line 99
at Minio.Credentials.IAMAWSProvider.GetCredentialsAsync() in /root/.q/sources/minio-dotnet/Minio/Credentials/IAMAWSProvider.cs:line 155
at Minio.Credentials.IAMAWSProvider.WithMinioClient(MinioClient minio) in /root/.q/sources/minio-dotnet/Minio/Credentials/IAMAWSProvider.cs:line 232
at sts.Example.Main(String[] args) in /app/Program.cs:line 82

version of minio dot net sdk: 6.0.0
.net version: 7.0 ( basically using the same project provided in the example)

Note: I am using the same setup with the python image and its working fine!

YAML file for the reference:

apiVersion: v1
kind: Namespace
metadata:
  name: sts-client
---
apiVersion: v1
kind: ServiceAccount
metadata:
  namespace: sts-client
  name: stsclient-sa
---
apiVersion: v1
kind: Secret
metadata:
  name: sts-client-secret
  namespace: sts-client
  annotations:
    kubernetes.io/service-account.name: stsclient-sa
type: kubernetes.io/service-account-token
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: sts-policy
  namespace: sts-client
data:
  policy.json: |
    {
      "Version": "2012-10-17",
      "Statement": [
        {
          "Effect": "Allow",
          "Action": [
            "s3:GetBucketLocation",
            "s3:ListAllMyBuckets"
          ],
          "Resource": "arn:aws:s3:::*"
        }
      ]
    }
---
apiVersion: batch/v1
kind: Job
metadata:
  name: sts-example-job
  namespace: sts-client
spec:
  backoffLimit: 10
  template:
    spec:
      restartPolicy: OnFailure
      serviceAccountName: stsclient-sa
      serviceAccount: stsclient-sa
      containers:
        - name: sts-client
          image: sts-net-image:v1.0
          imagePullPolicy: IfNotPresent
          env:
            - name: MINIO_ENDPOINT
              value: https://minio.tenant-kms-encrypted.svc.cluster.local:443
            - name: STS_ENDPOINT
              value: https://sts.minio-operator.svc.cluster.local:4223/sts
            - name: TENANT_NAMESPACE
              value: tenant-kms-encrypted
            - name: BUCKET
              value: test-bucket1
            - name: AWS_WEB_IDENTITY_TOKEN_FILE
              value: /var/run/secrets/kubernetes.io/serviceaccount/token
            - name: STS_POLICY
              value: /tmp/policy.json
            - name: STS_CA_PATH # When Certmanager is used will load the ca in this file
              value: /var/run/secrets/sts.min.io/ca.crt
            - name: KUBERNETES_CA_PATH
              value: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
            - name: AWS_REGION
              value: us-east-1
          volumeMounts:
            - name: sts-policy
              mountPath: /tmp/policy.json
              subPath: policy.json
            - name: tenant-certmanager-tls
              mountPath: /var/run/secrets/sts.min.io/
      volumes:
        - name: sts-policy
          configMap:
            name: sts-policy
            defaultMode: 0744
        - name: tenant-certmanager-tls
          projected:
            sources:
              - secret:
                  name: tenant-certmanager-tls
                  optional: true
                  items:
                    - key: ca.crt
                      path: ca.crt