joeriharleman
commented
2 years ago Hello @leowe!
Thank you for submitting your issue. Unfortunately this repository is largely unmaintained, which means issues remain unseen and do not get dealt with in a respectable manner. We're sorry for not getting back to you sooner.
This issue has been around for a long time so we will close it for now, but please let our excellent 24/5 support staff know you if you have any unresolved issues with our platform, documentation or APIs. They're also really good at noting down feature requests for our development teams. Please find them on our support page by clicking the little icon in the bottom right corner of the screen.
Kind regards, Joeri from Toggl
As stated in the documentation "If authentication fails, HTTP status code 403 is returned. You can read more about authentication and see sample requests here." This is the wrong response HTTP status code, since 403 means "Forbidden". This is opposed to the case where authentication fails. Here an authentication is required, the resource is generally not forbidden. The right HTTP status code would therefore be 401. Please change the response code for a failed authentication to 403.
As reference see https://en.wikipedia.org/wiki/HTTP_403 in the section "Specification"