Why do we see a sporadic 401 Unauthorized SIP response?

In a trace of a call, sporadic 401 Unauthorized SIP responses can be observed during call setup. This does not point to a problem, it is normal registration behavior.

The 401 Unauthorized response is part of the Registration authorization process. Due to security reasons, our server requires authorization for each registration attempt.

A standard Registration authorization process is the following:

1. The device starts the process of registration by sending a Register request without credentials.

2. In response, our system sends the message "401 Unauthorized" with an authentication header containing a nonce, which is needed for the device to send a register request with encrypted credentials.

3. Next, the device sends a new registration request with the proper encrypted credentials, on which our system confirms the registration by sending 200 OK.