This feature requires the Token-Based Authentication feature which must be purchased separately. Contact your CDN account manager to activate it.
Category: Access
Purpose: Determines the type of response that will be returned to a user when a request is denied access due to Token-Based Authentication.
The available response codes are listed below.
Response Code | Response Name | Description |
---|---|---|
301 |
Moved Permanently |
This status code redirects unauthorized users to the URL specified in the Location header. |
302 |
Found |
This status code redirects unauthorized users to the URL specified in the Location header. This status code is the industry standard method of performing a redirect. |
307 |
Temporary Redirect |
This status code redirects unauthorized users to the URL specified in the Location header. |
401 |
Unauthorized |
Combining this status code with the WWW-Authenticate response header allows you to prompt a user for authentication. |
403 |
Forbidden |
This is the standard 403 Forbidden status message that an unauthorized user will see when trying to access protected content. |
404 |
File Not Found |
This status code indicates that the HTTP client was able to communicate with the server, but the requested content was not found. |
410 |
Gone |
This status code indicates that the HTTP client was able to communicate with the server, but the requested content was not found. The use of this status code indicates that this condition is permanent. |
This feature supports URL redirection to a user-defined URL when it is configured to return a 3xx status code. This user-defined URL can be specified by performing the following steps:
If a URL is not defined for a 3xx status code, then the standard response page for a 3xx status code will be returned to the user.
URL redirection is only applicable for 3xx response codes.
The Header Value option supports alphanumeric characters, quotation marks, and spaces.
This feature supports the capability to include the WWW-Authenticate header when responding to an unauthorized request for content protected by Token-Based Authentication. If the WWW-Authenticate header has been set to "basic" in your configuration, then the unauthorized user will be prompted for account credentials.
The above configuration can be achieved by performing the following steps:
The WWW-Authenticate header is only applicable for 401 response codes.