What is the appropiate http status code to give, when a user is using an unallowed authorization method?

For context, I am working on an API in postman, where an http request can be authorized using an api key or basic authentication.

I was using 401 as a status code if a different authorization method was used. Is there a more suitable status code for that?

Solution

I think the appropriate status code would be 405 - method not allowed. But also status code 401 - unauthorized would work. More accurate would be the 405.

http.request body forwarding breaks request
What is the appropiate http status code to give, when a user is using an unallowed authorization method?
How to use java.net.URLConnection to fire and handle HTTP requests
HTTP Request works in Postman and curl, but not in .NET Core code and throws 504 (Gateway Timeout) and 502 (Proxy Error) errors
A task was canceled on the await call (POST) due to timeout when response from server (Python flask) is too quick
Simulate a specific CURL in PostMan
Issues requesting DETAILED reports for API App Store Connect
How to read the body of a HttpRequest in Java 11?
How to get the origin URL in FastAPI?
Unable to perform http request asynchronously in ClearScript V8
Amazon Cognito: How to stop getting "redirect_mismatch" error when redirecting from browser to Android app
Send HTTP POST request in .NET
Why do I get 411 Length required error in my HttpWebRequest?
Log RequestId in asp.net core
Can I perform a GET request / fetch inside of a neovim plugin?
Node js multiple requests concurrently
Is there any way of getting request body in a interceptor but it can still be accessed by the controllers?
Monitor HTTP traffic for Azure Web App using Log analitics and KQL query
How to protect against users submitting unencrypted data to a zero-access encryption system?
How to make sure server accepts request from mobile applications only
StringValues.Contains() always returns false
How to use Http, Socks4 and Socks5 proxies in java?
Node Jsdom Scrape Google's Reverse Image Search
How to intercept network from Android Application without Android Studio?
How to get data from Azure Workflow Trigger Histories - List
How to make an HTTP GET request in Node.js Express?
Logging HTTP requests and responses in quarkus resteasy
Inject Trace Context into header of a incomming Request in Go. (Custom Plugin for KrakenD)
Why do I get the email but not the ID of the user in Django when using users_data = validated_data.pop(‘users’, [])?
Nodejs API testing with Jmeter POST and PUT