diff --git a/endpoints/api/__init__.py b/endpoints/api/__init__.py
index 8045b0f1d..1b424aaca 100644
--- a/endpoints/api/__init__.py
+++ b/endpoints/api/__init__.py
@@ -39,9 +39,9 @@ api.decorators = [csrf_protect,
 @crossdomain(origin='*', headers=['Authorization', 'Content-Type'])
 def handle_api_error(error):
   response = Response(json.dumps(error.to_dict()), error.status_code,  mimetype='application/problem+json')
-  if error.status_code is 401:
+  if error.status_code == 401:
     response.headers['WWW-Authenticate'] = ('Bearer error="%s" error_description="%s"' %
-                                            (error.error_type, error.error_description))
+                                            (error.error_type.value, error.error_description))
   return response
 
 def resource(*urls, **kwargs):
diff --git a/test/test_auth.py b/test/test_auth.py
index 9c5f6e6a4..8bf78f897 100644
--- a/test/test_auth.py
+++ b/test/test_auth.py
@@ -103,6 +103,11 @@ class TestAuth(ApiTestCase):
     self.conduct_basic_auth('$oauthtoken', 'foobar')
     self.verify_no_identity()
 
+  def test_oauth_invalid_http_response(self):
+    rv = self.app.get(api.url_for(User), headers={'Authorization': 'Bearer bad_token'})
+    assert 'WWW-Authenticate' in rv.headers
+    self.assertEquals(401, rv.status_code)
+
   def test_oauth_valid_user(self):
     user = model.user.get_user(ADMIN_ACCESS_USER)
     self.create_oauth(user)