diff --git a/plugin-infra/go-plugin-access/src/main/java/com/thoughtworks/go/plugin/access/exceptions/SecretResolutionFailureException.java b/plugin-infra/go-plugin-access/src/main/java/com/thoughtworks/go/plugin/access/exceptions/SecretResolutionFailureException.java
index dcfb344a4f1..2e6ed8c7fb5 100644
--- a/plugin-infra/go-plugin-access/src/main/java/com/thoughtworks/go/plugin/access/exceptions/SecretResolutionFailureException.java
+++ b/plugin-infra/go-plugin-access/src/main/java/com/thoughtworks/go/plugin/access/exceptions/SecretResolutionFailureException.java
@@ -25,13 +25,12 @@ public SecretResolutionFailureException(String message) {
         super(message);
     }
 
-    public static SecretResolutionFailureException withMissingSecretParams(Set<String> secretsToResolve, Set<String> missingSecrets) {
-        return new SecretResolutionFailureException(format("Expected plugin to resolve secret(s) `%s` but plugin failed resolve secret param(s) `%s`. Please make sure that secret with same name exist in your secret management tool.", csv(secretsToResolve), csv(missingSecrets)));
+    public static SecretResolutionFailureException withMissingSecretParams(String secretConfigId, Set<String> secretsToResolve, Set<String> missingSecrets) {
+        return new SecretResolutionFailureException(format("Expected plugin to resolve secret param(s) `%s` using secret config `%s` but plugin failed to resolve secret param(s) `%s`. Please make sure that secret(s) with the same name exists in your secret management tool.", csv(secretsToResolve), secretConfigId, csv(missingSecrets)));
     }
 
-
-    public static SecretResolutionFailureException withUnwantedSecretParams(Set<String> secretsToResolve, Set<String> unwantedSecrets) {
-        return new SecretResolutionFailureException(format("Expected plugin to resolve secret(s) `%s` but plugin sent addition secret param(s) `%s`.", csv(secretsToResolve), csv(unwantedSecrets)));
+    public static SecretResolutionFailureException withUnwantedSecretParams(String secretConfigId, Set<String> secretsToResolve, Set<String> unwantedSecrets) {
+        return new SecretResolutionFailureException(format("Expected plugin to resolve secret param(s) `%s` using secret config `%s` but plugin sent additional secret param(s) `%s`.", csv(secretsToResolve), secretConfigId, csv(unwantedSecrets)));
     }
 
     private static String csv(Set<String> secretsToResolve) {
diff --git a/plugin-infra/go-plugin-access/src/main/java/com/thoughtworks/go/plugin/access/secrets/SecretsExtension.java b/plugin-infra/go-plugin-access/src/main/java/com/thoughtworks/go/plugin/access/secrets/SecretsExtension.java
index cc7e61c6ed4..03f6f5b6d97 100644
--- a/plugin-infra/go-plugin-access/src/main/java/com/thoughtworks/go/plugin/access/secrets/SecretsExtension.java
+++ b/plugin-infra/go-plugin-access/src/main/java/com/thoughtworks/go/plugin/access/secrets/SecretsExtension.java
@@ -81,7 +81,7 @@ public List<Secret> lookupSecrets(String pluginId, SecretConfig secretConfig, Se
 
         final Set<String> additionalSecretsInResponse = SetUtils.difference(resolvedSecrets, keys).toSet();
         if (!additionalSecretsInResponse.isEmpty()) {
-            throw SecretResolutionFailureException.withUnwantedSecretParams(keys, additionalSecretsInResponse);
+            throw SecretResolutionFailureException.withUnwantedSecretParams(secretConfig.getId(), keys, additionalSecretsInResponse);
         }
 
         if (resolvedSecrets.containsAll(keys)) {
@@ -89,7 +89,7 @@ public List<Secret> lookupSecrets(String pluginId, SecretConfig secretConfig, Se
         }
 
         final Set<String> missingSecrets = SetUtils.disjunction(resolvedSecrets, keys).toSet();
-        throw SecretResolutionFailureException.withMissingSecretParams(keys, missingSecrets);
+        throw SecretResolutionFailureException.withMissingSecretParams(secretConfig.getId(), keys, missingSecrets);
     }
 
     protected VersionedSecretsExtension getVersionedSecretsExtension(String pluginId) {
diff --git a/plugin-infra/go-plugin-access/src/test/java/com/thoughtworks/go/plugin/access/secrets/SecretsExtensionTest.java b/plugin-infra/go-plugin-access/src/test/java/com/thoughtworks/go/plugin/access/secrets/SecretsExtensionTest.java
index 8f835a7f76f..4e39bbb52b9 100644
--- a/plugin-infra/go-plugin-access/src/test/java/com/thoughtworks/go/plugin/access/secrets/SecretsExtensionTest.java
+++ b/plugin-infra/go-plugin-access/src/test/java/com/thoughtworks/go/plugin/access/secrets/SecretsExtensionTest.java
@@ -130,22 +130,23 @@ void validateSecretsConfig_shouldDelegateToVersionedExtension() {
     class lookupSecrets {
         @Test
         void shouldDelegateToVersionedExtension() {
+            final SecretConfig secretConfig = new SecretConfig("file", "cd.go.secret.file");
             SecretsExtensionV1 secretsExtensionV1 = mock(SecretsExtensionV1.class);
             Map<String, VersionedSecretsExtension> secretsExtensionMap = singletonMap("1.0", secretsExtensionV1);
             extension = new SecretsExtension(pluginManager, extensionsRegistry, secretsExtensionMap);
             Set<String> keys = new HashSet<>(asList("key1", "key2"));
 
             when(pluginManager.resolveExtensionVersion(PLUGIN_ID, SECRETS_EXTENSION, SUPPORTED_VERSIONS)).thenReturn(SecretsExtensionV1.VERSION);
-            when(secretsExtensionV1.lookupSecrets(PLUGIN_ID, new SecretConfig(), keys)).thenReturn(Arrays.asList(
+            when(secretsExtensionV1.lookupSecrets(PLUGIN_ID, secretConfig, keys)).thenReturn(Arrays.asList(
                     new Secret("key1", "value-1"),
                     new Secret("key2", "value-2")
             ));
 
-            final List<Secret> secrets = extension.lookupSecrets(PLUGIN_ID, new SecretConfig(), keys);
+            final List<Secret> secrets = extension.lookupSecrets(PLUGIN_ID, secretConfig, keys);
 
             assertThat(secrets).hasSize(2)
                     .contains(new Secret("key1", "value-1"), new Secret("key2", "value-2"));
-            verify(secretsExtensionV1).lookupSecrets(PLUGIN_ID, new SecretConfig(), keys);
+            verify(secretsExtensionV1).lookupSecrets(PLUGIN_ID, secretConfig, keys);
         }
 
         @Test
@@ -154,17 +155,18 @@ void shouldBombIfResolvedSecretContainsAdditionalSecrets() {
             Map<String, VersionedSecretsExtension> secretsExtensionMap = singletonMap("1.0", secretsExtensionV1);
             extension = new SecretsExtension(pluginManager, extensionsRegistry, secretsExtensionMap);
             final Set<String> secretsToLookup = new HashSet<>(asList("key1", "key2"));
+            final SecretConfig secretConfig = new SecretConfig("file", "cd.go.secret.file");
 
             when(pluginManager.resolveExtensionVersion(PLUGIN_ID, SECRETS_EXTENSION, SUPPORTED_VERSIONS)).thenReturn(SecretsExtensionV1.VERSION);
-            when(secretsExtensionV1.lookupSecrets(PLUGIN_ID, new SecretConfig(), secretsToLookup)).thenReturn(Arrays.asList(
+            when(secretsExtensionV1.lookupSecrets(PLUGIN_ID, secretConfig, secretsToLookup)).thenReturn(Arrays.asList(
                     new Secret("key1", "value-1"),
                     new Secret("key2", "value-2"),
                     new Secret("key3", "value-3")
             ));
 
-            assertThatCode(() -> extension.lookupSecrets(PLUGIN_ID, new SecretConfig(), secretsToLookup))
+            assertThatCode(() -> extension.lookupSecrets(PLUGIN_ID, secretConfig, secretsToLookup))
                     .isInstanceOf(SecretResolutionFailureException.class)
-                    .hasMessage("Expected plugin to resolve secret(s) `key1, key2` but plugin sent addition secret param(s) `key3`.");
+                    .hasMessage("Expected plugin to resolve secret param(s) `key1, key2` using secret config `file` but plugin sent additional secret param(s) `key3`.");
         }
 
         @Test
@@ -177,9 +179,9 @@ void shouldBombWhenPluginReturnsPartiallyResolvedSecretParams() {
             when(pluginManager.resolveExtensionVersion(PLUGIN_ID, SECRETS_EXTENSION, SUPPORTED_VERSIONS)).thenReturn(SecretsExtensionV1.VERSION);
             when(secretsExtensionV1.lookupSecrets(PLUGIN_ID, new SecretConfig(), secretsToLookup)).thenReturn(singletonList(new Secret("key1", "value-1")));
 
-            assertThatCode(() -> extension.lookupSecrets(PLUGIN_ID, new SecretConfig(), secretsToLookup))
+            assertThatCode(() -> extension.lookupSecrets(PLUGIN_ID, new SecretConfig("file", "cd.go.secret.file"), secretsToLookup))
                     .isInstanceOf(SecretResolutionFailureException.class)
-                    .hasMessage("Expected plugin to resolve secret(s) `key1, key2, key3` but plugin failed resolve secret param(s) `key2, key3`. Please make sure that secret with same name exist in your secret management tool.");
+                    .hasMessage("Expected plugin to resolve secret param(s) `key1, key2, key3` using secret config `file` but plugin failed to resolve secret param(s) `key1, key2, key3`. Please make sure that secret(s) with the same name exists in your secret management tool.");
         }
     }