HTTP status codes are three-digit numbers returned by a server in response to a client request. They tell you whether a request succeeded, was redirected, or failed — and why. Every web developer needs to know these codes for debugging APIs, configuring servers, and building error handling.
1xx — Informational
The server received the request and is continuing to process it.
| Code | Name | Description |
|---|---|---|
| 100 | Continue | The server received the request headers. The client should proceed to send the body. |
| 101 | Switching Protocols | The server is switching to a different protocol (e.g., upgrading to WebSocket). |
| 102 | Processing | The server is processing the request but has no response yet (WebDAV). |
| 103 | Early Hints | Used to return some response headers before the final response, often for preloading resources. |
2xx — Success
The request was received, understood, and accepted.
| Code | Name | Description |
|---|---|---|
| 200 | OK | Standard success response. GET returns data; POST returns the result. |
| 201 | Created | A new resource was successfully created. Common after POST requests. |
| 202 | Accepted | The request was accepted for processing but not yet completed. Used for async operations. |
| 203 | Non-Authoritative Information | The response metadata comes from a third-party copy, not the origin server. |
| 204 | No Content | Success, but there is no body to return. Common for DELETE or PUT responses. |
| 205 | Reset Content | Like 204, but tells the client to reset the document view. |
| 206 | Partial Content | The server is returning part of the resource due to a Range header. Used for resumable downloads. |
| 207 | Multi-Status | Multiple status codes for multiple sub-requests (WebDAV). |
| 208 | Already Reported | Members of a DAV binding have already been enumerated (WebDAV). |
| 226 | IM Used | The server fulfilled a GET request with instance-manipulations applied. |
3xx — Redirection
The client needs to take additional action to complete the request.
| Code | Name | Description | Caches? |
|---|---|---|---|
| 300 | Multiple Choices | Multiple options available for the resource. Rare in practice. | No |
| 301 | Moved Permanently | The resource has been permanently moved to a new URL. Search engines transfer ranking. | Yes |
| 302 | Found | Temporary redirect. The resource is temporarily at a different URL. | No |
| 303 | See Other | The response can be found at a different URL using GET. Often used after POST. | No |
| 304 | Not Modified | The resource has not changed since the last request. Browser uses cached version. | N/A |
| 307 | Temporary Redirect | Like 302, but the HTTP method must not change (POST stays POST). | No |
| 308 | Permanent Redirect | Like 301, but the HTTP method must not change. | Yes |
When to use which redirect:
- 301 for permanent URL changes (old blog URL to new)
- 302 for temporary redirects (maintenance page)
- 307 when you need to preserve the POST method during a temporary redirect
- 308 when you need to preserve the POST method during a permanent redirect
4xx — Client Error
The request contains bad syntax or cannot be fulfilled.
| Code | Name | Common Cause |
|---|---|---|
| 400 | Bad Request | Malformed JSON, missing required fields, invalid query parameters. |
| 401 | Unauthorized | Missing or invalid authentication credentials. The user needs to log in. |
| 402 | Payment Required | Reserved for future use. Some APIs use it for billing-related rejections. |
| 403 | Forbidden | The server understood the request but refuses to authorize it. User is authenticated but lacks permission. |
| 404 | Not Found | The resource does not exist at the given URL. The most common error on the web. |
| 405 | Method Not Allowed | The HTTP method (GET, POST, etc.) is not supported for this endpoint. |
| 406 | Not Acceptable | The server cannot produce a response matching the Accept headers sent by the client. |
| 407 | Proxy Authentication Required | Like 401, but for a proxy server. |
| 408 | Request Timeout | The server timed out waiting for the request. The client took too long. |
| 409 | Conflict | The request conflicts with the current state of the resource. Common in version control APIs. |
| 410 | Gone | The resource existed but has been permanently removed. Unlike 404, this is deliberate. |
| 411 | Length Required | The server requires a Content-Length header. |
| 412 | Precondition Failed | A condition in the request headers (If-Match, If-Unmodified-Since) was not met. |
| 413 | Content Too Large | The request body exceeds the server’s size limit. |
| 414 | URI Too Long | The URL is too long for the server to process. |
| 415 | Unsupported Media Type | The Content-Type of the request body is not supported. |
| 416 | Range Not Satisfiable | The Range header value is outside the resource’s size. |
| 418 | I’m a Teapot | An April Fools’ joke from RFC 2324. Some servers return it as an easter egg. |
| 422 | Unprocessable Content | The syntax is correct but the server cannot process the instructions. Common in REST APIs for validation errors. |
| 423 | Locked | The resource is locked (WebDAV). |
| 424 | Failed Dependency | The request failed due to a previous request failure (WebDAV). |
| 425 | Too Early | The server is unwilling to process a request that might be replayed. |
| 426 | Upgrade Required | The server refuses the request using the current protocol. Client must upgrade (e.g., to TLS). |
| 428 | Precondition Required | The server requires the request to be conditional (e.g., If-Match header). |
| 429 | Too Many Requests | Rate limiting. The client has sent too many requests in a given time period. |
| 431 | Request Header Fields Too Large | One or more header fields are too large. |
| 451 | Unavailable For Legal Reasons | The resource is blocked for legal reasons (censorship, GDPR). Named after Fahrenheit 451. |
5xx — Server Error
The server failed to fulfill a valid request.
| Code | Name | Common Cause |
|---|---|---|
| 500 | Internal Server Error | An unhandled exception or generic error on the server. Check your server logs. |
| 501 | Not Implemented | The server does not support the HTTP method used. |
| 502 | Bad Gateway | The server, acting as a gateway or proxy, received an invalid response from the upstream server. |
| 503 | Service Unavailable | The server is down for maintenance or is overloaded. Usually temporary. |
| 504 | Gateway Timeout | The server, acting as a gateway, did not receive a timely response from the upstream server. |
| 505 | HTTP Version Not Supported | The server does not support the HTTP version in the request. |
| 506 | Variant Also Negotiates | A configuration error in content negotiation. |
| 507 | Insufficient Storage | The server cannot store the representation needed to complete the request (WebDAV). |
| 508 | Loop Detected | The server detected an infinite loop while processing the request (WebDAV). |
| 510 | Not Extended | Further extensions to the request are required. |
| 511 | Network Authentication Required | The client needs to authenticate to gain network access (captive portals). |
Quick Decision Guide
Is the request malformed? → 400 Bad Request
Is auth missing? → 401 Unauthorized
Is auth valid but insufficient? → 403 Forbidden
Does the resource not exist? → 404 Not Found
Is the resource permanently gone? → 410 Gone
Is the user sending too fast? → 429 Too Many Requests
Did your server crash? → 500 Internal Server Error
Is the upstream server down? → 502 Bad Gateway
Is the server overloaded? → 503 Service UnavailableLook up any status code instantly with the HTTP Status Codes tool or the Status Code Finder.