Interview Questions
When should an API return 401 Unauthorized versus 403 Forbidden?
Search
⌘K
0%
Scenario
Beginner
Security
When should an API return 401 Unauthorized versus 403 Forbidden?
Bookmark
Add note
Print
Reveal answer
Follow-up questions
Why might an API return 404 instead of 403 for a resource the user cannot access?
What header accompanies a correct 401 response?
Related topics
HTTP Status Codes
JWT (JSON Web Tokens)
Access Tokens and Refresh Tokens
#auth
#http-status
#401
#403
#scenario