diff --git a/api/src/certification/session-management/application/http-error-mapper-configuration.js b/api/src/certification/session-management/application/http-error-mapper-configuration.js
index bfad56da982..e8c5f5b11b9 100644
--- a/api/src/certification/session-management/application/http-error-mapper-configuration.js
+++ b/api/src/certification/session-management/application/http-error-mapper-configuration.js
@@ -47,7 +47,7 @@ const sessionDomainErrorMappingConfiguration = [
   },
   {
     name: InvalidSessionSupervisingLoginError.name,
-    httpErrorFn: (error) => new HttpErrors.ForbiddenError(error.message, error.code),
+    httpErrorFn: (error) => new HttpErrors.UnauthorizedError(error.message, error.code),
   },
 ].map((domainErrorMappingConfiguration) => new DomainErrorMappingConfiguration(domainErrorMappingConfiguration));
 
diff --git a/api/tests/certification/session-management/unit/application/http-error-mapper-configuration_test.js b/api/tests/certification/session-management/unit/application/http-error-mapper-configuration_test.js
index a3f7377899e..78e8ad71f24 100644
--- a/api/tests/certification/session-management/unit/application/http-error-mapper-configuration_test.js
+++ b/api/tests/certification/session-management/unit/application/http-error-mapper-configuration_test.js
@@ -107,7 +107,7 @@ describe('Unit | Certification | Session | Application | HttpErrorMapperConfigur
     const error = httpErrorMapper.httpErrorFn(new InvalidSessionSupervisingLoginError());
 
     // then
-    expect(error).to.be.instanceOf(HttpErrors.ForbiddenError);
+    expect(error).to.be.instanceOf(HttpErrors.UnauthorizedError);
     expect(error.message).to.equal(SESSION_SUPERVISING.INCORRECT_DATA.getMessage());
     expect(error.code).to.equal(SESSION_SUPERVISING.INCORRECT_DATA.code);
   });