After consulting https://datatracker.ietf.org/doc/html/rfc7235#section-3.1:
If the request included authentication credentials, then the 401
response indicates that authorization has been refused for those
credentials.
In the case of the authentication mechanism the authorization decision is in relation to the use of the credentials and is different to an authorization decision for a resource.