Api returns "200 OK" instead of "401 Unauthorized"?

@stesvis What do you mean "logged out"? your API should be accepting a Bearer token... it doesn't rely on you being logged in to the site.

If this is for SPA, please specify.

Are you using routes/web.php or routes/api.php? Can you please show your route?

This is the route @mariohbrino :

Route::resource('vehicles', 'Api\VehiclesApiController')->middleware('auth:api');

And I use it from a mobile app.

I think I managed to resolve it tho, by passing this header: Accept: application/json

With it, if i try to consume the endpoint without a token it returns 401 correctly. Without it, it would return the html of my login page (where the Authenticate middleware redirects me).

@fylzero yes by "logged out" i mean not authenticated, no token.