Complete reference for web developers — all standard HTTP response codes
The server has received the request headers and the client should proceed to send the request body.
Used in large file uploads where the client sends an Expect: 100-continue header before sending the body.
POST /upload HTTP/1.1
Host: example.com
Expect: 100-continue
HTTP/1.1 100 ContinueThe server is switching protocols as requested by the client via the Upgrade header.
Used when upgrading from HTTP to WebSocket connections.
GET /chat HTTP/1.1
Host: example.com
Upgrade: websocket
Connection: Upgrade
HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: UpgradeThe server has received and is processing the request, but no response is available yet.
Used in WebDAV when a request may take a long time to process, preventing the client from timing out.
PROPFIND /files HTTP/1.1
Host: example.com
Depth: infinity
HTTP/1.1 102 ProcessingUsed to return some response headers before the final HTTP message, allowing the browser to preload resources.
Allows the server to send Link headers early so the browser can start preloading stylesheets, scripts, or fonts.
GET / HTTP/1.1
Host: example.com
HTTP/1.1 103 Early Hints
Link: </style.css>; rel=preload; as=style
HTTP/1.1 200 OKThe request has succeeded. The meaning depends on the HTTP method used.
Standard response for successful HTTP requests. GET returns the resource, POST returns the result of the action.
GET /api/users/1 HTTP/1.1
Host: api.example.com
HTTP/1.1 200 OK
Content-Type: application/json
{"id": 1, "name": "John"}The request has been fulfilled and a new resource has been created.
Returned after a successful POST request that creates a new resource. Should include a Location header.
POST /api/users HTTP/1.1
Content-Type: application/json
{"name": "Jane"}
HTTP/1.1 201 Created
Location: /api/users/2The request has been accepted for processing, but the processing has not been completed.
Used for asynchronous operations where the server queues the request for later processing.
POST /api/reports/generate HTTP/1.1
HTTP/1.1 202 Accepted
{"status": "queued", "jobId": "abc123"}The returned metadata is not exactly the same as available from the origin server.
Used by transforming proxies that modify the response headers or body from the origin server.
GET /page HTTP/1.1
HTTP/1.1 203 Non-Authoritative Information
Content-Type: text/html
(modified by proxy)The server has successfully fulfilled the request and there is no additional content to send.
Common response for DELETE requests or PUT/PATCH updates where no body needs to be returned.
DELETE /api/users/1 HTTP/1.1
HTTP/1.1 204 No ContentThe server has fulfilled the request and the client should reset the document view.
Used to tell the browser to clear the form that caused the request to be sent.
POST /api/form HTTP/1.1
HTTP/1.1 205 Reset ContentThe server is delivering only part of the resource due to a Range header sent by the client.
Used for resumable downloads and video streaming where only a portion of the file is requested.
GET /video.mp4 HTTP/1.1
Range: bytes=0-1023
HTTP/1.1 206 Partial Content
Content-Range: bytes 0-1023/146515Conveys information about multiple resources where multiple status codes might be appropriate.
Used in WebDAV to return status for multiple sub-requests in a single response body.
PROPFIND /files HTTP/1.1
HTTP/1.1 207 Multi-Status
Content-Type: application/xml
(multiple status elements)Used inside a DAV: propstat response to avoid enumerating internal members of multiple bindings.
Prevents duplicate enumeration of the same resource in WebDAV binding operations.
PROPFIND /collection HTTP/1.1
HTTP/1.1 207 Multi-Status
(208 Already Reported for repeated bindings)The server has fulfilled a GET request and the response is a representation of one or more instance-manipulations.
Used with delta encoding to send only the changes to a resource rather than the full representation.
GET /resource HTTP/1.1
A-IM: feed
HTTP/1.1 226 IM Used
IM: feedThe request has more than one possible response. The user or user agent should choose one of them.
Rarely used. Indicates multiple representations of a resource, such as different formats or languages.
GET /document HTTP/1.1
HTTP/1.1 300 Multiple Choices
Link: </document.pdf>; type="application/pdf"
Link: </document.html>; type="text/html"The URL of the requested resource has been changed permanently. The new URL is given in the response.
Used for permanent URL redirects. Search engines will update their index to the new URL.
GET /old-page HTTP/1.1
HTTP/1.1 301 Moved Permanently
Location: /new-pageThe URI of the requested resource has been changed temporarily. The client should continue to use the original URI.
Used for temporary redirects. Common after form submissions to redirect to a success page.
POST /login HTTP/1.1
HTTP/1.1 302 Found
Location: /dashboardThe server sent this response to direct the client to get the requested resource at another URI with a GET request.
Used after a POST or PUT to redirect the client to a different resource using GET.
POST /api/orders HTTP/1.1
HTTP/1.1 303 See Other
Location: /api/orders/123The resource has not been modified since the version specified by the request headers.
Used for caching. The client can use its cached version when the server confirms nothing has changed.
GET /style.css HTTP/1.1
If-None-Match: "abc123"
HTTP/1.1 304 Not ModifiedThe requested resource must be accessed through the proxy given by the Location header. Deprecated.
Deprecated due to security concerns. Was used to indicate that a proxy must be used.
GET /resource HTTP/1.1
HTTP/1.1 305 Use Proxy
Location: http://proxy.example.comThe server sends this response to direct the client to get the requested resource at another URI with the same method.
Like 302 but guarantees the HTTP method will not change. POST stays POST after redirect.
POST /api/v1/data HTTP/1.1
HTTP/1.1 307 Temporary Redirect
Location: /api/v2/dataThe resource is now permanently located at another URI. The method and body will not change in the redirect.
Like 301 but guarantees the HTTP method will not change. Useful for API versioning.
POST /api/v1/submit HTTP/1.1
HTTP/1.1 308 Permanent Redirect
Location: /api/v2/submitThe server cannot process the request due to something perceived to be a client error.
Used when the request has malformed syntax, invalid parameters, or missing required fields.
POST /api/users HTTP/1.1
Content-Type: application/json
{invalid json}
HTTP/1.1 400 Bad Request
{"error": "Invalid JSON in request body"}The client must authenticate itself to get the requested response.
Returned when authentication is required but not provided or invalid credentials were sent.
GET /api/profile HTTP/1.1
HTTP/1.1 401 Unauthorized
WWW-Authenticate: Bearer
{"error": "Authentication required"}Reserved for future use. Originally intended for digital payment systems.
Sometimes used by APIs to indicate that a paid subscription or credits are required.
GET /api/premium/data HTTP/1.1
HTTP/1.1 402 Payment Required
{"error": "Subscription required"}The client does not have access rights to the content. Unlike 401, the client's identity is known.
Used when the authenticated user does not have permission to access the requested resource.
DELETE /api/admin/users HTTP/1.1
Authorization: Bearer user-token
HTTP/1.1 403 Forbidden
{"error": "Admin access required"}The server cannot find the requested resource. The URL is not recognized.
The most common error response. Returned when the requested URL or resource does not exist.
GET /api/users/99999 HTTP/1.1
HTTP/1.1 404 Not Found
{"error": "User not found"}The request method is known by the server but is not supported by the target resource.
Returned when using an unsupported HTTP method on an endpoint, e.g., DELETE on a read-only resource.
DELETE /api/logs HTTP/1.1
HTTP/1.1 405 Method Not Allowed
Allow: GET, HEADThe server cannot produce a response matching the list of acceptable values in the request headers.
Returned when the server cannot serve content matching the Accept headers sent by the client.
GET /api/data HTTP/1.1
Accept: application/xml
HTTP/1.1 406 Not Acceptable
{"error": "Only application/json is supported"}Similar to 401 but authentication is needed to be done by a proxy.
Returned by a proxy server when the client has not provided valid proxy authentication credentials.
GET http://example.com/ HTTP/1.1
HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="proxy"The server would like to shut down this unused connection.
Sent when the server did not receive a complete request within the time it was prepared to wait.
GET /api/data HTTP/1.1
(client too slow sending request)
HTTP/1.1 408 Request TimeoutThe request conflicts with the current state of the server.
Used when a request would cause a conflict, such as duplicate entries or version mismatches.
PUT /api/users/1 HTTP/1.1
If-Match: "old-etag"
HTTP/1.1 409 Conflict
{"error": "Resource has been modified"}The content has been permanently deleted from the server with no forwarding address.
Like 404 but indicates the resource existed before and was intentionally removed permanently.
GET /api/v1/deprecated-endpoint HTTP/1.1
HTTP/1.1 410 Gone
{"error": "This endpoint has been permanently removed"}The server rejected the request because the Content-Length header field is not defined.
Returned when the server requires a Content-Length header that the client did not send.
POST /api/upload HTTP/1.1
(no Content-Length header)
HTTP/1.1 411 Length RequiredThe client has indicated preconditions in its headers which the server does not meet.
Used with conditional requests (If-Match, If-Unmodified-Since) when conditions are not satisfied.
PUT /api/doc HTTP/1.1
If-Unmodified-Since: Sat, 01 Jan 2024
HTTP/1.1 412 Precondition FailedThe request entity is larger than limits defined by the server.
Returned when the request body exceeds the server's maximum allowed size.
POST /api/upload HTTP/1.1
Content-Length: 1073741824
HTTP/1.1 413 Content Too Large
{"error": "Max upload size is 10MB"}The URI requested by the client is longer than the server is willing to interpret.
Returned when the URL exceeds the server's length limit, often from excessive query parameters.
GET /search?q=very...long...query HTTP/1.1
HTTP/1.1 414 URI Too LongThe media format of the requested data is not supported by the server.
Returned when the Content-Type of the request body is not supported by the endpoint.
POST /api/data HTTP/1.1
Content-Type: text/plain
HTTP/1.1 415 Unsupported Media Type
{"error": "Expected application/json"}The range specified by the Range header in the request cannot be fulfilled.
Returned when the client requests a byte range that is outside the size of the resource.
GET /file.pdf HTTP/1.1
Range: bytes=9999999-
HTTP/1.1 416 Range Not Satisfiable
Content-Range: bytes */5000The expectation given in the Expect request header could not be met by the server.
Returned when the server cannot meet the requirements of the Expect header field.
POST /upload HTTP/1.1
Expect: 100-continue
HTTP/1.1 417 Expectation FailedThe server refuses the attempt to brew coffee with a teapot. An April Fools' joke from RFC 2324.
A humorous status code from the Hyper Text Coffee Pot Control Protocol. Not expected in production.
BREW /coffee HTTP/1.1
HTTP/1.1 418 I'm a Teapot
{"error": "I can only brew tea"}The request was directed at a server that is not able to produce a response.
Used when the server is not configured to produce responses for the combination of scheme and authority in the request URI.
GET /resource HTTP/2
Host: wrong-host.example.com
HTTP/2 421 Misdirected RequestThe request was well-formed but was unable to be followed due to semantic errors.
Common in APIs when the request body is valid JSON/XML but contains invalid field values or logic.
POST /api/users HTTP/1.1
{"email": "not-an-email"}
HTTP/1.1 422 Unprocessable Content
{"errors": {"email": "Invalid format"}}The resource that is being accessed is locked.
Used in WebDAV when a resource is locked by another user or process.
PUT /files/doc.txt HTTP/1.1
HTTP/1.1 423 Locked
{"error": "Resource is locked by another user"}The request failed because it depended on another request that failed.
Used in WebDAV when an action on a resource fails because a previous required action failed.
COPY /files/ HTTP/1.1
HTTP/1.1 424 Failed Dependency
{"error": "Copy failed: source file locked"}The server is unwilling to risk processing a request that might be replayed.
Used with TLS Early Data (0-RTT) to prevent replay attacks on non-idempotent requests.
POST /api/payment HTTP/1.1
(via TLS 0-RTT)
HTTP/1.1 425 Too EarlyThe server refuses to perform the request using the current protocol.
The server requires the client to upgrade to a different protocol, such as TLS or HTTP/2.
GET /secure HTTP/1.1
HTTP/1.1 426 Upgrade Required
Upgrade: TLS/1.3
Connection: UpgradeThe origin server requires the request to be conditional.
Used to prevent lost updates. The server requires If-Match or If-Unmodified-Since headers.
PUT /api/doc HTTP/1.1
(no conditional headers)
HTTP/1.1 428 Precondition Required
{"error": "If-Match header required"}The user has sent too many requests in a given amount of time (rate limiting).
Used for rate limiting. Should include a Retry-After header indicating when to retry.
GET /api/data HTTP/1.1
HTTP/1.1 429 Too Many Requests
Retry-After: 60
{"error": "Rate limit exceeded"}The server is unwilling to process the request because its header fields are too large.
Returned when request headers (often cookies) exceed the server's size limits.
GET / HTTP/1.1
Cookie: (very large cookie)
HTTP/1.1 431 Request Header Fields Too LargeThe user agent requested a resource that cannot legally be provided.
Used when access is denied due to legal demands such as government censorship or court orders.
GET /blocked-content HTTP/1.1
HTTP/1.1 451 Unavailable For Legal Reasons
Link: <https://example.com/legal>; rel="blocked-by"The server has encountered a situation it does not know how to handle.
Generic server error when an unexpected condition prevents the request from being fulfilled.
GET /api/data HTTP/1.1
HTTP/1.1 500 Internal Server Error
{"error": "An unexpected error occurred"}The request method is not supported by the server and cannot be handled.
Returned when the server does not recognize the request method or lacks the ability to fulfill it.
PATCH /api/resource HTTP/1.1
HTTP/1.1 501 Not Implemented
{"error": "PATCH method not supported"}The server, while acting as a gateway, got an invalid response from the upstream server.
Common with reverse proxies and load balancers when the backend server returns an invalid response.
GET /api/data HTTP/1.1
HTTP/1.1 502 Bad Gateway
{"error": "Upstream server returned invalid response"}The server is not ready to handle the request, often due to maintenance or overload.
Used during server maintenance or when the server is overloaded. Should include Retry-After header.
GET /api/data HTTP/1.1
HTTP/1.1 503 Service Unavailable
Retry-After: 300
{"error": "Server under maintenance"}The server is acting as a gateway and cannot get a response from the upstream server in time.
Common with reverse proxies when the backend server takes too long to respond.
GET /api/slow-query HTTP/1.1
HTTP/1.1 504 Gateway Timeout
{"error": "Upstream server timed out"}The HTTP version used in the request is not supported by the server.
Returned when the client uses an HTTP version the server does not support.
GET / HTTP/3.0
HTTP/1.1 505 HTTP Version Not SupportedThe server has an internal configuration error: transparent content negotiation results in a circular reference.
Indicates a misconfiguration in server-driven content negotiation.
GET /resource HTTP/1.1
Accept: text/html
HTTP/1.1 506 Variant Also NegotiatesThe server is unable to store the representation needed to complete the request.
Used in WebDAV when the server cannot store the resource due to insufficient storage space.
PUT /files/large-file.zip HTTP/1.1
HTTP/1.1 507 Insufficient Storage
{"error": "Not enough disk space"}The server detected an infinite loop while processing the request.
Used in WebDAV when a PROPFIND with Depth: infinity encounters a loop in resource bindings.
PROPFIND /collection HTTP/1.1
Depth: infinity
HTTP/1.1 508 Loop DetectedFurther extensions to the request are required for the server to fulfill it.
The server requires additional extensions in the request that were not provided by the client.
GET /resource HTTP/1.1
HTTP/1.1 510 Not Extended
{"error": "Missing required extension"}The client needs to authenticate to gain network access, typically from a captive portal.
Used by captive portals (e.g., hotel/airport WiFi) to redirect users to a login page.
GET / HTTP/1.1
HTTP/1.1 511 Network Authentication Required
Location: /login-portalMonitor your API endpoints in real-time. Get instant alerts when status codes change.
Track status code distribution across your services with visual dashboards.
Set up webhook alerts for specific status codes. Integrate with Slack, Discord & more.