diff --git a/vault/core.go b/vault/core.go
index d6072249ed58..8a29f1aae14d 100644
--- a/vault/core.go
+++ b/vault/core.go
@@ -1171,6 +1171,7 @@ func (c *Core) sealInitCommon(req *logical.Request) (retErr error) {
 		Policies:    te.Policies,
 		Metadata:    te.Meta,
 		DisplayName: te.DisplayName,
+		EntityID:    te.EntityID,
 	}
 
 	if err := c.auditBroker.LogRequest(auth, req, c.auditedHeaders, nil); err != nil {
@@ -1277,6 +1278,7 @@ func (c *Core) StepDown(req *logical.Request) (retErr error) {
 		Policies:    te.Policies,
 		Metadata:    te.Meta,
 		DisplayName: te.DisplayName,
+		EntityID:    te.EntityID,
 	}
 
 	if err := c.auditBroker.LogRequest(auth, req, c.auditedHeaders, nil); err != nil {
diff --git a/vault/request_handling.go b/vault/request_handling.go
index 0297242219f0..3c9d1a489292 100644
--- a/vault/request_handling.go
+++ b/vault/request_handling.go
@@ -461,6 +461,7 @@ func (c *Core) handleLoginRequest(req *logical.Request) (*logical.Response, *log
 			CreationTime: time.Now().Unix(),
 			TTL:          auth.TTL,
 			NumUses:      auth.NumUses,
+			EntityID:     auth.EntityID,
 		}
 
 		te.Policies = policyutil.SanitizePolicies(te.Policies, true)