Free · No signup
HTTP Status Codes Reference
Every registered HTTP status code, searchable and filterable by class — with plain-English explanations of what each one actually means.
Continue
The server received the request headers; the client should proceed to send the body.
Switching Protocols
The server agrees to switch protocols as requested via the Upgrade header (e.g. to WebSocket).
Early Hints
Preliminary headers (mostly Link preload hints) sent before the final response.
Created
The request succeeded and a new resource was created — typical for POST endpoints.
Accepted
The request was accepted for asynchronous processing; completion is not guaranteed.
Non-Authoritative Information
The response was modified by a transforming proxy from the origin's 200 response.
No Content
The request succeeded but there is no body to return — common for DELETE or PUT.
Reset Content
The request succeeded; the client should reset the document view (e.g. clear a form).
Partial Content
The server is delivering only part of the resource due to a Range header.
Multi-Status
WebDAV: the body contains multiple status codes for multiple sub-operations.
Already Reported
WebDAV: members of a binding were already enumerated in a previous reply.
IM Used
The response is a delta (instance manipulation) applied to the current resource.
Multiple Choices
Several representations exist for the resource; the client should pick one.
Moved Permanently
The resource moved permanently to a new URL. Browsers and crawlers update their references.
Found
Temporary redirect. The client should keep using the original URL for future requests.
See Other
The response is at a different URI and should be fetched with GET — typical after a POST.
Not Modified
The cached version is still valid; the server sends no body. Driven by If-None-Match / If-Modified-Since.
Use Proxy
Deprecated: the resource must be accessed through the proxy given in the Location header.
Temporary Redirect
Like 302, but the client must not change the HTTP method when following the redirect.
Permanent Redirect
Like 301, but the client must not change the HTTP method when following the redirect.
Bad Request
The server cannot process the request due to a client error — malformed syntax, invalid parameters or body.
Unauthorized
Authentication is required or has failed. The response includes a WWW-Authenticate challenge.
Payment Required
Reserved; used in practice by some APIs to signal exhausted quota or required payment.
Not Found
The resource does not exist at this URL. The most common HTTP error on the web.
Method Not Allowed
The HTTP method is not supported for this resource — e.g. POST on a read-only endpoint.
Proxy Authentication Required
Like 401, but authentication is required by an intermediate proxy.
Request Timeout
The server timed out waiting for the client to finish sending the request.
Conflict
The request conflicts with the resource's current state — e.g. concurrent edits or duplicate creation.
Gone
The resource existed but was permanently removed; unlike 404, this is intentional and final.
Length Required
The server requires a Content-Length header and the request did not provide one.
Precondition Failed
A conditional header (If-Match, If-Unmodified-Since…) evaluated to false.
URI Too Long
The request URI is longer than the server accepts — often a symptom of data in the query string.
Unsupported Media Type
The request body's Content-Type is not supported by the endpoint.
I'm a teapot
April Fools' RFC 2324: the server refuses to brew coffee in a teapot. Sometimes used as an easter egg.
Misdirected Request
The request was sent to a server unable to produce a response (e.g. wrong TLS SNI).
Unprocessable Content
The request is well-formed but semantically invalid — the classic validation-error response for APIs.
Failed Dependency
WebDAV: the request failed because a previous dependent request failed.
Too Early
The server refuses to process a request that might be replayed (TLS early data).
Upgrade Required
The client must switch to a different protocol (given in the Upgrade header).
Precondition Required
The server requires the request to be conditional to prevent lost-update conflicts.
Too Many Requests
The client exceeded a rate limit. Check the Retry-After header before retrying.
Request Header Fields Too Large
Headers (individually or collectively) exceed the server's limits — often oversized cookies.
Unavailable For Legal Reasons
Access is denied for legal reasons, such as censorship or court order.
Internal Server Error
A generic unhandled error on the server. The catch-all when nothing more specific applies.
Not Implemented
The server does not recognise or support the request method or functionality.
Bad Gateway
A gateway or reverse proxy received an invalid response from the upstream server.
Service Unavailable
The server is temporarily unable to handle the request — overload, maintenance or a crashed backend.
Gateway Timeout
A gateway or reverse proxy did not receive a timely response from the upstream server.
HTTP Version Not Supported
The HTTP protocol version used in the request is not supported.
Insufficient Storage
WebDAV: the server cannot store the representation needed to complete the request.
Loop Detected
WebDAV: the server detected an infinite loop while processing the request.
Not Extended
Further extensions to the request are required for the server to fulfil it.
Network Authentication Required
The client must authenticate to gain network access — typical of captive portals.
Instant search — no account, no limits.
The five status code classes
1xx — Informational. Interim responses while the server continues processing: protocol switches, early hints. Rarely seen by end users.
2xx — Success. The request was received, understood and accepted. 200 OK is the default; APIs also use 201 for creation and 204 for empty responses.
3xx — Redirection. The client must take additional action, usually following a Location header. 301/308 are permanent, 302/307 temporary, 304 means "use your cache".
4xx — Client errors. The request itself is at fault: bad syntax (400), missing authentication (401), forbidden (403), missing resource (404) or rate limited (429).
5xx — Server errors. The server failed to fulfil a valid request: unhandled exceptions (500), broken upstreams (502), overload or maintenance (503), upstream timeouts (504). These are the codes worth monitoring and alerting on.
Get alerted the moment your API returns a 5xx
ContinuumNexus checks your endpoints from multiple regions and emails you as soon as a status code goes wrong.
Frequently asked questions
- What is the difference between 502, 503 and 504?
- All three come from a gateway or load balancer in front of your app. 502 means the upstream returned an invalid response, 503 means the service is unavailable (overload, maintenance, crashed backend), and 504 means the upstream did not answer in time.
- What is the difference between 401 and 403?
- 401 Unauthorized means "you are not authenticated" — supply valid credentials and retry. 403 Forbidden means "you are authenticated but not allowed" — retrying with the same credentials will not help.
- Should I use 301 or 302 for redirects?
- Use 301 (or 308) when the move is permanent — browsers cache it and search engines transfer ranking signals. Use 302 (or 307) for temporary moves. If the HTTP method must be preserved, prefer 307/308 over 302/301.
- What does 429 Too Many Requests mean?
- The server is rate limiting you: you sent more requests than allowed in a time window. Honour the Retry-After response header, add backoff to your client, or request a higher quota.
- Which status codes should an uptime monitor treat as "down"?
- Any 5xx is a server-side failure and should alert. Whether 4xx counts depends on context: a 404 on your health endpoint is a deployment bug, while a 401 may simply mean the monitor lacks credentials. Monitoring tools like ContinuumNexus let you assert the exact expected status code.