350-401 · Question #456
What is the result of sending a GET REST API call that does not contain the necessary authentication data to a server?
The correct answer is A. The server responds with a 4xx response code without executing the call.. REST API Authentication Failure Explained When a REST API server receives a request lacking valid authentication credentials, it immediately rejects the request with a 4xx HTTP status code (most commonly 401 Unauthorized or 403 Forbidden) without processing or executing the call
Question
What is the result of sending a GET REST API call that does not contain the necessary authentication data to a server?
Options
- AThe server responds with a 4xx response code without executing the call.
- BThe server authenticates the client using its IP address and executes the call accordingly.
- CThe server keeps the session open and waits for the client o supply the authentication data, then
- DThe server executes the call with guest privileges.
How the community answered
(47 responses)- A89% (42)
- B2% (1)
- C6% (3)
- D2% (1)
Explanation
REST API Authentication Failure Explained
When a REST API server receives a request lacking valid authentication credentials, it immediately rejects the request with a 4xx HTTP status code (most commonly 401 Unauthorized or 403 Forbidden) without processing or executing the call - this is by design to protect server resources and data security.
Why the distractors are wrong:
- Option B is incorrect because REST APIs are stateless and do not use IP addresses as an authentication mechanism; IP-based trust is a network-level concept, not a REST authentication method.
- Option C is incorrect because REST is a stateless protocol, meaning the server never holds a session open waiting for additional client input - each request must be fully self-contained.
- Option D is incorrect because most REST APIs are configured to deny access entirely when credentials are missing, rather than silently downgrading to guest access (which would be a significant security vulnerability).
Memory Tip: Think of 4xx as "Client's fault" - if you forget your credentials, the server punishes you immediately with an error and moves on. REST servers are like strict bouncers: no ID, no entry, no waiting.
Topics
Community Discussion
No community discussion yet for this question.