diff --git a/interceptors/auth/interceptors.go b/interceptors/auth/interceptors.go
index d9dc129..1f311e0 100644
--- a/interceptors/auth/interceptors.go
+++ b/interceptors/auth/interceptors.go
@@ -8,13 +8,14 @@ import (
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
+	"google.golang.org/protobuf/types/known/anypb"
 
 	"go.linka.cloud/grpc/interceptors"
 )
 
 func ChainedAuthFuncs(fn ...grpc_auth.AuthFunc) grpc_auth.AuthFunc {
 	return func(ctx context.Context) (context.Context, error) {
-		code := codes.Unauthenticated
+		spb := status.New(codes.Unauthenticated, codes.Unauthenticated.String()).Proto()
 		for _, v := range fn {
 			ctx2, err := v(ctx)
 			if err == nil {
@@ -24,11 +25,14 @@ func ChainedAuthFuncs(fn ...grpc_auth.AuthFunc) grpc_auth.AuthFunc {
 			if !ok {
 				return ctx2, err
 			}
-			if s.Code() == codes.PermissionDenied {
-				code = codes.PermissionDenied
+			if spb.Code != s.Proto().Code {
+				spb.Code = s.Proto().Code
 			}
+			d, _ := anypb.New(s.Proto())
+			spb.Details = append(spb.Details, d)
+			spb.Message += ", " + s.Proto().Message
 		}
-		return ctx, status.Error(code, code.String())
+		return ctx, status.FromProto(spb).Err()
 	}
 }
 
diff --git a/interceptors/auth/interceptors_test.go b/interceptors/auth/interceptors_test.go
index c85a2b6..6327fe9 100644
--- a/interceptors/auth/interceptors_test.go
+++ b/interceptors/auth/interceptors_test.go
@@ -13,7 +13,7 @@ import (
 	"go.linka.cloud/grpc/errors"
 )
 
-func TestNotProtectededOnly(t *testing.T) {
+func TestNotProtectedOnly(t *testing.T) {
 	assert := assert2.New(t)
 	i := &interceptor{o: options{ignoredMethods: []string{"/test.Service/ignored"}}}
 	assert.False(i.isNotProtected("/test.Service/protected"))
@@ -99,14 +99,14 @@ func TestChainedAuthFuncs(t *testing.T) {
 			name: "empty bearer",
 			auth: "bearer  ",
 			err:  true,
-			code: codes.PermissionDenied,
+			code: codes.Unauthenticated,
 		},
 		{
 			name:          "internal error",
 			auth:          "bearer internal",
 			internalError: true,
 			err:           true,
-			code:          codes.PermissionDenied,
+			code:          codes.Internal,
 		},
 		{
 			name: "multiple auth: first basic valid",
@@ -120,13 +120,13 @@ func TestChainedAuthFuncs(t *testing.T) {
 			name: "invalid auth: bearer",
 			auth: "bearer noop",
 			err:  true,
-			code: codes.PermissionDenied,
+			code: codes.Unauthenticated,
 		},
 		{
 			name: "invalid auth: basic",
 			auth: BasicAuth("other", "other"),
 			err:  true,
-			code: codes.PermissionDenied,
+			code: codes.Unauthenticated,
 		},
 	}