From 99ac0d39dc98bdb6fd4950aed0ecfcf4772c17f6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adri=C3=A0=20Sala?=
 <22398818+adrisala@users.noreply.github.com>
Date: Thu, 23 Apr 2026 16:35:45 +0200
Subject: [PATCH] feat: improve unauthorized response on aap deployments
 (#16422)

---
 awx/api/generics.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/awx/api/generics.py b/awx/api/generics.py
index 03289db5a5..67b0d46dd8 100644
--- a/awx/api/generics.py
+++ b/awx/api/generics.py
@@ -272,7 +272,10 @@ class APIView(views.APIView):
                 response = self.handle_exception(self.__init_request_error__)
             if response.status_code == 401:
                 if response.data and 'detail' in response.data:
-                    response.data['detail'] += _(' To establish a login session, visit') + ' /api/login/.'
+                    if getattr(settings, 'RESOURCE_SERVER__URL', None):
+                        response.data['detail'] += _(' Direct access is not allowed, authenticate via the platform gateway.')
+                    else:
+                        response.data['detail'] += _(' To establish a login session, visit') + ' /api/login/.'
                 logger.info(status_msg)
             else:
                 logger.warning(status_msg)