diff --git a/components/esp_http_server/include/esp_http_server.h b/components/esp_http_server/include/esp_http_server.h
index 5b4ee04dcb..0b5c8ceb09 100644
--- a/components/esp_http_server/include/esp_http_server.h
+++ b/components/esp_http_server/include/esp_http_server.h
@@ -540,6 +540,17 @@ typedef enum {
      */
     HTTPD_400_BAD_REQUEST,
 
+    /* This response means the client must authenticate itself
+     * to get the requested response.
+     */
+    HTTPD_401_UNAUTHORIZED,
+
+    /* The client does not have access rights to the content,
+     * so the server is refusing to give the requested resource.
+     * Unlike 401, the client's identity is known to the server.
+     */
+    HTTPD_403_FORBIDDEN,
+
     /* When requested URI is not found */
     HTTPD_404_NOT_FOUND,
 
diff --git a/components/esp_http_server/src/httpd_txrx.c b/components/esp_http_server/src/httpd_txrx.c
index b8129db2f0..ab16f5ff84 100644
--- a/components/esp_http_server/src/httpd_txrx.c
+++ b/components/esp_http_server/src/httpd_txrx.c
@@ -399,6 +399,14 @@ esp_err_t httpd_resp_send_err(httpd_req_t *req, httpd_err_code_t error, const ch
             status = "400 Bad Request";
             msg    = "Server unable to understand request due to invalid syntax";
             break;
+        case HTTPD_401_UNAUTHORIZED:
+            status = "401 Unauthorized";
+            msg    = "Server known the client's identify and it must authenticate itself to get he requested response";
+            break;
+        case HTTPD_403_FORBIDDEN:
+            status = "403 Forbidden";
+            msg    = "Server is refusing to give the requested resource to the client";
+            break;
         case HTTPD_404_NOT_FOUND:
             status = "404 Not Found";
             msg    = "This URI does not exist";