---
layout: docs
page_title: 'Commands: Intention Check'
sidebar_title: 'check'
sidebar_current: docs-commands-intention-check
---

# Consul Intention Check

Command: `consul intention check`

The `intention check` command checks whether a connection attempt between
two services would be authorized given the current set of intentions and
Consul configuration.

This command requires less ACL permissions than other intention-related
tasks because no information about the intention is revealed. Therefore,
callers only need to have `service:read` access for the destination. Richer
commands like [match](/docs/commands/intention/match.html) require full
intention read permissions and don't evaluate the result.

## Usage

Usage: `consul intention check [options] SRC DST`

#### API Options

@include 'http_api_options_client.mdx'

## Examples

```text
$ consul intention check web db
Denied

$ consul intention check web billing
Allowed
```