diff --git a/awx/main/credential_plugins/hashivault.py b/awx/main/credential_plugins/hashivault.py
index 0736ccc4f1..c428ee61a0 100644
--- a/awx/main/credential_plugins/hashivault.py
+++ b/awx/main/credential_plugins/hashivault.py
@@ -111,10 +111,9 @@ def handle_auth(**kwargs):
 
     if kwargs.get('token'):
         token = kwargs['token']
-    else:
-      if kwargs.get('role_id') and kwargs.get('secret_id'):
+    elif kwargs.get('role_id') and kwargs.get('secret_id'):
         token = approle_auth(**kwargs)
-      else:
+    else:
         raise Exception('Either Vault token or Auth parameters must be set')
 
     return token