HashiCorp Vault plugin fails to loginByAppRole with HTTP status code 400

Article ID:4404261195803
1 minute readKnowledge base

Issue

After upgrading the HashiCorp Vault plugin to a version between 2.3.0 and 3.6.0, trying to use vault credentials will fail with the error:

com.bettercloud.vault.VaultException: Vault responded with HTTP status code: 400
Response body: {"errors":["missing client token"]}

	at com.bettercloud.vault.api.Auth.loginByAppRole(Auth.java:524)
	at com.datapipe.jenkins.vault.credentials.VaultAppRoleCredential.getToken(VaultAppRoleCredential.java:54)
Caused: com.datapipe.jenkins.vault.exception.VaultPluginException: could not log in into vault
...

Resolution

Upgrade the HashiCorp Vault plugin to version 3.6.1 or newer.

The fix to the issue was https://github.com/jenkinsci/hashicorp-vault-plugin/pull/123 which is included in the 3.6.1 release.

Tested product/plugin versions

CloudBees Jenkins Platform 2.263.4.2