401 instead of 403 should be returned when the JWT access token is invalid or expired. 403 is used when the client has valid authentication credentials but it does not have the necessary permissions. Any applications consuming the API whose logic depends on this status code will need to be updated.
https://github.com/search?q=repo%3Aral-facilities%2Fobject-storage-api%20%22403%22&type=code
401instead of403should be returned when the JWT access token is invalid or expired.403is used when the client has valid authentication credentials but it does not have the necessary permissions. Any applications consuming the API whose logic depends on this status code will need to be updated.https://github.com/search?q=repo%3Aral-facilities%2Fobject-storage-api%20%22403%22&type=code