Kong Key-Auth; return a specific HTTP code?

Hello everyone. Newbie here!

My company is looking into using Kong and I’ve been tasked with doing some research. After digging through the Kong and Key-Auth docs, I’m not able to find an answer to my current question.

Is it possible to return a different HTTP code than 403 if you try to send a request without the proper API key header? For example, how would I return a 401?



If an API key is not found in the request, Kong will return a 401:

And if the presented API key is not found to be configured in the Kong cluster, Kong will also respond with a 401 as well: