From b87d3488d724fecdae4dfd4748b432d78e96786f Mon Sep 17 00:00:00 2001
From: hc-github-team-secure-vault-core
 <82990506+hc-github-team-secure-vault-core@users.noreply.github.com>
Date: Fri, 1 Dec 2023 10:11:04 -0500
Subject: [PATCH] backport of commit 4a7bee5a02db880d543692386ccd597f33e29624
 (#24331)

Co-authored-by: Mike Palmiotto <mike.palmiotto@hashicorp.com>
---
 changelog/24325.txt              | 4 ++++
 vault/identity_store_entities.go | 3 ++-
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 changelog/24325.txt

diff --git a/changelog/24325.txt b/changelog/24325.txt
new file mode 100644
index 0000000000..ab5ce613c4
--- /dev/null
+++ b/changelog/24325.txt
@@ -0,0 +1,4 @@
+```release-note:change
+identity (enterprise): POST requests to the `/identity/entity/merge` endpoint
+are now always forwarded from standbys to the active node.
+```
\ No newline at end of file
diff --git a/vault/identity_store_entities.go b/vault/identity_store_entities.go
index ccc786e7d7..629c94ed21 100644
--- a/vault/identity_store_entities.go
+++ b/vault/identity_store_entities.go
@@ -231,7 +231,8 @@ func entityPaths(i *IdentityStore) []*framework.Path {
 			},
 			Operations: map[logical.Operation]framework.OperationHandler{
 				logical.UpdateOperation: &framework.PathOperation{
-					Callback: i.pathEntityMergeID(),
+					Callback:                  i.pathEntityMergeID(),
+					ForwardPerformanceStandby: true,
 				},
 			},