More clearly differentiate authentication error from authorization error in text

Question

More clearly differentiate authentication error from authorization error in text

JeroenvdV opened this issue 5 months ago · 1 comments

JeroenvdV commented 5 months ago

What would you like?

When clicking a deep link while not signed in, the page may indicate an authorization problem such as:

"YOU ARE NOT ALLOWED TO VIEW MEETINGS."

Below that is stated in small text:

"You might be able to view this page by logging in"

I think the messages would be better reworded in such a way that the lack of authentication is shown first, as most likely anything that requires authorization first requires being authenticated.

Why is this needed?

The way this error is currently presented may falsely imply that the user is already authenticated, but not authorized, which is confusing.

Other information

No response

Answer 1 · 2024-06-11T18:41:54.000Z

This is planned for/part of GH-1798 and will include the differentiation between 401 (not authenticated) and 403 (not authorized).