diff --git a/internal/api/api.go b/internal/api/api.go
index 6e92894..b1e716f 100644
--- a/internal/api/api.go
+++ b/internal/api/api.go
@@ -52,6 +52,7 @@ func authFailed(w http.ResponseWriter, r *http.Request, realm string) {
 	w.Header().Set("Content-Type", "text/plain; charset=utf-8")
 	w.Header().Set("X-Content-Type-Options", "nosniff")
 	w.Header().Add("WWW-Authenticate", fmt.Sprintf(`Realm="%s"`, realm))
+	w.WriteHeader(http.StatusUnauthorized)
 
 	resp := internal.Response{
 		Message:      fmt.Sprintf(`Login failed -- Realm="%s"`, realm),