From 20968f54b2ee1d5528b5b8ebc13a0470159db121 Mon Sep 17 00:00:00 2001
From: Johannes Schneider <johannes.schneider@bosch-si.com>
Date: Tue, 5 Nov 2019 15:40:49 +0100
Subject: [PATCH] added javadoc to clarify that client secrets are not sent to
 a Ditto backend

Signed-off-by: Johannes Schneider <johannes.schneider@bosch-si.com>
---
 .../ClientCredentialsAuthenticationConfiguration.java           | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/java/src/main/java/org/eclipse/ditto/client/configuration/ClientCredentialsAuthenticationConfiguration.java b/java/src/main/java/org/eclipse/ditto/client/configuration/ClientCredentialsAuthenticationConfiguration.java
index f71fd827..d4c73ae1 100644
--- a/java/src/main/java/org/eclipse/ditto/client/configuration/ClientCredentialsAuthenticationConfiguration.java
+++ b/java/src/main/java/org/eclipse/ditto/client/configuration/ClientCredentialsAuthenticationConfiguration.java
@@ -181,6 +181,8 @@ public ClientCredentialsAuthenticationConfigurationBuilder clientId(final String
 
         /**
          * Sets the client secret to authenticate.
+         * <p/>
+         * The secret will <strong>never</strong> be sent to a Ditto backend but directly to the configured endpoint.
          *
          * @param clientSecret the client secret.
          * @return this builder.