The Android app authenticates user credentials for the first time by making a GET request for user-tags on the VA artist:
http://www.musicbrainz.org/ws/2/artist/89ad4ac3-39f7-470e-963a-56509c546377?inc=user-tags
The realm is set as: musicbrainz.org
The scope is set as: www.musicbrainz.org
This worked fine and users were able to log in, but it stopped working a week or two ago. The request now returns a 401 status code even with valid user credentials, which have been tested on the website. Nothing with regard to authentication has changed on the app side of things since it was released.
Bug
Closed
Critical
Do not redirect www.musicbrainz.org to musicbrainz.org for /ws requests
My guess is that this has been affected by the redirect of www.musicbrainz.org to musicbrainz.org which changed about a week or so ago?
Picard has also been affected by the redirect changing - it seems to break all album loading if you have the server configured as www.musicbrainz.org (possibly because Picard isn't following the redirects, but I'm not sure - it may also be authentication related).
Assigning to this week's release to at least get dev comment, but my guess is that it'd be resolved by updating the app to make requests to musicbrainz.org, not www.musicbrainz.org?