-2

I have Laravel CMS and I am confusing with HTTP responses.

If the logged user is not admin (should I use 401). If the logged user not have privilege to open specific page (should I use 403).

Tom Aranda
  • 5,919
  • 11
  • 35
  • 51
Kareem Nour Emam
  • 1,054
  • 4
  • 14
  • 27
  • 1
    Possible duplicate of [403 Forbidden vs 401 Unauthorized HTTP responses](https://stackoverflow.com/questions/3297048/403-forbidden-vs-401-unauthorized-http-responses) – JJJ Feb 18 '18 at 20:38
  • If you're not logged in, 401. If you're logged in as the wrong account, 403. – Obsidian Age Feb 18 '18 at 20:40

1 Answers1

1

You got it correct. Those are the appropriate status codes for each of those situations.

Evert
  • 93,428
  • 18
  • 118
  • 189