HTTP 100 Continue vs 401 Unauthorized
HTTP 100 (Continue) is a 1xx Informational response, while 401 (Unauthorized) is a 4xx Client Error response. 100 indicates that the server has received the request headers and the client should proceed to send the request body. This lets the client know it can continue with the request or abort if the headers were rejected. In contrast, 401 means that the request requires user authentication. The response includes a WWW-Authenticate header indicating the authentication scheme.
Description
The server has received the request headers and the client should proceed to send the request body. This lets the client know it can continue with the request or abort if the headers were rejected.
When You See It
When a client sends an Expect: 100-continue header, the server responds with 100 before the client sends the body.
How to Fix
This is an interim response — no fix needed. The client should continue sending the request body.
Description
The request requires user authentication. The response includes a WWW-Authenticate header indicating the authentication scheme.
When You See It
When accessing a protected resource without credentials or with expired tokens.
How to Fix
Include valid authentication credentials (API key, Bearer token, Basic auth) in the Authorization header.
Key Differences
100 is a 1xx Informational response, while 401 is a 4xx Client Error response.
HTTP 100: The server has received the request headers and the client should proceed to send the request body. This lets the client know it can continue with the request or abort if the headers were rejected.
HTTP 401: The request requires user authentication. The response includes a WWW-Authenticate header indicating the authentication scheme.
You encounter 100 when when a client sends an Expect: 100-continue header, the server responds with 100 before the client sends the body.
You encounter 401 when when accessing a protected resource without credentials or with expired tokens.
When to Use Which
For 100 (Continue): This is an interim response — no fix needed. The client should continue sending the request body. For 401 (Unauthorized): Include valid authentication credentials (API key, Bearer token, Basic auth) in the Authorization header.