Useing current 401 causes some issues when saml2auth is enabled and the ckan app has an internal url behind a proxy, as noticed in https://github.com/GSA/data.gov/issues/3863.
Changing 401 to 403 resolved the issue. It is the recommend way to respond to unauthorized request in the CKAN core: https://github.com/ckan/ckan/pull/2846
Useing current 401 causes some issues when saml2auth is enabled and the ckan app has an internal url behind a proxy, as noticed in https://github.com/GSA/data.gov/issues/3863.
Changing 401 to 403 resolved the issue. It is the recommend way to respond to unauthorized request in the CKAN core: https://github.com/ckan/ckan/pull/2846