401 Unauthorized
Authentication is required and has failed or not been provided.
What it means
HTTP 401 Unauthorized means the request lacks valid authentication credentials. Despite the name, it is about authentication (proving who you are), not authorization. The response includes a WWW-Authenticate header describing how to authenticate.
When it happens
It happens when accessing a protected resource without logging in, with an expired session or token, or with incorrect credentials.
How to fix it
- Provide valid credentials or a current access token with the request.
- Refresh expired sessions or tokens before retrying.
- Confirm the WWW-Authenticate scheme the server expects (Bearer, Basic, etc.).
- For APIs, verify the Authorization header is being sent and not stripped by a proxy.
SEO impact
Pages behind 401 are not indexed, which is usually intended for private content. Make sure pages you want ranked are not accidentally gated behind authentication.
Find out which of your URLs return 401
Paste a list of URLs and Sitewell checks the status code of every one at once — free and without signup.
Related codes
The server understood the request but refuses to authorize it.
400 Bad RequestThe server could not understand the request due to malformed syntax.
402 Payment RequiredA largely reserved code intended for payment-gated access to a resource.
404 Not FoundThe server could not find the requested resource.
405 Method Not AllowedThe HTTP method used is not supported for the requested resource.
406 Not AcceptableThe server cannot produce a response matching the formats the client said it would accept.
Related guides
A plain-English primer on HTTP status codes for SEOs: what the 2xx, 3xx, 4xx, and 5xx families mean, which ones affect rankings, and the codes worth knowing.
How to find and fix broken linksA practical walkthrough for finding broken links on your site, working out why each one breaks, and fixing them so visitors and crawlers stop hitting dead ends.