401, Authenticate via /authenticate/TOKEN