HTTP Status Codes
Complete reference for all standard HTTP status codes with descriptions.
Showing 62 of 62 status codes
1xx โ Informational
4 codesContinue
The server has received the request headers and the client should proceed to send the request body.
Switching Protocols
The requester has asked the server to switch protocols and the server has agreed to do so.
Processing
The server has received and is processing the request, but no response is available yet.
Early Hints
Used with the Link header to allow the user agent to start preloading resources while the server prepares a response.
2xx โ Success
10 codesOK
The request has succeeded. The meaning of the success depends on the HTTP method used.
Created
The request has succeeded and a new resource has been created as a result.
Accepted
The request has been received but not yet acted upon. It may be acted on or not allowed when processing occurs.
Non-Authoritative Information
The returned metadata is not exactly the same as is available from the origin server, but is collected from a local or third-party copy.
No Content
There is no content to send for this request, but the headers may be useful. The user agent may update its cached headers for this resource.
Reset Content
Tells the user agent to reset the document which sent this request.
Partial Content
This response code is used when the Range header is sent from the client to request only part of a resource.
Multi-Status
Conveys information about multiple resources, for situations where multiple status codes might be appropriate.
Already Reported
Used inside a <dav:propstat> response element to avoid enumerating the internal members of multiple bindings to the same collection repeatedly.
IM Used
The server has fulfilled a GET request for the resource, and the response is a representation of the result of one or more instance-manipulations applied to the current instance.
3xx โ Redirection
8 codesMultiple Choices
The request has more than one possible response. The user agent or user should choose one of them.
Moved Permanently
The URL of the requested resource has been changed permanently. The new URL is given in the response.
Found
The URI of requested resource has been changed temporarily. Further changes in the URI might be made in the future.
See Other
The server sent this response to direct the client to get the requested resource at another URI with a GET request.
Not Modified
This is used for caching purposes. It tells the client that the response has not been modified, so the client can continue to use the same cached version of the response.
Use Proxy
Defined in a previous version of the HTTP specification to indicate that a requested response must be accessed by a proxy. Deprecated.
Temporary Redirect
The server sends this response to direct the client to get the requested resource at another URI with the same method that was used in the prior request.
Permanent Redirect
The resource is now permanently located at another URI, specified by the Location response header. This is the same as 301 but the HTTP method must not change.
4xx โ Client Error
29 codesBad Request
The server cannot or will not process the request due to something that is perceived to be a client error.
Unauthorized
Although the HTTP standard specifies 'unauthorized', semantically this response means 'unauthenticated'.
Payment Required
Reserved for future use. Some services use this code to indicate that the client must pay to access the requested resource.
Forbidden
The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource.
Not Found
The server can not find the requested resource. This response code is perhaps the most well-known due to its frequent occurrence on the web.
Method Not Allowed
The request method is known by the server but is not supported by the target resource.
Not Acceptable
The server cannot produce a response matching the list of acceptable values defined in the request's proactive content negotiation headers.
Proxy Authentication Required
Similar to 401 Unauthorized but authentication is needed to be done by a proxy.
Request Timeout
The server did not receive a complete request message within the time that it was prepared to wait.
Conflict
The request conflicts with the current state of the server.
Gone
The content has been permanently deleted from server, with no forwarding address. Clients should remove their caches and links to the resource.
Length Required
The server rejects the request because the Content-Length header field is not defined and the server requires it.
Precondition Failed
The client has indicated preconditions in its headers which the server does not meet.
Content Too Large
The request body is larger than limits defined by the server. The server may close the connection or return a Retry-After header field.
URI Too Long
The URI requested by the client is longer than the server is willing to interpret.
Unsupported Media Type
The media format of the requested data is not supported by the server, so the server is rejecting the request.
Range Not Satisfiable
The range specified by the Range header field in the request cannot be fulfilled. It's possible that the range is outside the size of the target URI's data.
Expectation Failed
The expectation given in the request's Expect header could not be met by at least one of the inbound servers.
I'm a Teapot
The server refuses the attempt to brew coffee with a teapot. Defined as an April Fools' joke in RFC 2324 and is not expected to be implemented by actual HTTP servers.
Misdirected Request
The request was directed at a server that is not able to produce a response. This can be sent by a server that is not configured to produce responses for the combination of scheme and authority.
Unprocessable Content
The request was well-formed but was unable to be followed due to semantic errors.
Locked
The resource that is being accessed is locked.
Failed Dependency
The request failed due to failure of a previous request.
Too Early
Indicates that the server is unwilling to risk processing a request that might be replayed.
Upgrade Required
The server refuses to perform the request using the current protocol but might be willing to do so after the client upgrades to a different protocol.
Precondition Required
The origin server requires the request to be conditional. This response is intended to prevent the 'lost update' problem.
Too Many Requests
The user has sent too many requests in a given amount of time (rate limiting).
Request Header Fields Too Large
The server is unwilling to process the request because its header fields are too large.
Unavailable For Legal Reasons
The user agent requested a resource that cannot legally be provided, such as a web page censored by a government.
5xx โ Server Error
11 codesInternal Server Error
The server has encountered a situation it does not know how to handle.
Not Implemented
The request method is not supported by the server and cannot be handled. The only methods that servers are required to support are GET and HEAD.
Bad Gateway
The server, while working as a gateway to get a response needed to handle the request, got an invalid response.
Service Unavailable
The server is not ready to handle the request. Common causes are a server that is down for maintenance or that is overloaded.
Gateway Timeout
The server is acting as a gateway and cannot get a response in time.
HTTP Version Not Supported
The HTTP version used in the request is not supported by the server.
Variant Also Negotiates
The server has an internal configuration error: the chosen variant resource is configured to engage in transparent content negotiation itself.
Insufficient Storage
The method could not be performed on the resource because the server is unable to store the representation needed to successfully complete the request.
Loop Detected
The server detected an infinite loop while processing the request.
Not Extended
Further extensions to the request are required for the server to fulfil it.
Network Authentication Required
Indicates that the client needs to authenticate to gain network access.
About this tool
The HTTP Status Codes reference lists all standard HTTP response status codes with their official IANA-registered meanings. Status codes are grouped into five classes: 1xx informational, 2xx success, 3xx redirection, 4xx client error, and 5xx server error. Use the search to find any code instantly.
When to use it
- โLooking up what a specific error code means during API debugging
- โChoosing the correct status code when designing an API endpoint
- โUnderstanding redirect behavior differences (301 vs 302 vs 307 vs 308)
- โDistinguishing client errors (4xx, the caller's fault) from server errors (5xx, your fault)
Tips
- โ301 is a permanent redirect (browsers and search engines cache it). 302 is temporary. Use 308 for permanent redirects where the method must be preserved.
- โ404 means the resource doesn't exist. 403 means it exists but you're not allowed. 401 means you need to authenticate first.
- โ429 Too Many Requests is the correct code for rate limiting โ pair it with a Retry-After header.
Frequently asked questions
What is the difference between 401 and 403?
401 Unauthorized means the request lacks valid authentication โ you need to log in or provide a token. 403 Forbidden means the server understood the request and knows who you are, but you are not allowed to access that resource. A logged-in non-admin hitting an admin page gets 403, not 401.
What is the difference between 301 and 302 redirects for SEO?
301 is a permanent redirect โ browsers and search engines cache it and transfer most link equity (PageRank) to the destination. 302 is temporary โ search engines re-check the original URL each time and don't transfer link equity. Use 301 when a page has permanently moved, 302 for A/B tests and temporary maintenance pages.
When should I return 404 vs 410?
404 Not Found means the resource doesn't exist โ the URL may have been valid in the past or may be valid in the future. 410 Gone signals that the resource permanently no longer exists and will not return. Search engines drop 410 URLs from their index faster than 404 URLs, making 410 the better choice for permanently deleted content.
What HTTP status code should I use for a rate limit response?
429 Too Many Requests is the correct code for rate limiting per RFC 6585. Always include a Retry-After header indicating when the client can retry (either a number of seconds or an HTTP date). Some APIs historically used 503 Service Unavailable for rate limiting, but 429 is the standard.