Difference between Forbidden and Unauthorized on Dynamic Event

Wappler General
#1

Hello,

I don’t understand the difference between Forbidden and Unauthorized when adding a Dynamic Event on a Server Connect Form:

Screenshot
Screenshot692×594 61.6 KB

Server Connect Dynamic Events: List HTTP status codes
#2

I haven’t tested this lately, but I believe Unauthorized is if the security provider indicates the user has not logged in. Forbidden is if the user has logged in, but does not have the proper permission.

1 Like
#3

Also
Unauthorized corresponds to HTTP status 401
Forbidden corresponds to HTTP status 403

1 Like
#4

From auth0.com

401 Unauthorized is the status code to return when the client provides no credentials or invalid credentials. 403 Forbidden is the status code to return when a client has valid credentials but not enough privileges to perform an action on a resource.

4 Likes
#5

I always thought it would be great if the HTTP status codes were referenced in Wappler, instead of saying just error/unauthorized/success etc., it would also show the HTTP status code that it is equivalent to. Might simplify some things for newer users. I was confused too way back in the past.

4 Likes
Server Connect Dynamic Events: List HTTP status codes