Only possible to authenticate with Github
They seem to be working on it
If you go to a page which doesn't exist, one would expect to get the 404 HTTP code (not found). So let's try when we query a crate which doesn't exist:
This is the only one I somewhat disagree with. If you give a 403 error whenever you don't have permissions to access a page, and a 404 whenever you access a page, it becomes possible to discover parts of the website that exist but you can't access.
It's because of this, that both Github and Forgejo just return 404 errors when you access a repo that doens't exist OR it's a private repo. A quick test with Codeberg against a repo that probably doesn't exist gives me an error 404 and the message:
The page you are trying to reach either does not exist, has been removed or you are not authorized to view it.
(emphasis mine)
Now, I would rather see 404 errors everywhere instead of 403's. It's way more likely that you are encountering a repo or website path that doesn't exist, than you lacking privileges/auth. But, 403's everywhere is an approach I've seen done before and it makes sense when you understand why.