diff --git a/command/seal_migration_test.go b/command/seal_migration_test.go
index 67c3d46e463a2..a744fa45d67c8 100644
--- a/command/seal_migration_test.go
+++ b/command/seal_migration_test.go
@@ -1,3 +1,5 @@
+// +build !enterprise
+
 package command
 
 import (
diff --git a/vault/core.go b/vault/core.go
index 90cc8d5679149..f2e0a029f2a0f 100644
--- a/vault/core.go
+++ b/vault/core.go
@@ -1146,8 +1146,6 @@ func (c *Core) sealInitCommon(ctx context.Context, req *logical.Request) (retErr
 		return retErr
 	}
 
-	req.SetTokenEntry(te)
-
 	// Audit-log the request before going any further
 	auth := &logical.Auth{
 		ClientToken: req.ClientToken,
diff --git a/vault/request_handling.go b/vault/request_handling.go
index eb43266607833..ab19a0c1245df 100644
--- a/vault/request_handling.go
+++ b/vault/request_handling.go
@@ -136,6 +136,8 @@ func (c *Core) fetchACLTokenEntryAndEntity(ctx context.Context, req *logical.Req
 			c.logger.Error("failed to lookup token", "error", err)
 			return nil, nil, nil, nil, ErrInternalError
 		}
+		// Set the token entry here since it has not been cached yet
+		req.SetTokenEntry(te)
 	default:
 		te = req.TokenEntry()
 	}