HTTP Status Codes

Complete reference for all HTTP status codes with descriptions and use cases. Search by code, name, or keyword.

1xx Informational

100ContinueThe server has received the request headers and the client should proceed to send the request body.

101Switching ProtocolsThe server agrees to upgrade the protocol, e.g. from HTTP/1.1 to WebSocket.

102ProcessingThe server has received and is processing the request, but no response is available yet (WebDAV).

103Early HintsUsed with the Link header to allow the client to preload resources while the server prepares a full response.

2xx Success

200OKStandard successful response. The request succeeded and the response body contains the requested data.

201CreatedA new resource was successfully created. The Location header typically contains the URL of the new resource.

202AcceptedThe request has been received but processing is not yet complete. Used for asynchronous operations.

203Non-Authoritative InformationThe request succeeded but the response was modified by a proxy or intermediary.

204No ContentThe request succeeded but there is no content to return. Common for DELETE requests.

205Reset ContentThe request succeeded. The client should reset the document view (e.g. clear a form).

206Partial ContentThe server is returning only part of the resource as requested by a Range header. Used for resumable downloads.

207Multi-StatusMultiple status codes for multiple independent operations (WebDAV).

208Already ReportedThe members of a DAV binding have already been enumerated in a previous reply (WebDAV).

226IM UsedThe server fulfilled a GET request and the response is a representation of the result of instance manipulations applied to the current instance.

3xx Redirection

300Multiple ChoicesThe request has multiple possible responses. The client should choose one.

301Moved PermanentlyThe resource has permanently moved to a new URL. Browsers and crawlers update their links.

302FoundTemporary redirect. The resource is temporarily at a different URL. Use 307 for strict temporary redirects.

303See OtherRedirects after a POST to a GET request at a different URL. Common after form submissions.

304Not ModifiedThe cached version of the resource is still valid. The client can use its cached copy.

307Temporary RedirectThe resource is temporarily at a different URL and the method must not change (unlike 302).

308Permanent RedirectPermanent redirect where the method must not change (unlike 301 which historically changed POST to GET).

4xx Client Error

400Bad RequestThe server cannot process the request due to malformed syntax, invalid parameters, or invalid message framing.

401UnauthorizedAuthentication is required and has not been provided or has failed. Misleadingly named — should be 'Unauthenticated'.

403ForbiddenThe server understood the request but refuses to authorize it. Authentication won't help — the client lacks permission.

404Not FoundThe requested resource could not be found. The most well-known HTTP status code.

405Method Not AllowedThe request method is not supported for the requested resource (e.g. POST to a read-only endpoint).

406Not AcceptableThe server cannot produce a response matching the Accept headers sent by the client.

407Proxy Authentication RequiredAuthentication with a proxy server is required.

408Request TimeoutThe server timed out waiting for the request. The client may repeat the request.

409ConflictThe request conflicts with the current state of the server (e.g. duplicate key, version conflict).

410GoneThe resource has been permanently deleted and will not be available again. Stricter than 404.

411Length RequiredThe server requires a Content-Length header but the client did not provide one.

412Precondition FailedA precondition in the request headers (e.g. If-Match) evaluated to false on the server.

413Content Too LargeThe request body exceeds the server's allowed limit. Often used for file upload size limits.

414URI Too LongThe URL provided is longer than the server is willing to process.

415Unsupported Media TypeThe request payload format is not supported (e.g. sending XML to an endpoint that only accepts JSON).

416Range Not SatisfiableThe Range header specifies a range that cannot be satisfied by the resource.

417Expectation FailedThe server cannot meet the requirements of the Expect request header.

418I'm a TeapotAn April Fool's joke from RFC 2324 (Hyper Text Coffee Pot Control Protocol). Returned by teapots asked to brew coffee.

422Unprocessable ContentThe request is well-formed but contains semantic errors (e.g. validation failures). Common in REST APIs.

423LockedThe resource being accessed is locked (WebDAV).

424Failed DependencyThe request failed because a previous request failed (WebDAV).

425Too EarlyThe server is unwilling to process a request that might be replayed (TLS early data).

426Upgrade RequiredThe client should upgrade to a different protocol such as TLS/1.3.

428Precondition RequiredThe server requires a conditional request (e.g. If-Match) to prevent lost updates.

429Too Many RequestsThe client has sent too many requests in a given time. Used for rate limiting APIs.

431Request Header Fields Too LargeThe server refuses to process the request because one or more headers are too large.

451Unavailable For Legal ReasonsThe resource cannot be provided for legal reasons, such as censorship or a court order.

5xx Server Error

500Internal Server ErrorA generic server error. The server encountered an unexpected condition that prevented it from fulfilling the request.

501Not ImplementedThe server does not support the functionality required to fulfill the request.

502Bad GatewayThe server, acting as a gateway or proxy, received an invalid response from an upstream server.

503Service UnavailableThe server is temporarily unable to handle the request, usually due to overload or maintenance.

504Gateway TimeoutThe server, acting as a gateway or proxy, did not receive a timely response from an upstream server.

505HTTP Version Not SupportedThe server does not support the HTTP protocol version used in the request.

506Variant Also NegotiatesTransparent content negotiation for the request results in a circular reference.

507Insufficient StorageThe server cannot store the representation needed to complete the request (WebDAV).

508Loop DetectedThe server detected an infinite loop while processing the request (WebDAV).

510Not ExtendedFurther extensions to the request are required for the server to fulfill it.

511Network Authentication RequiredThe client needs to authenticate to gain network access (e.g. captive portals).

About HTTP Status Codes

HTTP status codes are three-digit numbers returned by a server in response to an HTTP request. They indicate whether the request succeeded, failed, or requires further action. Status codes are grouped into five classes: 1xx (informational — request received, continuing), 2xx (success — request received and accepted), 3xx (redirection — further action needed), 4xx (client error — the request has a problem), and 5xx (server error — the server failed to fulfill a valid request).

The most commonly encountered codes are 200 (OK), 201 (Created — resource created successfully), 301/302 (redirects), 400 (Bad Request), 401 (Unauthorized — authentication required), 403 (Forbidden — authenticated but not permitted), 404 (Not Found), 422 (Unprocessable Content — validation error), 429 (Too Many Requests — rate limited), 500 (Internal Server Error), and 503 (Service Unavailable).

Status codes are defined by IANA and documented in several RFCs — primarily RFC 9110 (HTTP Semantics, 2022), which supersedes the earlier RFC 7231.