Spring Security unexpected behavior for REST endpoints authentication?

Question

The scenario we are looking for is as follows:

1. client connects with REST to a REST login url
2. Spring microservice (using Spring Security) should return

Answer 1

It's a 302 response telling the browser to redirect to your login page. What do you expect to happen? 302 response must have a Location header.