gRPC 10 ABORTED vs 16 UNAUTHENTICATED
Both gRPC 10 (ABORTED) and 16 (UNAUTHENTICATED) belong to the gRPC Status Codes category. 10 indicates that the operation was aborted, typically due to a concurrency issue such as a sequencer check failure or transaction abort. Meanwhile, 16 means that the request does not have valid authentication credentials for the operation.
Description
The operation was aborted, typically due to a concurrency issue such as a sequencer check failure or transaction abort.
When You See It
A transaction or optimistic concurrency check failed — for example, a read-modify-write cycle detected a conflict with another concurrent operation.
How to Fix
Retry the entire read-modify-write sequence from the beginning. Implement proper optimistic concurrency control with version tokens or ETags.
Description
The request does not have valid authentication credentials for the operation.
When You See It
No credentials were provided, or the provided token/certificate is expired or invalid. Different from PERMISSION_DENIED (code 7), which means authenticated but not authorized.
How to Fix
Provide valid authentication credentials (e.g., refresh the OAuth token, regenerate the API key, or renew the client certificate).
Key Differences
gRPC 10: The operation was aborted, typically due to a concurrency issue such as a sequencer check failure or transaction abort.
gRPC 16: The request does not have valid authentication credentials for the operation.
You encounter 10 when a transaction or optimistic concurrency check failed — for example, a read-modify-write cycle detected a conflict with another concurrent operation.
You encounter 16 when no credentials were provided, or the provided token/certificate is expired or invalid. Different from PERMISSION_DENIED (code 7), which means authenticated but not authorized.
When to Use Which
For 10 (ABORTED): Retry the entire read-modify-write sequence from the beginning. Implement proper optimistic concurrency control with version tokens or ETags. For 16 (UNAUTHENTICATED): Provide valid authentication credentials (e.g., refresh the OAuth token, regenerate the API key, or renew the client certificate).