A complete HTTP status codes reference covering 1xx through 5xx, what each code means, when APIs return them, and how to debug common errors.
| Code / Syntax | Description |
|---|---|
1xx | Informational — Request received, processing continues |
2xx | Success — Request was successfully received and processed |
3xx | Redirection — Further action is needed to complete the request |
4xx | Client Error — The request contains an error on the client side |
5xx | Server Error — The server failed to fulfill a valid request |
| Code / Syntax | Description |
|---|---|
100 | Continue — Server received headers, client should send body |
101 | Switching Protocols — Upgrading to WebSocket or HTTP/2 |
102 | Processing — Server is processing (WebDAV), prevents timeout |
103 | Early Hints — Server sends preliminary headers (preload resources) |
| Code / Syntax | Description |
|---|---|
200 | OK — Standard success response (GET, PUT, PATCH) |
201 | Created — New resource created (POST) |
202 | Accepted — Request accepted but not yet processed (async jobs) |
203 | Non-Authoritative — Response modified by a proxy |
204 | No Content — Success with no response body (DELETE, PUT) |
206 | Partial Content — Range request fulfilled (video streaming, downloads) |
| Code / Syntax | Description |
|---|---|
300 | Multiple Choices — Multiple representations available |
301 | Moved Permanently — Resource permanently moved to new URL (SEO) |
302 | Found — Temporary redirect (original URL still valid) |
303 | See Other — Redirect to a different resource (after POST) |
304 | Not Modified — Cached version is still valid (conditional GET) |
307 | Temporary Redirect — Like 302 but method must not change |
308 | Permanent Redirect — Like 301 but method must not change |
| Code / Syntax | Description |
|---|---|
400 | Bad Request — Malformed syntax, invalid parameters, bad JSON |
401 | Unauthorized — No authentication provided or token is invalid |
403 | Forbidden — Authenticated but not authorized for this resource |
404 | Not Found — Resource does not exist at this URL |
405 | Method Not Allowed — Wrong HTTP method (POST to a GET-only endpoint) |
406 | Not Acceptable — Server cannot produce the requested content type |
408 | Request Timeout — Client took too long to send the request |
409 | Conflict — Request conflicts with current state (duplicate entry) |
410 | Gone — Resource permanently deleted (stronger than 404) |
413 | Payload Too Large — Request body exceeds server limit |
415 | Unsupported Media Type — Wrong Content-Type header |
422 | Unprocessable Entity — Valid JSON but failed validation rules |
429 | Too Many Requests — Rate limit exceeded |
| Code / Syntax | Description |
|---|---|
500 | Internal Server Error — Unhandled exception in server code |
502 | Bad Gateway — Reverse proxy got an invalid response from upstream |
503 | Service Unavailable — Server is overloaded or in maintenance |
504 | Gateway Timeout — Upstream server did not respond in time |
507 | Insufficient Storage — Server ran out of storage |
511 | Network Authentication Required — Need to sign in to network (captive portals) |
| Code / Syntax | Description |
|---|---|
401 or 403 | Access denied — Check Authorization header / token expiry |
404 | Page not found — Check URL path, trailing slashes |
500 | Server error — Check application logs |
400 or 422 | Form submission fails — Check request body format, validation rules |
429 | API calls suddenly fail — Check rate limit headers (X-RateLimit-Remaining) |
504 | Site loads slowly then fails — Check database queries, external API timeouts |
Found this cheat sheet useful? Check out our other references and tools.