Error code invalid credentials
If you' ve just logged on and received the 401 error, it means that the credentials you entered were invalid. As the timestamp is invalid, I think the token is invalid. So the client is not authenticated anymore. So I would throw a 401 Unauthorized. You' re free to add extra data of the context as HTTP header with the X- prefix, or to add a. The correct HTTP code would actually be 401. From the RFC: The 401 ( Unauthorized) status code indicates that the request has not been applied because it lacks valid authentication credentials for the target resource. Your confusion about, myservice. com/ are/ these/ credentials/ valid sending back 401 when you just do a check, I think is. Since the Login API doesn' t require authorization, hence 401 is the wrong error code in my opinion. 4 Actual failures: invalid credentials, repeating already- done action. Invalid credentials should.
Video:Error code credentials
Error credentials invalid
For POST, repeating an action depends entirely on the nature of the action, and practically any status code may be returned. I think that if user provides bad credentials, return code should be 401. 400 would mean that the request is. 400 also does not seem correct. Invalid credentials aren' t necessarily a client error ( without further qualifications). If you use HTTP authentication as defined by RFC 7235, 401 would be correct ( for missing or incorrect credentials). This is the generic client- side error status, used when no other 4xx error code is appropriate. It' s commonly used when the client submits a. It may have provided the wrong credentials, or none at all. The credentials may be a.
I have found a lot of answers and explanations for the meanings of HTTP status codes. My question is specifically about the POST request to a login endpoint, which asks for username and password for example and the.