We accidentally returned an empty response instead of a nil response on successfully writing a role, which suppressed the "Success!" message. This confused users.
Also, when returning a 401 for a login error, the errors are dropped. It is not possible to return a 401 and display the errors cleanly in Vault. So, we changed the response on login errors to 400 (a standard logical.ErrorResponse), which matches other plugins' behavior.
This is not 100% backwards compatible, but I think that the consistent behavior with other plugins and the error messages being reported is worth it.
swenson
commented
1 year ago
We accidentally returned an empty response instead of a nil response on successfully writing a role, which suppressed the "Success!" message. This confused users.
Also, when returning a 401 for a login error, the errors are dropped. It is not possible to return a 401 and display the errors cleanly in Vault. So, we changed the response on login errors to 400 (a standard
logical.ErrorResponse), which matches other plugins' behavior.This is not 100% backwards compatible, but I think that the consistent behavior with other plugins and the error messages being reported is worth it.