gRPC 5 NOT_FOUND vs 7 PERMISSION_DENIED
Both gRPC 5 (NOT_FOUND) and 7 (PERMISSION_DENIED) belong to the gRPC Status Codes category. 5 indicates that some requested entity was not found. For example, a file or directory that the RPC was supposed to operate on does not exist. Meanwhile, 7 means that the caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
Descrição
Some requested entity was not found. For example, a file or directory that the RPC was supposed to operate on does not exist.
Quando você o vê
The resource referenced in the request doesn't exist — such as looking up a user by ID that has been deleted or never created.
Como corrigir
Verify the resource identifier is correct. Ensure the resource was created before accessing it, or handle the not-found case gracefully in your client.
Descrição
The caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
Quando você o vê
The authenticated user lacks the required role, scope, or policy to perform this action. Different from UNAUTHENTICATED (code 16), which means no credentials at all.
Como corrigir
Verify the caller has the correct IAM role, API scope, or access policy. Check RBAC configuration on the server side.
Diferenças principais
gRPC 5: Some requested entity was not found. For example, a file or directory that the RPC was supposed to operate on does not exist.
gRPC 7: The caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
You encounter 5 when the resource referenced in the request doesn't exist — such as looking up a user by ID that has been deleted or never created.
You encounter 7 when the authenticated user lacks the required role, scope, or policy to perform this action. Different from UNAUTHENTICATED (code 16), which means no credentials at all.
Quando usar qual
For 5 (NOT_FOUND): Verify the resource identifier is correct. Ensure the resource was created before accessing it, or handle the not-found case gracefully in your client. For 7 (PERMISSION_DENIED): Verify the caller has the correct IAM role, API scope, or access policy. Check RBAC configuration on the server side.