350-401 · Question #28
Which HHTP status code is the correct response for a request with an incorrect password applied to a REST API session?
The correct answer is C. HTTP Status Code 401. HTTP 401 Unauthorized is the appropriate response when a client provides incorrect credentials (such as a wrong password) to a REST API, because it specifically indicates that the request lacks valid authentication to access the requested resource. Why the other options are wrong
Question
Which HHTP status code is the correct response for a request with an incorrect password applied to a REST API session?
Options
- AHTTP Status Code 200
- BHTTP Status Code 302
- CHTTP Status Code 401
- DHTTP Status Code: 504
How the community answered
(33 responses)- A3% (1)
- C94% (31)
- D3% (1)
Explanation
HTTP 401 Unauthorized is the appropriate response when a client provides incorrect credentials (such as a wrong password) to a REST API, because it specifically indicates that the request lacks valid authentication to access the requested resource.
Why the other options are wrong:
- 200 OK signals a successful request - clearly inappropriate when authentication has failed
- 302 Found is a redirection code, used when a resource has temporarily moved to a different URL, not for authentication failures
- 504 Gateway Timeout indicates a server acting as a gateway did not receive a timely response from an upstream server - a network/server issue, not a credentials issue
Memory Tip: Think of 401 as the "Who are you?" code - the server is essentially saying "I don't recognize your credentials, prove your identity." You can contrast it with 403 Forbidden, which means "I know who you are, but you're not allowed in" - knowing this distinction helps reinforce that 401 is specifically about failed authentication, not authorization.
Topics
Community Discussion
No community discussion yet for this question.