Identify secret-id-accessor from secret-id

One of our users has accidentally logged their secret-id
So now I want to destroy it. But the secret-id is useless to me in the api/cli - only the secret-id-accessor is useful. A list of secret-ids will give me a list of accessors. The role-id in question has 5 secrets associated with it. I would prefer to only have to destroy the leaked one. But how can I work out which one it is? Clearly api/cli won’t give me any secret-id so I’ll never find it that way.
Any ideas? Is there a way to login using a secret and then query which secret-id-accessor you’re actually using? Any way, given a role-id/secret-id combo to get the secret-id-accessor so I can actually do something to the secret?
Meanwhile, I have a leaked secret I can’t destroy.

Ooh, perhaps I was wrong. If I do a lookup in the cli using the secret-id, it returns the accessor. I may be ok.