Which statement best describes the HTTP 401 Unauthorized status code?
Think about when the server asks for credentials.
401 Unauthorized means the client needs to provide valid authentication credentials to access the resource.
Which statement best describes the HTTP 403 Forbidden status code?
Think about when authentication is done but access is denied.
403 Forbidden means the server understood the request and the client is authenticated, but the client does not have permission to access the resource.
What HTTP status code will this API return if the client sends no authentication token?
def api_request(auth_token=None): if auth_token is None: return 401 elif auth_token == 'valid_token': return 200 else: return 403 print(api_request())
Check what happens when auth_token is None.
If no token is provided, the function returns 401 Unauthorized.
What HTTP status code will this API return if the client sends an invalid authentication token?
def api_request(auth_token=None): if auth_token is None: return 401 elif auth_token == 'valid_token': return 200 else: return 403 print(api_request('invalid_token'))
Check what happens when auth_token is not None and not valid.
If the token is invalid, the function returns 403 Forbidden.
A user tries to access a private page on a website. They are logged in but do not have permission to view this page. Which HTTP status code should the server return?
The user is authenticated but not allowed to access the resource.
403 Forbidden is used when the user is authenticated but lacks permission to access the resource.