Comment 6 for bug 1747655

Hi Jamie Lennox:

We can keep 503.
But we can let user to know the error reason ASAP instead of guess, do you agree?

As a end user:
1. How do you know that the user/pass is wrong from the return response message?
"503 Service Unavailable" is meaningless to user.
"The server is currently unavailable. Please try again at a later time" is also misleading.

2. as you mentioned, developer knows ksa_exceptions.Unauthorized can be 401/403 (maybe 404).
IMHO He can do some improvement, for example classifies these exceptions(401/403).
Instead return the uniform msg as the code show.

            msg = _('Identity server rejected authorization necessary to '
                    'fetch token data')
            raise ksm_exceptions.ServiceError(msg)

The restful response also swallowed the above msg.