custom claim 권한체크 확인

devfront/tests/clients.spec.ts

@@ -50,6 +50,43 @@ test("clients page loads correctly", async ({ page }) => {
   ).toBeVisible();
 });
 
+test("clients page shows Tenant-limited only for tenant access restricted RP", async ({
+  page,
+}) => {
+  await seedAuth(page, "super_admin");
+  await installDevApiMock(page, {
+    clients: [
+      makeClient("client-limited", {
+        name: "Limited RP",
+        createdAt: "2026-05-02T00:00:00.000Z",
+        metadata: {
+          tenant_access_restricted: true,
+          allowed_tenants: ["tenant-1"],
+        },
+      }),
+      makeClient("client-open", {
+        name: "Open RP",
+        createdAt: "2026-05-01T00:00:00.000Z",
+        metadata: {
+          tenant_access_restricted: false,
+          allowed_tenants: [],
+        },
+      }),
+    ],
+    consents: [] as Consent[],
+    auditLogsByCursor: undefined,
+  });
+
+  await page.goto("/clients");
+
+  const limitedRow = page.locator("tbody tr", { hasText: "Limited RP" });
+  await expect(limitedRow).toContainText("Tenant-limited");
+
+  const openRow = page.locator("tbody tr", { hasText: "Open RP" });
+  await expect(openRow).not.toContainText("Tenant-limited");
+  await expect(page.getByText("Tenant-scoped")).toHaveCount(0);
+});
+
 test("overview page shows recent RP changes", async ({ page }) => {
   await seedAuth(page, "super_admin");
   await installDevApiMock(page, {