post https://{applicationQualifiedDomain}.us.wristband.dev/api/v1/clients//verify-secret
Validates that the given secret is valid for the specified client.
Required Permissions
Below is the list of required permissions needed to interact with this API. For each permission the allowed permission boundaries are also specified.
Permission | Boundary | Description |
---|---|---|
client:verify-secret | Application | The subject can verify the secrets of all clients under the application that the subject belongs to. |
Tenant | The subject can verify the secrets of all clients associated to the tenant that the subject belongs to. | |
Tenant Inclusion List | The subject can verify the secrets of all clients associated to tenants specified in the tenant inclusion list. | |
Tenant Exclusion List | The subject can verify the secrets of all clients associated to tenants that belong to the subject's application but are not included in the tenant exclusion list. | |
Self | A client can verify its own secret. |