Webpage calls API A. Service behind API A acquires token for external API B and sends a request.
API A responds 401 Unauthorized when user is not authorized using token from webpage. But it also responds 401 when acquired token for API B lacks authorization.
This is not a good pattern, because webpage needs to behave differently for these two cases.
How should the response from API A look like (right status code etc.) in case API B is unauthorized, so it could be handled in the front-end? There are many options, but I couldn't find any textbook example for that situation.
question from:
https://stackoverflow.com/questions/66047857/how-to-pass-information-to-webpage-which-api-is-unauthorized 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
