Token Auth Denial Code

This feature requires the Token-Based Authentication feature which must be purchased separately. Contact your CDN account manager to activate it.

Category: Access

Purpose: Determines the type of response that will be returned to a user when a request is denied access due to Token-Based Authentication.

The available response codes are listed below.

Response Code Response Name Description

301

Moved Permanently

This status code redirects unauthorized users to the URL specified in the Location header.

302

Found

This status code redirects unauthorized users to the URL specified in the Location header. This status code is the industry standard method of performing a redirect.

307

Temporary Redirect

This status code redirects unauthorized users to the URL specified in the Location header.

401

Unauthorized

Combining this status code with the WWW-Authenticate response header allows you to prompt a user for authentication.

403

Forbidden

This is the standard 403 Forbidden status message that an unauthorized user will see when trying to access protected content.

404

File Not Found

This status code indicates that the HTTP client was able to communicate with the server, but the requested content was not found.

410

Gone

This status code indicates that the HTTP client was able to communicate with the server, but the requested content was not found. The use of this status code indicates that this condition is permanent.

URL Redirection

This feature supports URL redirection to a user-defined URL when it is configured to return a 3xx status code. This user-defined URL can be specified by performing the following steps:

  1. Select a 3xx response code for the Token Auth Denial Code feature.
  2. Select "Location" from the Header Name option.
  3. Set the Header Value option to the desired URL.

If a URL is not defined for a 3xx status code, then the standard response page for a 3xx status code will be returned to the user.

URL redirection is only applicable for 3xx response codes.

The Header Value option supports alphanumeric characters, quotation marks, and spaces.

Authentication

This feature supports the capability to include the WWW-Authenticate header when responding to an unauthorized request for content protected by Token-Based Authentication. If the WWW-Authenticate header has been set to "basic" in your configuration, then the unauthorized user will be prompted for account credentials.

The above configuration can be achieved by performing the following steps:

  1. Select "401" as the response code for the Token Auth Denial Code feature.
  2. Select "WWW-Authenticate" from the Header Name option.
  3. Set the Header Value option to "basic."

The WWW-Authenticate header is only applicable for 401 response codes.