diff --git a/changelog/18859.txt b/changelog/18859.txt
new file mode 100644
index 000000000..0ee2c361e
--- /dev/null
+++ b/changelog/18859.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+core/auth: Return a 403 instead of a 500 for wrapping requests when token is not provided
+```
diff --git a/http/sys_wrapping_test.go b/http/sys_wrapping_test.go
index 17520e78c..4a26c44fb 100644
--- a/http/sys_wrapping_test.go
+++ b/http/sys_wrapping_test.go
@@ -2,6 +2,7 @@ package http
 
 import (
 	"encoding/json"
+	"errors"
 	"reflect"
 	"testing"
 	"time"
@@ -366,4 +367,20 @@ func TestHTTP_Wrapping(t *testing.T) {
 	}) {
 		t.Fatalf("secret data did not match expected: %#v", secret.Data)
 	}
+
+	// Ensure that wrapping lookup without a client token responds correctly
+	client.ClearToken()
+	secret, err = client.Logical().Read("sys/wrapping/lookup")
+	if secret != nil {
+		t.Fatalf("expected no response: %#v", secret)
+	}
+
+	if err == nil {
+		t.Fatal("expected error")
+	}
+
+	var respError *api.ResponseError
+	if errors.As(err, &respError); respError.StatusCode != 403 {
+		t.Fatalf("expected 403 response, actual: %d", respError.StatusCode)
+	}
 }
diff --git a/vault/request_handling.go b/vault/request_handling.go
index 28131779b..c31d543eb 100644
--- a/vault/request_handling.go
+++ b/vault/request_handling.go
@@ -561,7 +561,7 @@ func (c *Core) handleCancelableRequest(ctx context.Context, req *logical.Request
 			// be revoked after the call. So we have to do the validation here.
 			valid, err := c.validateWrappingToken(ctx, req)
 			if err != nil {
-				return nil, fmt.Errorf("error validating wrapping token: %w", err)
+				return logical.ErrorResponse(fmt.Sprintf("error validating wrapping token: %s", err.Error())), logical.ErrPermissionDenied
 			}
 			if !valid {
 				return nil, consts.ErrInvalidWrappingToken