Bird
0
0

A user has successfully logged into your REST API but attempts to access an admin-only endpoint. What HTTP status code should your API return?

easy📝 Conceptual Q2 of 15
Rest API - HTTP Status Codes
A user has successfully logged into your REST API but attempts to access an admin-only endpoint. What HTTP status code should your API return?
A401 Unauthorized
B403 Forbidden
C404 Not Found
D400 Bad Request
Step-by-Step Solution
Solution:

  1. Step 1: Identify user authentication status

    The user is already logged in, so authentication is confirmed.

  2. Step 2: Check authorization for the resource

    The user lacks permission to access the admin endpoint, indicating an authorization failure.

  3. Final Answer:

    403 Forbidden -> Option B

  4. Quick Check:

    User authenticated but not authorized [OK]
Quick Trick: Logged in but no permission? Return 403 Forbidden [OK]
Common Mistakes:
  • Returning 401 Unauthorized when user is authenticated
  • Using 404 Not Found to hide resource existence
  • Confusing 400 Bad Request with authorization errors

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Rest API Quizzes
HTTP Methods - PATCH for partial updates - Quiz 12easy HTTP Methods - PATCH for partial updates - Quiz 11easy HTTP Status Codes - 400 Bad Request - Quiz 1easy HTTP Status Codes - 422 Unprocessable Entity - Quiz 6medium HTTP Status Codes - 204 No Content - Quiz 1easy REST API Fundamentals - Statelessness requirement - Quiz 8hard REST API Fundamentals - Why REST APIs exist - Quiz 9hard Request and Response Format - Content negotiation - Quiz 9hard Request and Response Format - Response envelope patterns - Quiz 8hard URL and Resource Design - Noun-based resource naming - Quiz 13medium