Timeline for Not prohibited, but disallowed -- which http error code should I return?
Current License: CC BY-SA 3.0
4 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Dec 7, 2017 at 0:46 | vote | accept | Kakki | ||
| Dec 6, 2017 at 4:48 | comment | added | Erik Eidt | agree: I agree with @mgh42: see authorized vs. authenticated. 401 is about a simple error that the webserver can detect (like not logged in), whereas 403 is an application-level error for that user. "In summary, a 401 Unauthorized response should be used for missing or bad authentication, and a 403 Forbidden response should be used afterwards, when the user is authenticated but isn’t authorized to perform the requested operation on the given resource." | |
| Dec 6, 2017 at 4:28 | review | First posts | |||
| Dec 6, 2017 at 12:10 | |||||
| Dec 6, 2017 at 4:26 | history | answered | mgh42 | CC BY-SA 3.0 |