pzampino commented on issue #251: KNOX-2215 - Token service should return a 401 response when the renew… URL: https://github.com/apache/knox/pull/251#issuecomment-581188149 @risdenk, my rational for choosing 401 is the definition from https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html: 401: "If the request already included Authorization credentials, then the 401 response indicates that **authorization** has been refused for those credentials." 403: "The server understood the request, but is refusing to fulfill it. Authorization will not help" So, in this case, the renewing/revoking user is _AUTHENTICATED_, but **NOT AUTHORIZED** to perform the requested operation.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
