Content
View differences
Updated by Jan Sandbrink over 12 years ago
**Reproduction**
- Call http://yourinstance/api/v2/authentication.xml
- when REST-API is **disabled**
- and when REST-API is **enabled**, but with **wrong** credentials
**expected (earlier) behavior**
- both cases result in a different return code
- 401 when API disabled
- 403 when credentials are wrong
**actual behavior**
- HTTP 401 in both cases
**Remark**
I (personally) don’t really care which Status-Code is returned in which scenario. I just need a <ins>reliable</ins> way to distinguish both cases, to provide better user feedback.
- Call http://yourinstance/api/v2/authentication.xml
- when REST-API is **disabled**
- and when REST-API is **enabled**, but with **wrong** credentials
**expected (earlier) behavior**
- both cases result in a different return code
- 401 when API disabled
- 403 when credentials are wrong
**actual behavior**
- HTTP 401 in both cases
**Remark**
I (personally) don’t really care which Status-Code is returned in which scenario. I just need a <ins>reliable</ins> way to distinguish both cases, to provide better user feedback.