What Is a 401 Status Code?
The request has not been applied because it lacks valid authentication credentials for the target resource.
The server generating a 401 response MUST send a WWW-Authenticate header field1 containing at least one challenge applicable to the target resource.
If the request included authentication credentials, then the 401 response indicates that authorization has been refused for those credentials. The user agent MAY repeat the request with a new or replaced Authorization header field2. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user agent SHOULD present the enclosed representation to the user, since it usually contains relevant diagnostic information.
- 1 WWW-Authenticate RFC7235 Section 4.1
- 2 Authorization RFC7235 Section 4.2
- Source: RFC7235 Section 3.1
401 CODE REFERENCES
Rails HTTP Status Symbol
Go HTTP Status Constant
Symfony HTTP Status Constant
Python2 HTTP Status Constant
Python3+ HTTP Status Constant
Python3.5+ HTTP Status Constant
Apache HttpComponents Core
401 status code example
Here is a 401 status code example:
GET /private-data HTTP/1.1
HTTP/1.1 401 Unauthorized
WWW-Authenticate: Basic realm="Restricted Area"
<p>You are not authorized to access this resource.</p>
How to fix a 401 status code
A 401 status code indicates that the request lacks valid authentication credentials for the requested resource. To fix a 401 status code, the user needs to provide valid authentication credentials, such as a username and password or an access token, and include them in the request headers.
FAQs about a 401 Unauthorized error
Learn more about a 401 Unauthorized error with these FAQs:
What causes a 401 status code?
A 401 status code is caused by a lack of valid authentication credentials for the requested resource. This can occur if the user provides incorrect or expired credentials, the authentication credentials are missing, or the authentication method used is not supported by the server.
What is the difference between a 401 status code and a 404 status code?
A 401 status code indicates that the client lacks valid authentication credentials for the requested resource, while a 404 status code indicates that the server could not find the requested resource. In other words, a 401 status code means that the server knows the requested resource exists, but the client is not authorized to access it. A 404 status code means that the server does not know the requested resource exists.
What is the difference between a 401 status code and a 403 status code?
A 401 status code indicates that the client lacks valid authentication credentials for the requested resource, while a 403 status code indicates that the client has valid authentication credentials but is not authorized to access the requested resource. In other words, a 401 status code means that the client needs to provide valid authentication credentials to access the resource, while a 403 status code means that the client has provided valid authentication credentials, but does not have sufficient permissions to access the resource.
Does a 401 status code affect SEO?
A 401 status code does not affect search engine optimization (SEO) directly.
However, it can impact user experience if the user is unable to access the requested resource. If the resource is important for SEO purposes, such as a login page or a page with valuable content, a 401 status code can negatively impact SEO indirectly.
- Learn about web development
- Learn about SEO
- Web development services from WebFX
- SEO services from WebFX
- MDN Web Docs