Only set secret key or client ID when not using auth token (#6994)

jnsdls · jnsdls · commit e8b2580ee790 · 2025-05-09T21:49:54.000Z
This PR modifies the header setting logic in `getClientFetch` to ensure that secret keys and client IDs are only set when not using an auth token. This prevents potential conflicts between different authentication methods by making the header setting logic mutually exclusive.
diff --git a/packages/thirdweb/src/utils/fetch.ts b/packages/thirdweb/src/utils/fetch.ts
@@ -70,14 +70,15 @@ export function getClientFetch(client: ThirdwebClient, ecosystem?: Ecosystem) {
         if (client.teamId) {
           headers.set("x-team-id", client.teamId);
         }
-      }
-
-      if (secretKey) {
-        headers.set("x-secret-key", secretKey);
-      }
+      } else {
+        // onlu set secret key or client id if we are NOT using the auth token!
+        if (secretKey) {
+          headers.set("x-secret-key", secretKey);
+        }
 
-      if (clientId) {
-        headers.set("x-client-id", clientId);
+        if (clientId) {
+          headers.set("x-client-id", clientId);
+        }
       }
 
       if (ecosystem) {
