-2

I have Laravel CMS and I am confusing with HTTP responses.

If the logged user is not admin (should I use 401). If the logged user not have privilege to open specific page (should I use 403).

Tom Aranda
  • 5,562
  • 11
  • 31
  • 50
Kareem Nour Emam
  • 1,026
  • 3
  • 13
  • 27
  • 1
    Possible duplicate of [403 Forbidden vs 401 Unauthorized HTTP responses](https://stackoverflow.com/questions/3297048/403-forbidden-vs-401-unauthorized-http-responses) – JJJ Feb 18 '18 at 20:38
  • If you're not logged in, 401. If you're logged in as the wrong account, 403. – Obsidian Age Feb 18 '18 at 20:40

1 Answers1

1

You got it correct. Those are the appropriate status codes for each of those situations.

Evert
  • 83,661
  • 18
  • 106
  • 170