diff --git a/CHANGELOG.md b/CHANGELOG.md index 287c1d796..a2fde1008 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,9 +15,9 @@ All notable changes to this project will be documented in this file. The format percentage as unit of measurement by default. - The API authorization mechanism has been reworked. The API now accepts a pair of `okr-client-id` and `okr-client-secret` headers to authorize clients. - Clients can be created using the admin interface. The existing - `okr-team-secret` header is considered deprecated and will continue to work - for existing clients until migrated. + The interface for managing client credentials can be found in the item + navigation bar. The existing `okr-team-secret` header is considered deprecated + and will continue to work for existing clients until migrated. ### Security diff --git a/functions/api/helpers.js b/functions/api/helpers.js index ff8d1087f..36465b6a6 100644 --- a/functions/api/helpers.js +++ b/functions/api/helpers.js @@ -245,7 +245,7 @@ export async function checkApiAuth(parentRef, req, res) { res.status(401).json({ message: `No API client \`${clientId}\` exists for '${parentName}'. Please ` + - 'create one using the OKR Tracker admin interface.', + 'create one in the OKR Tracker integrations admin.', }); return false; } @@ -264,7 +264,7 @@ export async function checkApiAuth(parentRef, req, res) { res.status(401).json({ message: `Invalid client secret provided for API client \`${clientId}\`. ` + - 'Check the OKR Tracker admin interface for how to rotate the secret.', + 'Check the OKR Tracker integrations admin for how to rotate the secret.', }); return false; } @@ -277,7 +277,7 @@ export async function checkApiAuth(parentRef, req, res) { res.status(401).json({ message: `'${parentData.name}' is not set up for API usage. Please set ` + - 'a secret using the OKR Tracker admin interface.', + 'a secret through the OKR Tracker integrations admin.', }); return false; }