diff --git a/src/main/java/com/bettercloud/vault/api/Logical.java b/src/main/java/com/bettercloud/vault/api/Logical.java
index b6a379ac..3f8d545e 100644
--- a/src/main/java/com/bettercloud/vault/api/Logical.java
+++ b/src/main/java/com/bettercloud/vault/api/Logical.java
@@ -91,8 +91,8 @@ private LogicalResponse read(final String path, Boolean shouldRetry, final logic
                         .sslContext(config.getSslConfig().getSslContext())
                         .get();
 
-                // Validate response
-                if (restResponse.getStatus() != 200) {
+                // Validate response - don't treat 4xx class errors as exceptions, we want to return an error as the response
+                if (restResponse.getStatus() != 200 && !(restResponse.getStatus() >= 400 && restResponse.getStatus() < 500)) {
                     throw new VaultException("Vault responded with HTTP status code: " + restResponse.getStatus()
                             + "\nResponse body: " + new String(restResponse.getBody(), StandardCharsets.UTF_8),
                             restResponse.getStatus());
@@ -160,8 +160,8 @@ public LogicalResponse read(final String path, Boolean shouldRetry, final Intege
                         .sslContext(config.getSslConfig().getSslContext())
                         .get();
 
-                // Validate response
-                if (restResponse.getStatus() != 200) {
+                // Validate response - don't treat 4xx class errors as exceptions, we want to return an error as the response
+                if (restResponse.getStatus() != 200 && !(restResponse.getStatus() >= 400 && restResponse.getStatus() < 500)) {
                     throw new VaultException("Vault responded with HTTP status code: " + restResponse.getStatus()
                             + "\nResponse body: " + new String(restResponse.getBody(), StandardCharsets.UTF_8),
                             restResponse.getStatus());
@@ -261,7 +261,7 @@ private LogicalResponse write(final String path, final Map<String, Object> nameV
 
                 // HTTP Status should be either 200 (with content - e.g. PKI write) or 204 (no content)
                 final int restStatus = restResponse.getStatus();
-                if (restStatus == 200 || restStatus == 204) {
+                if (restStatus == 200 || restStatus == 204 || (restResponse.getStatus() >= 400 && restResponse.getStatus() < 500)) {
                     return new LogicalResponse(restResponse, retryCount, operation);
                 } else {
                     throw new VaultException("Expecting HTTP status 204 or 200, but instead receiving " + restStatus
diff --git a/src/test/java/com/bettercloud/vault/VaultConfigTests.java b/src/test/java/com/bettercloud/vault/VaultConfigTests.java
index 90d437e9..230445e2 100644
--- a/src/test/java/com/bettercloud/vault/VaultConfigTests.java
+++ b/src/test/java/com/bettercloud/vault/VaultConfigTests.java
@@ -255,5 +255,4 @@ public void testConfigBuilder_WithNamespace() throws VaultException {
         VaultConfig vaultConfig = new VaultConfig().nameSpace("namespace").address("address").build();
         Assert.assertEquals(vaultConfig.getNameSpace(), "namespace");
     }
-
 }
diff --git a/src/test/java/com/bettercloud/vault/VaultTests.java b/src/test/java/com/bettercloud/vault/VaultTests.java
index 5d6eee2c..502fe86b 100644
--- a/src/test/java/com/bettercloud/vault/VaultTests.java
+++ b/src/test/java/com/bettercloud/vault/VaultTests.java
@@ -1,11 +1,17 @@
 package com.bettercloud.vault;
 
+import com.bettercloud.vault.response.LogicalResponse;
+import com.bettercloud.vault.vault.VaultTestUtils;
+import com.bettercloud.vault.vault.mock.MockVault;
+import org.eclipse.jetty.server.Server;
 import org.junit.Assert;
 import org.junit.Test;
 
 import java.util.HashMap;
 import java.util.Map;
 
+import static junit.framework.TestCase.assertEquals;
+
 
 /**
  * Unit tests for the various <code>Vault</code> constructors.
@@ -88,4 +94,22 @@ public void kvEngineMapIsHonored() throws VaultException {
         Assert.assertEquals(String.valueOf(1), vault.logical().getEngineVersionForSecretPath("kv-v1").toString());
         Assert.assertEquals(String.valueOf(2), vault.logical().getEngineVersionForSecretPath("notInMap").toString());
     }
+
+    @Test
+    public void testConfigBuiler_WithInvalidRequestAsNonError() throws Exception {
+        final MockVault mockVault = new MockVault(403, "{\"errors\":[\"preflight capability check returned 403, please ensure client's policies grant access to path \"path/that/does/not/exist/\"]}");
+        final Server server = VaultTestUtils.initHttpMockVault(mockVault);
+        server.start();
+
+        final VaultConfig vaultConfig = new VaultConfig()
+                .address("http://127.0.0.1:8999")
+                .token("mock_token")
+                .build();
+        final Vault vault = new Vault(vaultConfig);
+
+        LogicalResponse response = vault.logical().read("path/that/does/not/exist/");
+        VaultTestUtils.shutdownMockVault(server);
+        Assert.assertEquals(403, response.getRestResponse().getStatus());
+        Assert.assertEquals(0, response.getRetries());
+    }
 }
\ No newline at end of file