diff --git a/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java b/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java index 879ba4ce92..4a6513c6c8 100644 --- a/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java +++ b/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java @@ -224,7 +224,7 @@ public void checkAndAuthenticateRequest(SecurityRequestChannel requestChannel) t final OpenSearchException exception = ExceptionUtils.createBadHeaderException(); log.error(exception.toString()); auditLog.logBadHeaders(requestChannel); - requestChannel.completeWithResponse(HttpStatus.SC_UNAUTHORIZED, null, exception.toString()); + requestChannel.completeWithResponse(HttpStatus.SC_FORBIDDEN, null, exception.toString()); return; }