diff --git a/runtime/service/src/main/java/org/apache/polaris/service/auth/AuthenticatingAugmentor.java b/runtime/service/src/main/java/org/apache/polaris/service/auth/AuthenticatingAugmentor.java
index 50b334da2f..4166b08008 100644
--- a/runtime/service/src/main/java/org/apache/polaris/service/auth/AuthenticatingAugmentor.java
+++ b/runtime/service/src/main/java/org/apache/polaris/service/auth/AuthenticatingAugmentor.java
@@ -26,6 +26,7 @@
 import io.smallrye.mutiny.Uni;
 import jakarta.enterprise.context.ApplicationScoped;
 import jakarta.inject.Inject;
+import org.apache.iceberg.exceptions.ServiceFailureException;
 import org.apache.polaris.core.auth.PolarisPrincipal;
 
 /**
@@ -83,6 +84,10 @@ private SecurityIdentity authenticatePolarisPrincipal(
       // Also include the Polaris principal properties as attributes of the identity
       polarisPrincipal.getProperties().forEach(builder::addAttribute);
       return builder.build();
+    } catch (ServiceFailureException e) {
+      // Let ServiceFailureException bubble up to be handled by IcebergExceptionMapper
+      // This will result in 503 Service Unavailable instead of 401 Unauthorized
+      throw e;
     } catch (RuntimeException e) {
       throw new AuthenticationFailedException(e);
     }
diff --git a/runtime/service/src/test/java/org/apache/polaris/service/auth/AuthenticatingAugmentorTest.java b/runtime/service/src/test/java/org/apache/polaris/service/auth/AuthenticatingAugmentorTest.java
index 8166a1302e..5a1c682a02 100644
--- a/runtime/service/src/test/java/org/apache/polaris/service/auth/AuthenticatingAugmentorTest.java
+++ b/runtime/service/src/test/java/org/apache/polaris/service/auth/AuthenticatingAugmentorTest.java
@@ -29,6 +29,7 @@
 import io.smallrye.mutiny.Uni;
 import java.security.Principal;
 import org.apache.iceberg.exceptions.NotAuthorizedException;
+import org.apache.iceberg.exceptions.ServiceFailureException;
 import org.apache.polaris.core.auth.PolarisPrincipal;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
@@ -92,6 +93,26 @@ public void testAugmentAuthenticationFailure() {
         .hasCause(exception);
   }
 
+  @Test
+  public void testServiceFailureExceptionBubblesUp() {
+    Principal nonPolarisPrincipal = mock(Principal.class);
+    PolarisCredential credential = mock(PolarisCredential.class);
+    SecurityIdentity identity =
+        QuarkusSecurityIdentity.builder()
+            .setPrincipal(nonPolarisPrincipal)
+            .addCredential(credential)
+            .build();
+
+    ServiceFailureException serviceException =
+        new ServiceFailureException("Unable to fetch principal entity");
+    when(authenticator.authenticate(credential)).thenThrow(serviceException);
+
+    assertThatThrownBy(
+            () -> augmentor.augment(identity, Uni.createFrom()::item).await().indefinitely())
+        .isInstanceOf(ServiceFailureException.class)
+        .hasMessage("Unable to fetch principal entity");
+  }
+
   @Test
   public void testAugmentSuccessfulAuthentication() {
     // Given