diff --git a/services_basic_auth.module b/services_basic_auth.module
index 32addb4..cbc27e6 100644
--- a/services_basic_auth.module
+++ b/services_basic_auth.module
@@ -31,4 +31,12 @@ function services_basic_auth_rest_server_execute_errors_alter(&$error, $controll
   if ($error['code'] == 401) {
     drupal_add_http_header('WWW-Authenticate', 'Basic realm="' . check_plain(variable_get('site_name'), 'Drupal') . '"');
   }
+  elseif ($error['code'] == 403 && user_is_anonymous()) {
+    // The user has not yet authenticated, so we should return a 401 status
+    // instead of the default 403 status code.
+    // @see https://www.drupal.org/node/2158563
+    $error['code'] = 401;
+    $error['header_message'] = '401 Unauthorized';
+    drupal_add_http_header('WWW-Authenticate', 'Basic realm="' . check_plain(variable_get('site_name'), 'Drupal') . '"');
+  }
 }