4xx Client Error
HTTP 401 Unauthorized
The request requires user authentication. The client must provide valid credentials (such as a token or username/password) to access the resource. Despite the name, this is about authentication, not authorization.
Common Causes
- Missing or expired authentication token
- Invalid API key or credentials
- Session has timed out and user needs to re-login
- Authorization header format is incorrect
How to Fix
- 1Include a valid Authorization header with your request
- 2Refresh expired tokens or re-authenticate
- 3Check that credentials are correct and not revoked
- 4Verify the authentication scheme (Bearer, Basic, etc.)
Example
HTTP 401 Unauthorized
GET /api/profile HTTP/1.1 → 401 Unauthorized → WWW-Authenticate: Bearer realm="api"
Related Client Error Codes
400
Bad Request
402Payment Required
403Forbidden
404Not Found
405Method Not Allowed
406Not Acceptable
407Proxy Authentication Required
408Request Timeout
409Conflict
410Gone
411Length Required
412Precondition Failed
413Content Too Large
414URI Too Long
415Unsupported Media Type
416Range Not Satisfiable
417Expectation Failed
418I'm a Teapot
421Misdirected Request
422Unprocessable Content
423Locked
424Failed Dependency
425Too Early
426Upgrade Required
428Precondition Required
429Too Many Requests
431Request Header Fields Too Large
451Unavailable For Legal Reasons