mirror of
https://github.com/rmaake1/httpstatuses.git
synced 2024-11-02 00:32:36 +01:00
35 lines
1.4 KiB
Markdown
35 lines
1.4 KiB
Markdown
---
|
|
set: 4
|
|
code: 401
|
|
title: Unauthorized
|
|
references:
|
|
"Rails HTTP Status Symbol": ":unauthorized"
|
|
"Go HTTP Status Constant": "http.StatusUnauthorized"
|
|
"Symfony HTTP Status Constant": "Response::HTTP_UNAUTHORIZED"
|
|
---
|
|
|
|
The request has not been applied because it lacks valid authentication
|
|
credentials for the target resource.
|
|
|
|
The server generating a 401 response MUST send a WWW-Authenticate header
|
|
field<sup>[1](#ref-1)</sup> containing at least one challenge applicable to the
|
|
target resource.
|
|
|
|
If the request included authentication credentials, then the 401 response
|
|
indicates that authorization has been refused for those credentials. The user
|
|
agent MAY repeat the request with a new or replaced Authorization header
|
|
field<sup>[2](#ref-2)</sup>. If the 401 response contains the same challenge as
|
|
the prior response, and the user agent has already attempted authentication at
|
|
least once, then the user agent SHOULD present the enclosed representation to
|
|
the user, since it usually contains relevant diagnostic information.
|
|
|
|
---
|
|
|
|
* <span id="ref-1"><sup>1</sup> WWW-Authenticate [RFC7235 Section 4.1][2]</span>
|
|
* <span id="ref-2"><sup>2</sup> Authorization [RFC7235 Section 4.2][3]</span>
|
|
* Source: [RFC7235 Section 3.1][1]
|
|
|
|
[1]: <http://tools.ietf.org/html/rfc7235#section-3.1>
|
|
[2]: <http://tools.ietf.org/html/rfc7235#section-4.1>
|
|
[3]: <http://tools.ietf.org/html/rfc7235#section-4.2>
|