diff --git a/doc/api/session.md b/doc/api/session.md
index c7e57aaca7a896b62a769ad5c31bea51060e7b4a..5f49d989967502b221fb2db3b470493339073390 100644
--- a/doc/api/session.md
+++ b/doc/api/session.md
@@ -21,3 +21,8 @@ Parameters:
   "blocked": true
 }
 ```
+
+Return values:
+
++ `201 Created` on success
++ `401 Unauthorized` if the authentication process failed, e.g. invalid password or attribute not given
diff --git a/spec/requests/api/session_spec.rb b/spec/requests/api/session_spec.rb
index afae8be8cbca3ce2692f83bd90c87c07c13c511e..2cdb0d7e9b4a95c12d4f03d93eeb3067d8f554b9 100644
--- a/spec/requests/api/session_spec.rb
+++ b/spec/requests/api/session_spec.rb
@@ -35,5 +35,15 @@ describe Gitlab::API do
         json_response['private_token'].should be_nil
       end
     end
+
+    context "when empty name" do
+      it "should return authentication error" do
+        post api("/session"), password: user.password
+        response.status.should == 401
+
+        json_response['email'].should be_nil
+        json_response['private_token'].should be_nil
+      end
+    end
   end
 end