httpstatuses/contents/codes/401.md

---
set: 4
code: 401
title: Unauthorized
references:
    "Rails HTTP Status Symbol": ":unauthorized"
    "Go HTTP Status Constant": "http.StatusUnauthorized"
    "Symfony HTTP Status Constant": "Response::HTTP_UNAUTHORIZED"
---

The request has not been applied because it lacks valid authentication credentials for the target resource.

The server generating a 401 response MUST send a WWW-Authenticate header field<sup>[1](#ref-1)</sup> containing at least one challenge applicable to the target resource.

If the request included authentication credentials, then the 401 response indicates that authorization has been refused for those credentials. The user agent MAY repeat the request with a new or replaced Authorization header field<sup>[2](#ref-2)</sup>. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user agent SHOULD present the enclosed representation to the user, since it usually contains relevant diagnostic information.

---

* <span id="ref-1"><sup>1</sup> WWW-Authenticate [RFC7235 Section 4.1][2]</span>
* <span id="ref-2"><sup>2</sup> Authorization [RFC7235 Section 4.2][3]</span>
* Source: [RFC7235 Section 3.1][1]

[1]: <http://tools.ietf.org/html/rfc7235#section-3.1>
[2]: <http://tools.ietf.org/html/rfc7235#section-4.1>
[3]: <http://tools.ietf.org/html/rfc7235#section-4.2>
Adds placeholder codes for development 2015-11-06 21:39:33 +01:00			`---`
			`set: 4`
			`code: 401`
			`title: Unauthorized`
Adds 4xx Client Error class status codes descriptions from latest standards 2015-11-07 05:34:40 +01:00			`references:`
			`"Rails HTTP Status Symbol": ":unauthorized"`
Add Go status constants 2016-01-27 23:08:33 +01:00			`"Go HTTP Status Constant": "http.StatusUnauthorized"`
Add Symfony HTTP Status Constant references (#48) 2016-04-19 15:19:17 +02:00			`"Symfony HTTP Status Constant": "Response::HTTP_UNAUTHORIZED"`
Adds placeholder codes for development 2015-11-06 21:39:33 +01:00			`---`

Remove markdown line limit (#52) * Removes line length limit from Status Code Markdown This will make the data easier to use when we develop the API, it needs to be consistent, arbitrary new lines (especially in text format) will be a major issue, so some sort of workaround would have to be implemented, easier to simply fix the source files. * Removes line length limit from misc. Markdown files 2016-04-23 02:12:07 +02:00			`The request has not been applied because it lacks valid authentication credentials for the target resource.`
Gives 4xx codes simple opening paragraphs 2015-11-07 06:45:46 +01:00
Remove markdown line limit (#52) * Removes line length limit from Status Code Markdown This will make the data easier to use when we develop the API, it needs to be consistent, arbitrary new lines (especially in text format) will be a major issue, so some sort of workaround would have to be implemented, easier to simply fix the source files. * Removes line length limit from misc. Markdown files 2016-04-23 02:12:07 +02:00			`The server generating a 401 response MUST send a WWW-Authenticate header field<sup>[1](#ref-1)</sup> containing at least one challenge applicable to the target resource.`
Adds 4xx Client Error class status codes descriptions from latest standards 2015-11-07 05:34:40 +01:00
Remove markdown line limit (#52) * Removes line length limit from Status Code Markdown This will make the data easier to use when we develop the API, it needs to be consistent, arbitrary new lines (especially in text format) will be a major issue, so some sort of workaround would have to be implemented, easier to simply fix the source files. * Removes line length limit from misc. Markdown files 2016-04-23 02:12:07 +02:00			If the request included authentication credentials, then the 401 response indicates that authorization has been refused for those credentials. The user agent MAY repeat the request with a new or replaced Authorization header field<sup>[2](#ref-2)</sup>. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user agent SHOULD present the enclosed representation to the user, since it usually contains relevant diagnostic information.
Adds 4xx Client Error class status codes descriptions from latest standards 2015-11-07 05:34:40 +01:00
Improves 4xx class status codes with referencing 2015-11-09 02:44:05 +01:00			`---`

			`* <span id="ref-1"><sup>1</sup> WWW-Authenticate [RFC7235 Section 4.1][2]</span>`
			`* <span id="ref-2"><sup>2</sup> Authorization [RFC7235 Section 4.2][3]</span>`
			`* Source: [RFC7235 Section 3.1][1]`
Adds 4xx Client Error class status codes descriptions from latest standards 2015-11-07 05:34:40 +01:00
			`[1]: <http://tools.ietf.org/html/rfc7235#section-3.1>`
			`[2]: <http://tools.ietf.org/html/rfc7235#section-4.1>`
Add Go status constants 2016-01-27 23:08:33 +01:00			`[3]: <http://tools.ietf.org/html/rfc7235#section-4.2>`