fix: reject client_secret without client_id to prevent wrong-tenant data (#135)

* fix: reject client_secret without client_id to prevent wrong-tenant data

If client_secret (license key) is set without client_id, the SDK
would silently use 'community' as the tenant identity. All data
would be stored under the wrong tenant, causing data loss on
upgrade when client_id is eventually set correctly.

* fix: wrap long line to pass ruff linter (100 char limit)

* fix: assign error message to variable per ruff EM101 rule

Author: saurabhjain1592

axonflow/client.py

@@ -390,6 +390,14 @@ def __init__(
         }
         # Always send Basic auth — server derives tenant from clientId.
         # Uses effective client_id ("community" default when not configured).
+        # Reject client_secret without client_id — licensed mode must specify tenant.
+        if client_secret and not client_id:
+            msg = (
+                "client_id is required when client_secret is set. "
+                "Set client_id to your tenant identity to avoid "
+                "data being stored under the wrong tenant."
+            )
+            raise ValueError(msg)
         effective_client_id = client_id or "community"
         credentials = f"{effective_client_id}:{client_secret or ''}"
         encoded = base64.b64encode(credentials.encode()).decode()