Change8

0.122.0

Breaking Changes
📦 fastapiView on GitHub →
1 breaking🐛 1 fixes🔧 7 symbols

Summary

This release updates security classes to return a more accurate 401 Unauthorized status code instead of 403 Forbidden when credentials are missing, and includes several internal CI/documentation improvements.

⚠️ Breaking Changes

  • Security classes now return a 401 status code instead of 403 when credentials are missing. If your client code or tests depend on 403, you must override the security classes to restore the old behavior.

Migration Steps

  1. Review client-side error handling for authentication; update expected status codes from 403 to 401.
  2. If the old 403 behavior is required, follow the guide to override security classes: https://fastapi.tiangolo.com/how-to/authentication-error-status-code/

🐛 Bug Fixes

  • Use 401 status code in security classes when credentials are missing for better HTTP compliance.

🔧 Affected Symbols

fastapi.security.HTTPBasicfastapi.security.HTTPBearerfastapi.security.OAuth2fastapi.security.OpenIdConnectfastapi.security.APIKeyCookiefastapi.security.APIKeyHeaderfastapi.security.APIKeyQuery