Recently I am learning jwt but I can not understand the actual work of jwt and 401 and 403 errors. It will be helpful for me if someone gives me a clear understanding of it. Thanks.
Asked
Active
Viewed 1,773 times
1 Answers
3
Http status 401
typically means that you are not correctly authenticated. This can be various things, e.g.
- you did not send JWT token in the request
- you sent JWT token in the request, but it is not valid (e.g. signature could not be validated)
- you sent JWT token in the request but it has expired.
Http status 403
typically means that you are not authorized. E.g. you provided correct JWT token, but you do not have access to the requested resource. E.g.
- a logged in user, with JWT token, tried to access an "admin page" but did not have access.
Jonas
- 121,568
- 97
- 310
- 388