You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@dragotin: I think we should specify this to distinguish wrong credentials (a failed login due to wrong/expired user password) from accessing a resource without permissions with good credentials.
I guess:
for wrong credentials it is: 401 Unauthorized -- user may/will be asked to re-authenticate (password)
for good credentials but no permission it is: 403 Forbidden -- user won't be asked to reauthenticate.
Is this correct?
The text was updated successfully, but these errors were encountered:
@dragotin: I think we should specify this to distinguish wrong credentials (a failed login due to wrong/expired user password) from accessing a resource without permissions with good credentials.
I guess:
Is this correct?
The text was updated successfully, but these errors were encountered: