Bird
0
0

Which HTTP status code should a REST API return when a user is logged in but tries to access a resource they don't have rights for?

easy📝 Syntax Q12 of 15
Rest API - HTTP Status Codes
Which HTTP status code should a REST API return when a user is logged in but tries to access a resource they don't have rights for?
A404 Not Found
B401 Unauthorized
C403 Forbidden
D500 Internal Server Error
Step-by-Step Solution
Solution:

  1. Step 1: Identify the meaning of 403 Forbidden

    403 means the user is authenticated but does not have permission to access the resource.

  2. Step 2: Confirm 401 is for unauthenticated users

    401 is for users who are not logged in or have invalid credentials, so it does not apply here.

  3. Final Answer:

    403 Forbidden -> Option C

  4. Quick Check:

    403 Forbidden = Logged in but no permission [OK]
Quick Trick: 403 means permission denied after login [OK]
Common Mistakes:
  • Using 401 when user is logged in
  • Confusing 403 with 404 Not Found
  • Thinking 403 means server error

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Rest API Quizzes
HTTP Methods - PATCH for partial updates - Quiz 12easy HTTP Methods - PATCH for partial updates - Quiz 11easy HTTP Status Codes - 400 Bad Request - Quiz 1easy HTTP Status Codes - 422 Unprocessable Entity - Quiz 6medium HTTP Status Codes - 204 No Content - Quiz 1easy REST API Fundamentals - Statelessness requirement - Quiz 8hard REST API Fundamentals - Why REST APIs exist - Quiz 9hard Request and Response Format - Content negotiation - Quiz 9hard Request and Response Format - Response envelope patterns - Quiz 8hard URL and Resource Design - Noun-based resource naming - Quiz 13medium