HTTP 401 is a status code that indicates "Unauthorized" access to a resource on the web. This response is sent by a server when a client, such as a web browser, attempts to access a protected resource without proper authentication credentials. It signals that the request has not been applied because it lacks valid authentication information. When a server returns an HTTP 401 status, it often includes a header field called WWW-Authenticate, which specifies how the client can authenticate itself. This may involve providing a username and password or using other authentication methods to gain access to the requested resource.