Bird
Raised Fist0

Which HTTP status code is most appropriate for a failed token refresh due to an invalid refresh token?

easy🧠 Conceptual Q2 of Q15
Rest API - Authentication and Authorization
Which HTTP status code is most appropriate for a failed token refresh due to an invalid refresh token?
A200 OK
B302 Found
C401 Unauthorized
D500 Internal Server Error
Step-by-Step Solution
Solution:

  1. Step 1: Identify status code for authentication failure

    401 Unauthorized indicates the client failed to provide valid authentication credentials.

  2. Step 2: Exclude other status codes

    200 means success, 302 is redirect, 500 is server error, none fit invalid token scenario.

  3. Final Answer:

    401 Unauthorized -> Option C

  4. Quick Check:

    Invalid token response = 401 Unauthorized [OK]
Quick Trick: Use 401 for invalid or expired tokens [OK]
Common Mistakes:
MISTAKES
  • Using 200 OK for failed refresh
  • Confusing 401 with 403 Forbidden
  • Using 500 for client errors

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Rest API Quizzes
Error Handling - Validation error details - Quiz 9hard Error Handling - Nested error reporting - Quiz 10hard Error Handling - Rate limit error responses - Quiz 9hard HATEOAS and Linking - Action links for state transitions - Quiz 6medium Pagination Patterns - Link headers for navigation - Quiz 5medium Rate Limiting and Throttling - Fixed window algorithm - Quiz 9hard Rate Limiting and Throttling - Rate limit headers (X-RateLimit) - Quiz 14medium Rate Limiting and Throttling - Per-user vs per-IP limits - Quiz 7medium Versioning Strategies - Why versioning prevents breaking changes - Quiz 2easy Versioning Strategies - Why versioning prevents breaking changes - Quiz 5medium