Vault gitlab jwt invalid issuer

Hi all,

vault auth enable jwt


path “secret/data/db” {
capabilities = [“read”]

Role gitlab-runner

“role_type”: “jwt”,
“policies”: [“dbserver”],
“token_explicit_max_ttl”: 60,
“user_claim”: “user_email”,
“bound_claims”: {
“project_id”: “2”

vault write auth/jwt/config


export VAULT_TOKEN=“$(vault write -field=token auth/jwt/login role=gitlab-runner jwt=$CI_JOB_JWT)”

It keeps failing, Error making API request, Code: 400. Errors invalid issuer.

If you’re using GitLab 15 or later you’ll need to use $CI_JOB_JWT_V1 instead of $CI_JOB_JWT.

Also, you’ll need to change the jwks_url and bound_issuer to reflect the URLs of the GitLab instance you’re using, assuming you’re not obfuscating your real URLs in this post.

Thanks working now, had to use https instead of http, those urls are fictitious, still using $CI_JOB_JWT, version