aws
diff --git a/‎.changes/nextrelease/auth-selection-updates.json
+7 b/‎.changes/nextrelease/auth-selection-updates.json
+7
diff --git a/‎src/Auth/AuthSelectionMiddleware.php
+11-4 b/‎src/Auth/AuthSelectionMiddleware.php
+11-4
diff --git a/‎tests/Auth/AuthSelectionMiddlewareTest.php
+1-41 b/‎tests/Auth/AuthSelectionMiddlewareTest.php
+1-41
@@ -0,0 +1,7 @@
+[
+  {
+    "type": "bugfix",
+    "category": "Auth",
+    "description": "Updates auth selection behavior to treat credential retrieval errors as non-terminal."
+  }
+]
@@ -2,6 +2,7 @@
 namespace Aws\Auth;
 
 use Aws\Api\Service;
+use Aws\Auth\Exception\UnresolvedAuthSchemeException;
 use Aws\CommandInterface;
 use Closure;
 use GuzzleHttp\Promise\Promise;
@@ -84,10 +85,16 @@ public function __invoke(CommandInterface $command)
                 $resolver = $this->authResolver;
             }
 
-            $selectedAuthScheme = $resolver->selectAuthScheme(
-                $resolvableAuth,
-                ['unsigned_payload' => $unsignedPayload]
-            );
+            try {
+                $selectedAuthScheme = $resolver->selectAuthScheme(
+                    $resolvableAuth,
+                    ['unsigned_payload' => $unsignedPayload]
+                );
+            } catch (UnresolvedAuthSchemeException $e) {
+                // There was an error resolving auth
+                // The signature version will fall back to the modeled `signatureVersion`
+                // or auth schemes resolved during endpoint resolution
+            }
 
             if (!empty($selectedAuthScheme)) {
                 $command['@context']['signature_version'] = $selectedAuthScheme;
 
@@ -88,11 +88,6 @@ public function ResolvesAuthSchemeWithoutCRTProvider()
                 ['smithy.api#noAuth'],
                 'anonymous'
             ],
-            [
-                ['aws.auth#sigv4', 'aws.auth#sigv4a'],
-                ['aws.auth#sigv4a'],
-                'error'
-            ],
         ];
     }
 
@@ -235,45 +230,10 @@ function () {
                     );
                 },
                 'bearer'
-            ],
-            [
-                ['aws.auth#sigv4', 'aws.auth#sigv4a'],
-                ['smithy.api#httpBearerAuth'],
-                function () {
-                    return Promise\Create::promiseFor(
-                        null
-                    );
-                },
-                'error'
-            ],
+            ]
         ];
     }
 
-    public function testUnknownAuthSchemeThrows()
-    {
-        $this->expectException(UnresolvedAuthSchemeException::class);
-        $this->expectExceptionMessage(
-            'Could not resolve an authentication scheme: The service does not support `notAnAuthScheme` authentication.'
-        );
-
-        $nextHandler = function (CommandInterface $command) {
-            return null;
-        };
-        $service = $this->generateTestService(['notAnAuthScheme'], []);
-        $credentialProvider = function () {
-            return Promise\Create::promiseFor(
-               null
-            );
-        };
-        $authResolver = new AuthSchemeResolver($credentialProvider);
-        $client = $this->generateTestClient($service);
-        $command = $client->getCommand('fooOperation', ['FooParam' => 'bar']);
-
-        $middleware = new AuthSelectionMiddleware($nextHandler, $authResolver, $service);
-
-        $middleware($command);
-    }
-
     public function testCommandOverrideResolver()
     {
         $nextHandler = function (CommandInterface $command) {