Tuesday 15 September 2020

Difference between API status code 401 and 403?

 


Check below link for question SET-01:
Top API Interview Question 1-10

The 401 (Unauthorized) status code indicates that the request not applied because it lacks valid authentication credentials for the target resource.
The 403 (Forbidden) status code indicates that the server understood the request but refuses to authorize it.


Frequent Cause
The 403 error can occur when a user able to login but don't have sufficient privileges to access the requested resource. For example, a normal user attempting to load an 'admin' route.
The most obvious time for 401 error, is when you have not logged in at all, or provided the incorrect password. If authentication credentials were provided in the request, the server considers them insufficient to  grant access.


Rare cause
403 errors can occur because of restrictions not entirely dependent on the logged in user's credentials.
401 errors can occur even if the user enters the correct credentials. This is rare, and might be something you only really encounter while developing your own authenticated back ends.
But if the authorization header is malformed it will return a 401

API Testing Interview Questions

Conclusion:
401 Unauthorized response should be utilized for missing or bad authentication, and  403 Forbidden response should be used afterwards, when the user is authenticated but isn’t authorized to perform the requested operation on the given resource.

 

Online training for API manual and automation testing batch will start from September 20th so contact @9619094122 to enroll.

 

*************************************************

API Testing Interview Question Set:
https://automationreinvented.blogspot.com/search/label/Rest-API

 
Kubernetes Interview Question Set
https://automationreinvented.blogspot.com/search/label/Kubernetes

 
Docker Interview Question Set
https://automationreinvented.blogspot.com/2020/02/top-18-docker-commands-for-aytomation.html

 
Linux Interview question Set
https://automationreinvented.blogspot.com/search/label/Linux

 
Automation Testing/SDET Framework Design
https://automationreinvented.blogspot.com/search/label/FrameworkDesign


Java Related Interview Question Set
https://automationreinvented.blogspot.com/search/label/Java


GIT Interview Question Set:
https://automationreinvented.blogspot.com/search/label/GIT


Coding Interview Question Set:
https://automationreinvented.blogspot.com/search/label/Coding%20Questions

 

By at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

All Time Popular Posts

Most Featured Post

Introduction to Web Testing with Playwright

  Introduction to Web Testing with Playwright 📌  Telegram Group:  https://t.me/+FTf_NPb--GQ2ODhl 📌  YouTube channel:  https://lnkd.in/gGUG...