What is the difference between AP deauthentication and Client deauthentication?

Deauthentication is not a request, it is a notification

If a station wants to deauthenticate from an AP, or if an AP wants to deauthenticate from stations, either device can send a deauthentication frame. Because authentication is a prerequisite for association, a deauthentication frame will automatically cause a disassociation to occur. Deauthentication cannot be refused by either party, except when management frame protection (defined in 802.11w) is negotiated and the message integrity check MIC fails.

The deauthentication service is invoked when an existing Open System, Shared Key, or SAE authentication is to be terminated. Deauthentication is an SS. In an ESS, because authentication is a prerequisite for association, the act of deauthentication causes the STA to be disassociated.

Deauthentication Frame


When troubleshooting deauth issues it is important to look at the reason code


Here is the complete list of Reason Codes as per IEEE 802.11-2012 standard:


Disassociation Frame

Once a station associated to an AP, either side can terminate the association at any time by sending a disassociation frame. It has the same frame format as a deauthentication frame. A station can send a disassociation frame because it is leaving the current cell to roam to another cell. An AP can send disassociation frame when stations try to use invalid parameters (The reason codes given above are also applicable to disassociation frames as well). You can filter disassociation frames in Wireshark using the filter: subtype 10 management frames