Fix HTTP response code when refusing action
Return Forbidden(403) instead of Unauthorized(401) when refusing a requested action, because the VM is suspended or the resource is public. Unauthorized should be used only when authentication is required and has failed or has not yet been provided.
Please register or sign in to comment