diff --git a/example.tf b/example.tf
index a672e8e7..91cc0d92 100644
--- a/example.tf
+++ b/example.tf
@@ -26,7 +26,6 @@ provider "dsv" {
   client_id     = var.dsv_client_id
   client_secret = var.dsv_client_secret
   tenant        = var.dsv_tenant
-  auth_provider = var.dsv_auth_provider
 }
 
 data "dsv_secret" "username" {
diff --git a/provider.go b/provider.go
index e965749d..5869eb34 100644
--- a/provider.go
+++ b/provider.go
@@ -18,12 +18,11 @@ func providerConfig(d *schema.ResourceData) (interface{}, error) {
 		},
 	}
 
+	c.Provider = auth.CLIENT
 	if prvd, exists := d.GetOk("auth_provider"); exists {
 		switch strings.ToLower(prvd.(string)) {
 		case "aws":
 			c.Provider = auth.AWS
-		default:
-			c.Provider = auth.CLIENT
 		}
 	}
 	log.Printf("[DEBUG] auth provider is set to %+v", c.Provider)
@@ -61,19 +60,18 @@ func Provider() *schema.Provider {
 			},
 			"client_id": {
 				Type:        schema.TypeString,
-				Required:    true,
+				Optional:    true,
 				Description: "The DevOps Secrets Vault client_id",
 			},
 			"client_secret": {
 				Type:        schema.TypeString,
 				Sensitive:   true,
-				Required:    true,
+				Optional:    true,
 				Description: "The DevOps Secrets Vault client_secret",
 			},
 			"auth_provider": {
 				Type:        schema.TypeString,
-				Sensitive:   true,
-				Required:    false,
+				Optional:    true,
 				Description: "The DevOps Secrets Vault auth_provider",
 			},
 			"tld": {