diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6993fd6553..e8db19fd73 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@ FEATURES:
 
 BUGS:
 
+* Fix panic when `auth_login.parameters` is explicitly set to `null` [#XXXX](https://github.com/hashicorp/terraform-provider-vault/pull/XXXX)
 * Fix credential validation failures in `vault_azure_access_credentials` data source caused by Azure RBAC propagation delays using `azure_groups` [#2437](https://github.com/hashicorp/terraform-provider-vault/pull/2437)
 
 ## 4.7.0 (Mar 12, 2025)
diff --git a/internal/provider/auth.go b/internal/provider/auth.go
index 31e5214ce6..94e2c3cc70 100644
--- a/internal/provider/auth.go
+++ b/internal/provider/auth.go
@@ -249,7 +249,11 @@ func (l *AuthLoginCommon) init(d *schema.ResourceData) (string, map[string]inter
 
 	var params map[string]interface{}
 	if v, ok := l.getOk(d, consts.FieldParameters); ok {
-		params = v.(map[string]interface{})
+		rawParams := v.(map[string]interface{})
+		if rawParams == nil {
+			rawParams = make(map[string]interface{})
+		}
+		params = rawParams
 		ns, _ := l.getOk(d, consts.FieldNamespace)
 		params[consts.FieldNamespace] = ns
 
diff --git a/internal/provider/auth_test.go b/internal/provider/auth_test.go
index fd5315a08d..5ef7e506c4 100644
--- a/internal/provider/auth_test.go
+++ b/internal/provider/auth_test.go
@@ -316,3 +316,40 @@ func TestAuthLoginCommon_Namespace(t *testing.T) {
 		})
 	}
 }
+
+func TestAuthLogin_Init_nilParameters(t *testing.T) {
+	s := make(map[string]*schema.Schema)
+	MustAddAuthLoginSchema(s)
+
+	for field, sch := range s {
+		if sch.Type != schema.TypeList {
+			continue
+		}
+
+		switch field {
+		case "auth_login_kerberos", "auth_login_userpass", "auth_login_azure", "auth_login_cert",
+			"auth_login_oci", "auth_login_jwt", "auth_login_radius", "auth_login_token_file":
+			// Skip entries that require mandatory fields for Init
+			continue
+		}
+
+		raw := map[string]interface{}{
+			field: []interface{}{
+				map[string]interface{}{
+					"method":     "gcp",
+					"path":       "auth/gcp/login",
+					"parameters": nil,
+					"role":       "vault-admin",
+				},
+			},
+		}
+
+		l, err := GetAuthLogin(schema.TestResourceDataRaw(t, s, raw))
+		if err != nil {
+			t.Errorf("unexpected error for field %s: %v", field, err)
+		}
+		if l == nil {
+			t.Errorf("expected auth login for field %s but got nil", field)
+		}
+	}
+}