diff --git a/src/frontend/servers/y-provider/__tests__/collaborationResetConnections.test.ts b/src/frontend/servers/y-provider/__tests__/collaborationResetConnections.test.ts
index d23a12c8..4a96b4a7 100644
--- a/src/frontend/servers/y-provider/__tests__/collaborationResetConnections.test.ts
+++ b/src/frontend/servers/y-provider/__tests__/collaborationResetConnections.test.ts
@@ -24,7 +24,7 @@ describe('Server Tests', () => {
       .set('Origin', origin)
       .set('Authorization', 'wrong-api-key');
 
-    expect(response.status).toBe(403);
+    expect(response.status).toBe(401);
     expect(response.body).toStrictEqual({
       error: 'Forbidden: Invalid API Key',
     });
diff --git a/src/frontend/servers/y-provider/__tests__/convert.test.ts b/src/frontend/servers/y-provider/__tests__/convert.test.ts
index 6894fd16..02d09108 100644
--- a/src/frontend/servers/y-provider/__tests__/convert.test.ts
+++ b/src/frontend/servers/y-provider/__tests__/convert.test.ts
@@ -21,7 +21,7 @@ import {
 console.error = vi.fn();
 
 describe('Server Tests', () => {
-  test('POST /api/convert with incorrect API key should responds with 403', async () => {
+  test('POST /api/convert with incorrect API key should responds with 401', async () => {
     const app = initApp();
 
     const response = await request(app)
@@ -29,7 +29,7 @@ describe('Server Tests', () => {
       .set('Origin', origin)
       .set('Authorization', 'wrong-api-key');
 
-    expect(response.status).toBe(403);
+    expect(response.status).toBe(401);
     expect(response.body).toStrictEqual({
       error: 'Forbidden: Invalid API Key',
     });
@@ -44,7 +44,7 @@ describe('Server Tests', () => {
       .set('Authorization', 'Bearer test-secret-api-key');
 
     // Warning: Changing the authorization header to Bearer token format will break backend compatibility with this microservice.
-    expect(response.status).toBe(403);
+    expect(response.status).toBe(401);
     expect(response.body).toStrictEqual({
       error: 'Forbidden: Invalid API Key',
     });
diff --git a/src/frontend/servers/y-provider/src/middlewares.ts b/src/frontend/servers/y-provider/src/middlewares.ts
index 2769e3a8..a9e2a956 100644
--- a/src/frontend/servers/y-provider/src/middlewares.ts
+++ b/src/frontend/servers/y-provider/src/middlewares.ts
@@ -27,8 +27,9 @@ export const httpSecurity = (
   // Secret API Key check
   // Note: Changing this header to Bearer token format will break backend compatibility with this microservice.
   const apiKey = req.headers['authorization'];
+
   if (!apiKey || !VALID_API_KEYS.includes(apiKey)) {
-    res.status(403).json({ error: 'Forbidden: Invalid API Key' });
+    res.status(401).json({ error: 'Forbidden: Invalid API Key' });
     return;
   }