In the "Authenticate"-message (in xproto/specs/encoding.xml, lines 835--842) a field named "n" is referenced thrice: first in "length in 4-byte units of 'additional data'", second in "reason", and third in "unused"; but it is never defined.
I guess it should be identical to "length of reason in bytes" in the "Failed"-message (xproto/specs/encoding.xml, line 823).
It is defined:
n STRING8 reason
It is not separately encoded in the response the way it is in the failed
response - I don't know why that is.
It appears like such a message is never sent by the server. At least X.org's X server sends a "Failed" message when a client is unauthorized:
In "ProcEstablishConnection" (xserver/dix/dispatch.c, line 3636) "ClientAuthorized" is called which returns a non-NULL pointer if authorization fails. Later in "SendConnSetup" (on line 3539) this pointer is checked and, if it isn't NULL, a "Failed" message is sent to the client.
That's probably why nobody cares about the "Authenticate"-message any more: it's not being used.