SIP 401 Unauthorized vs 407 Proxy Authentication Required
SIP 401 and 407 both require authentication, but from different entities. A 401 is issued by the UAS (the endpoint or registrar), while a 407 is issued by a SIP proxy. The client must respond with different headers depending on which challenge it received.
विवरण
The request requires user authentication. The response includes a WWW-Authenticate header with a challenge for the realm.
जब आप इसे देखें
When making a request that requires Digest authentication. Common for REGISTER and INVITE requests to authenticated SIP trunks.
कैसे ठीक करें
Resend the request with proper Authorization header containing valid credentials (Digest authentication).
विवरण
The client must first authenticate with the proxy. The proxy returns a Proxy-Authenticate header with a challenge.
जब आप इसे देखें
When a SIP proxy requires authentication before forwarding the request. Similar to 401 but for proxy servers.
कैसे ठीक करें
Resend the request with a Proxy-Authorization header containing valid credentials for the proxy.
मुख्य अंतर
401 is challenged by the UAS (registrar, endpoint); 407 is challenged by a SIP proxy in the signaling path.
401 requires an Authorization header in the retry; 407 requires a Proxy-Authorization header.
401 uses WWW-Authenticate to issue the challenge; 407 uses Proxy-Authenticate.
In a multi-hop SIP topology, a request may need to authenticate at both proxy (407) and endpoint (401) levels.
Both use Digest authentication with nonces, but the header names and target entities differ.
कब किसका उपयोग करें
A SIP registrar returns 401 when a UA tries to REGISTER without credentials. A SIP proxy returns 407 when it needs to authenticate the caller before forwarding the request. SIP clients must handle both challenges and respond with the correct Authorization or Proxy-Authorization header.