Token Auth Denial Code

Applies To:
HTTP Large
HTTP Small
ADN
HTTP Rules Engine - Basic Rules
HTTP Rules Engine - Advanced Rules
Token-Based Authentication

Important: This feature requires the Token-Based Authentication feature which must be purchased separately. Contact your CDN account manager to activate this feature.

This feature determines the type of response that will be returned to a user when a request is denied due to Token-Based Authentication. The available response codes are listed below.

Response Code Response Name Description
301 Moved Permanently This status code redirects unauthorized users to the URL specified in the Location header.
302 Found This status code redirects unauthorized users to the URL specified in the Location header. This status code is the industry standard method of performing a redirect.
307 Temporary Redirect This status code redirects unauthorized users to the URL specified in the Location header.
401 Unauthorized Combining this status code with the WWW-Authenticate response header allows you to prompt a user for authentication.
403 Forbidden This is the standard 403 Forbidden status message that an unauthorized user will see when trying to access protected content.
404 File Not Found This status code indicates that the HTTP client was able to communicate with the server, but the requested content was not found.

URL Redirection

This feature supports URL redirection to a user-defined URL when it is configured to return a 3xx status code. This user-defined URL can be specified by performing the following steps:

  1. Select a 3xx response code for the Token Auth Denial Code feature.
  2. Select "Location" from the Optional Header Name option.
  3. Set the Optional Header Value option to the desired URL.

If a URL is not defined for a 3xx status code, then the standard response page for a 3xx status code will be returned to the user.

Note: URL redirection is only applicable for 3xx response codes.

Note: The Optional Header Value option supports alphanumeric characters, quotation marks, and spaces.

Authentication

This feature supports the capability to include the "WWW-Authenticate" header when responding to an unauthorized request for content protected by Token-Based Authentication. If the "WWW-Authenticate" header has been set to "basic" in your configuration, then the unauthorized user will be prompted for account credentials.

The above configuration can be achieved by performing the following steps:

  1. Select "401" as the response code for the Token Auth Denial Code feature.
  2. Select "WWW-Authenticate" from the Optional Header Name option.
  3. Set the Optional Header Value option to "basic."

Note: The "WWW-Authenticate" header is only applicable for 401 response codes.