Change response code to 400 instead of 401 unauthroized

401 Unauthorized should be for when you are not allowed to access a resource. API endpoint should return 400 and the error code in body. Otherwise PHP will throw an error when accessing the endpoint.