401 - s/sufficent/required [does not imply the user will be authorized once re-authentication occurs]
401 - s/sufficent/ required [does not imply the user will be authorized once re-authentication occurs]