diff --git a/modules/services/osm.js b/modules/services/osm.js
index 9004a7410..11fd1422c 100644
--- a/modules/services/osm.js
+++ b/modules/services/osm.js
@@ -524,8 +524,8 @@ function updateRtree(item, replace) {
 function wrapcb(thisArg, callback, cid) {
     return function(err, result) {
         if (err) {
-            // 400 Bad Request, 401 Unauthorized, 403 Forbidden..
-            if (err.status === 400 || err.status === 401 || err.status === 403) {
+            // 401 Unauthorized, 403 Forbidden
+            if (err.status === 401 || err.status === 403) {
                 thisArg.logout();
             }
             return callback.call(thisArg, err);
@@ -642,23 +642,21 @@ export default {
 
             var isAuthenticated = that.authenticated();
 
-            // 400 Bad Request, 401 Unauthorized, 403 Forbidden
-            // Logout and retry the request..
+            // 401 Unauthorized, 403 Forbidden
+            // Logout and retry the request.
             if (isAuthenticated && err && err.status &&
-                    (err.status === 400 || err.status === 401 || err.status === 403)) {
+                    (err.status === 401 || err.status === 403)) {
                 that.logout();
                 that.loadFromAPI(path, callback, options);
-
-            // else, no retry..
+            // else, no retry.
             } else {
                 // 509 Bandwidth Limit Exceeded, 429 Too Many Requests
-                // Set the rateLimitError flag and trigger a warning..
+                // Set the rateLimitError flag and trigger a warning.
                 if (!isAuthenticated && !_rateLimitError && err && err.status &&
                         (err.status === 509 || err.status === 429)) {
                     _rateLimitError = err;
                     dispatch.call('change');
                     that.reloadApiStatus();
-
                 } else if ((err && _cachedApiStatus === 'online') ||
                     (!err && _cachedApiStatus !== 'online')) {
                     // If the response's error state doesn't match the status,
diff --git a/test/spec/services/osm.js b/test/spec/services/osm.js
index 6daf3e44b..fcc9d2227 100644
--- a/test/spec/services/osm.js
+++ b/test/spec/services/osm.js
@@ -163,14 +163,14 @@ describe('iD.serviceOsm', function () {
             });
         });
 
-        it('retries an authenticated call unauthenticated if 400 Bad Request', function (done) {
+        it('retries an authenticated call unauthenticated if 401 Unauthorized', function (done) {
             fetchMock.mock('https://www.openstreetmap.org' + path, {
                 body: response,
                 status: 200,
                 headers: { 'Content-Type': 'application/json' }
             });
             serverXHR.respondWith('GET', 'https://www.openstreetmap.org' + path,
-                [400, { 'Content-Type': 'text/plain' }, 'Bad Request']);
+                [401, { 'Content-Type': 'text/plain' }, 'Unauthorized']);
 
             login();