4×× Client Error

401 Unauthorized

The request has not been applied because it lacks valid authentication credentials for the target resource.

The server generating a 401 response MUST send a WWW-Authenticate header field¹ containing at least one challenge applicable to the target resource.

If the request included authentication credentials, then the 401 response indicates that authorization has been refused for those credentials. The user agent MAY repeat the request with a new or replaced Authorization header field². If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user agent SHOULD present the enclosed representation to the user, since it usually contains relevant diagnostic information.

¹ WWW-Authenticate RFC7235 Section 4.1
² Authorization RFC7235 Section 4.2
Source: RFC7235 Section 3.1

401 Code References

Rails HTTP Status Symbol :unauthorized

Rust HTTP Status Constant http::StatusCode::UNAUTHORIZED

Go HTTP Status Constant http.StatusUnauthorized

Symfony HTTP Status Constant Response::HTTP_UNAUTHORIZED

Python2 HTTP Status Constant httplib.UNAUTHORIZED

Python3+ HTTP Status Constant http.client.UNAUTHORIZED

Python3.5+ HTTP Status Constant http.HTTPStatus.UNAUTHORIZED

.NET HTTP Status Constant System.Net.HttpStatusCode.Unauthorized

← Return to httpcod.es