--- layout: docs page_title: 'Commands: Intention Check' sidebar_title: check --- # Consul Intention Check Command: `consul intention check` The `intention check` command checks whether a connection attempt between two services would be authorized given the current set of intentions and Consul configuration. This command requires less ACL permissions than other intention-related tasks because no information about the intention is revealed. Therefore, callers only need to have `service:read` access for the destination. Richer commands like [match](/docs/commands/intention/match) require full intention read permissions and don't evaluate the result. ## Usage Usage: `consul intention check [options] SRC DST` #### API Options @include 'http_api_options_client.mdx' ## Examples ```text $ consul intention check web db Denied $ consul intention check web billing Allowed ```