From 3abfcc178bd1a912559cf5dfe196abf121581abc Mon Sep 17 00:00:00 2001 From: Saurabh Jain Date: Sun, 5 Apr 2026 01:49:42 +0200 Subject: [PATCH] fix: reject clientSecret without clientId to prevent wrong-tenant data If clientSecret (license key) is set without clientId, the SDK would silently use 'community' as the tenant identity. All data would be stored under the wrong tenant, causing data loss on upgrade when clientId is eventually set correctly. --- src/main/java/com/getaxonflow/sdk/AxonFlow.java | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/main/java/com/getaxonflow/sdk/AxonFlow.java b/src/main/java/com/getaxonflow/sdk/AxonFlow.java index 34a3ea9..0ffa305 100644 --- a/src/main/java/com/getaxonflow/sdk/AxonFlow.java +++ b/src/main/java/com/getaxonflow/sdk/AxonFlow.java @@ -133,6 +133,17 @@ public final class AxonFlow implements Closeable { private AxonFlow(AxonFlowConfig config) { this.config = Objects.requireNonNull(config, "config cannot be null"); + + // Reject clientSecret without clientId — licensed mode must specify tenant + if (config.getClientSecret() != null + && !config.getClientSecret().isEmpty() + && (config.getClientId() == null || config.getClientId().isEmpty())) { + throw new ConfigurationException( + "clientId is required when clientSecret is set. " + + "Set clientId to your tenant identity to avoid data being stored under the wrong tenant.", + "clientId"); + } + this.httpClient = HttpClientFactory.create(config); this.objectMapper = createObjectMapper(); this.retryExecutor = new RetryExecutor(config.getRetryConfig());