I am developing an app using a third party package which assigns roles to users. If user has been assigned a role 1 is returned, otherwise 0 is returned.
I want to send back a message to clients if role assignment failed. Which status code should I use?
EDIT: the third party package is like a black box to me and its not possible for me to figure out the failure reason . so maybe I need a generic status code
If you're talking about authentication, (which I think you are), from your own Wikipedia link:
401 Unauthorized
Similar to 403 Forbidden, but specifically for use when authentication is required and has failed or has not yet been provided. The response must include a WWW-Authenticate header field containing a challenge applicable to the requested resource. See Basic access authentication and Digest access authentication. 401 semantically means "unauthenticated", i.e. the user does not have the necessary credentials.
Note: Some sites issue HTTP 401 when an IP address is banned from the website (usually the website domain) and that specific address is refused permission to access a website.
Reference: https://en.wikipedia.org/wiki/List_of_HTTP_status_codes