Does anyone know how to configure bootstrap.yml to tell Spring Cloud Vault to go to the correct path for k2 v2 and not try other paths first?

I can successfully connect to my Vault, running k2 v2, but Spring Cloud will always try to connect to paths in the vault that don't exist, throwing a 403 on startup.

Status 403 Forbidden dsecret/application]: permission denied; nested exception is org.springframework.web.client.HttpClientErrorException$Forbidden: 403 Forbidden

The above path, secret/application, doesn't exist because k2 v2 puts data in the path. For example: secret/data/application.

This isn't a show-stopper because Spring Cloud Vault does check other paths, including the correct one that has the data item in the path, but the fact a meaningless 403 is thrown during startup is like a splinter in my mind.

Ultimately, it does try the correct k2 v2 path

2019-03-18 12:22:46.611  INFO 77685 --- O  restartedMain] b.c.PropertySourceBootstrapConfiguration : Located property source: CompositePropertySource {name='vault', propertySources=eLeaseAwareVaultPropertySource {name='secret/data/my-app'}

My configuration

    spring.cloud.vault:
      kv:
        enabled: true
        backend: secret
        profile-separator: '/'
        default-context: my-app
        application-name: my-app
      host: localhost
      port: 8200
      scheme: http
      authentication: TOKEN
      token: my-crazy-long-token-string