HTTP Status Codes

⌕

1xxInformational4 codes

100

ContinueServer has received the request headers; client should proceed to send the body.

101

Switching ProtocolsServer is switching protocols as requested — e.g., upgrading to WebSocket.

102

ProcessingRequest received and is being processed, but no response is available yet. (WebDAV)

103

Early HintsPreliminary response with Link headers so the client can begin preloading resources.

2xxSuccess10 codes

200

OKStandard success. Response body contains the requested data.

201

CreatedResource was successfully created. Location header typically contains the new resource URL.

202

AcceptedRequest accepted for processing, but processing is not yet complete. Used for async operations.

203

Non-Authoritative InformationSuccess, but the response has been transformed or modified by a proxy, not the origin server.

204

No ContentRequest succeeded with no response body. Common for DELETE operations or empty PUT responses.

205

Reset ContentRequest succeeded; client should reset the document view (e.g., clear a form field).

206

Partial ContentServer is delivering only part of the resource in response to a Range request. Used for resumable downloads.

207

Multi-StatusMultiple status codes may be appropriate. Response body contains an XML document with individual statuses. (WebDAV)

208

Already ReportedMembers of a WebDAV binding were already enumerated in a previous part of the multistatus response. (WebDAV)

226

IM UsedServer fulfilled a GET request and the response is the result of one or more instance manipulations.

3xxRedirection7 codes

300

Multiple ChoicesMultiple representations of the resource exist; the client or user should choose one.

301

Moved PermanentlyResource has permanently moved to the URL in the Location header. Browsers and search engines update their references.

302

FoundResource is temporarily at a different URL. Clients should continue using the original URL for future requests.

303

See OtherResponse can be found at another URL via GET. Commonly used to redirect after a POST (PRG pattern).

304

Not ModifiedConditional GET: resource has not changed since the last request. Client may use its cached version.

307

Temporary RedirectTemporary redirect. Unlike 302, the client must use the same HTTP method for the redirected request.

308

Permanent RedirectPermanent redirect. Unlike 301, the client must use the same HTTP method — method must not change.

4xxClient Error29 codes

400

Bad RequestServer cannot process the request due to malformed syntax, invalid framing, or deceptive routing.

401

UnauthorizedAuthentication is required and has failed or not been provided. Response must include a WWW-Authenticate header.

402

Payment RequiredReserved for future use. Informally used by APIs to indicate payment or a subscription is required.

403

ForbiddenServer understood the request but refuses to authorize it. Unlike 401, re-authenticating will not help.

404

Not FoundRequested resource does not exist. May also be returned instead of 403 to conceal a resource's existence.

405

Method Not AllowedThe HTTP method is known but not supported for this resource. Response must include an Allow header.

406

Not AcceptableNo content matches the criteria in the request's Accept headers. Server cannot produce an acceptable response.

407

Proxy Authentication RequiredClient must authenticate with the proxy before this request can be processed.

408

Request TimeoutServer timed out waiting for the full request. The client may retry the request.

409

ConflictRequest conflicts with the current state of the resource — e.g., concurrent updates or version mismatches.

410

GoneResource has been permanently deleted and will not be available again. More definitive than 404.

411

Length RequiredServer requires a Content-Length header on the request but none was provided.

412

Precondition FailedOne or more conditional request headers (If-Match, If-Unmodified-Since, etc.) evaluated to false.

413

Content Too LargeRequest body exceeds the size the server is willing or able to process.

414

URI Too LongThe request URI is longer than the server is willing to interpret.

415

Unsupported Media TypeThe Content-Type of the request body is not supported by the server for this endpoint.

416

Range Not SatisfiableThe Range header cannot be fulfilled — the specified range falls outside the size of the resource.

417

Expectation FailedThe expectation set in the Expect request header could not be met by the server.

418

I'm a TeapotAny attempt to brew coffee with a teapot should result in this error. Defined as an April Fools' joke in RFC 2324.

421

Misdirected RequestRequest was directed at a server that is not able to produce a response for that combination of scheme and authority.

422

Unprocessable ContentRequest is well-formed but contains semantic errors — e.g., validation failures in a REST API body.

423

LockedThe resource is currently locked and cannot be modified. (WebDAV)

424

Failed DependencyRequest failed because it depended on another request that also failed. (WebDAV)

425

Too EarlyServer is unwilling to risk processing a request that might be replayed during TLS early data.

426

Upgrade RequiredClient must switch to a different protocol. Server sends an Upgrade header specifying the required protocol.

428

Precondition RequiredRequest must be conditional to prevent lost updates. Server requires If-Match or similar headers.

429

Too Many RequestsRate limit exceeded. Response may include a Retry-After header indicating when to try again.

431

Request Header Fields Too LargeServer is unwilling to process the request because one or more headers are too large.

451

Unavailable For Legal ReasonsResource cannot legally be provided in this jurisdiction. Named after Fahrenheit 451.

5xxServer Error11 codes

500

Internal Server ErrorGeneric catch-all for unexpected server-side failures. Use a more specific 5xx if one fits.

501

Not ImplementedServer does not support the functionality required to fulfill the request.

502

Bad GatewayServer acting as a gateway or proxy received an invalid response from the upstream server.

503

Service UnavailableServer is temporarily unable to handle the request — maintenance or overload. May include Retry-After.

504

Gateway TimeoutServer acting as a gateway or proxy did not receive a timely response from an upstream server.

505

HTTP Version Not SupportedThe HTTP version used in the request is not supported by the server.

506

Variant Also NegotiatesTransparent content negotiation for the request results in a circular reference.

507

Insufficient StorageServer cannot store the representation needed to complete the request. (WebDAV)

508

Loop DetectedServer detected an infinite loop while processing the request. (WebDAV)

510

Not ExtendedFurther extensions to the request are required for the server to fulfill it.

511

Network Authentication RequiredClient must authenticate to gain network access — typically a Wi-Fi captive portal.