gRPC 0 OK vs 7 PERMISSION_DENIED
Both gRPC 0 (OK) and 7 (PERMISSION_DENIED) belong to the gRPC Status Codes category. 0 indicates that the operation completed successfully. Not an error; returned on success. Meanwhile, 7 means that the caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
Description
The operation completed successfully. Not an error; returned on success.
When You See It
The RPC completed without any issues. This is the expected response for every successful gRPC call.
How to Fix
No fix needed — this indicates everything worked correctly.
Description
The caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
When You See It
The authenticated user lacks the required role, scope, or policy to perform this action. Different from UNAUTHENTICATED (code 16), which means no credentials at all.
How to Fix
Verify the caller has the correct IAM role, API scope, or access policy. Check RBAC configuration on the server side.
Key Differences
gRPC 0: The operation completed successfully. Not an error; returned on success.
gRPC 7: The caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
You encounter 0 when the RPC completed without any issues. This is the expected response for every successful gRPC call.
You encounter 7 when the authenticated user lacks the required role, scope, or policy to perform this action. Different from UNAUTHENTICATED (code 16), which means no credentials at all.
When to Use Which
For 0 (OK): No fix needed — this indicates everything worked correctly. For 7 (PERMISSION_DENIED): Verify the caller has the correct IAM role, API scope, or access policy. Check RBAC configuration on the server side.