Hello @Alf015,  I found two thing that may be causing this issue.  First, the "vault.namespace" should not have the "/" at the end:  https://docs.spring.io/spring-vault/docs/2.3.x/reference/html/#vault.core.environment-vault-configuration On the Paramenter Provider, "key value path" should be only "secret", all the rest is taken from the header.  https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi/nifi-hashicorp-vault-nar/1.28.0/org.apache.nifi.vault.hashicorp.HashiCorpVaultParameterProvider/  Try those changes and let us know if this fails.  If it does, maybe the Debug level for those modules can provide more information:  <logger name="org.apache.nifi.vault" level="DEBUG"/> <logger name="org.apache.nifi.parameter" level="DEBUG"/> <logger name="org.springframework.vault" level="DEBUG"/> ... View more

Thanks for the reminder regarding the semantic of merge-param-context. I overlooked the contents of the help and my initial posting. Regards ... View more

Based on the initial input in the question, slightly adapted the following seems to work for me (1.27.0) docker run --rm --name nifi -p 8080:8080 \ -e NIFI_WEB_HTTP_PORT=8080 \ -e NIFI_WEB_HTTPS_PORT= \ -e NIFI_WEB_HTTPS_HOST= \ -e NIFI_SECURITY_KEYSTORE= \ -e NIFI_SECURITY_KEYSTOREPASSWD= \ -e NIFI_SECURITY_KEYPASSWD= \ -e NIFI_SECURITY_TRUSTSTORE= \ -e NIFI_SECURITY_TRUSTSTOREPASSWD= \ apache/nifi:1.27.0 --- --- from container nifi@xxxxxxxxxxxx:/opt/nifi/nifi-toolkit-current/bin$ ./cli.sh _ ___ _ Apache (_) .' ..](_) , _ .--. __ _| |_ __ )\ [ `.-. | [ |'-| |-'[ | / \ | | | | | | | | | | ' ' [___||__][___][___] [___]', ,' `' CLI v1.27.0 Type 'help' to see a list of available commands, use tab to auto-complete. Session loaded from /home/nifi/.nifi-cli.config #> nifi get-root-id xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ... View more