Gratuit · Sans inscription
Référence des codes de statut HTTP
Tous les codes de statut HTTP enregistrés, avec recherche et filtre par classe — et des explications claires de ce que chacun signifie vraiment.
Continue
The server received the request headers; the client should proceed to send the body.
Switching Protocols
The server agrees to switch protocols as requested via the Upgrade header (e.g. to WebSocket).
Early Hints
Preliminary headers (mostly Link preload hints) sent before the final response.
Created
The request succeeded and a new resource was created — typical for POST endpoints.
Accepted
The request was accepted for asynchronous processing; completion is not guaranteed.
Non-Authoritative Information
The response was modified by a transforming proxy from the origin's 200 response.
No Content
The request succeeded but there is no body to return — common for DELETE or PUT.
Reset Content
The request succeeded; the client should reset the document view (e.g. clear a form).
Partial Content
The server is delivering only part of the resource due to a Range header.
Multi-Status
WebDAV: the body contains multiple status codes for multiple sub-operations.
Already Reported
WebDAV: members of a binding were already enumerated in a previous reply.
IM Used
The response is a delta (instance manipulation) applied to the current resource.
Multiple Choices
Several representations exist for the resource; the client should pick one.
Moved Permanently
The resource moved permanently to a new URL. Browsers and crawlers update their references.
Found
Temporary redirect. The client should keep using the original URL for future requests.
See Other
The response is at a different URI and should be fetched with GET — typical after a POST.
Not Modified
The cached version is still valid; the server sends no body. Driven by If-None-Match / If-Modified-Since.
Use Proxy
Deprecated: the resource must be accessed through the proxy given in the Location header.
Temporary Redirect
Like 302, but the client must not change the HTTP method when following the redirect.
Permanent Redirect
Like 301, but the client must not change the HTTP method when following the redirect.
Bad Request
The server cannot process the request due to a client error — malformed syntax, invalid parameters or body.
Unauthorized
Authentication is required or has failed. The response includes a WWW-Authenticate challenge.
Payment Required
Reserved; used in practice by some APIs to signal exhausted quota or required payment.
Not Found
The resource does not exist at this URL. The most common HTTP error on the web.
Method Not Allowed
The HTTP method is not supported for this resource — e.g. POST on a read-only endpoint.
Proxy Authentication Required
Like 401, but authentication is required by an intermediate proxy.
Request Timeout
The server timed out waiting for the client to finish sending the request.
Conflict
The request conflicts with the resource's current state — e.g. concurrent edits or duplicate creation.
Gone
The resource existed but was permanently removed; unlike 404, this is intentional and final.
Length Required
The server requires a Content-Length header and the request did not provide one.
Precondition Failed
A conditional header (If-Match, If-Unmodified-Since…) evaluated to false.
URI Too Long
The request URI is longer than the server accepts — often a symptom of data in the query string.
Unsupported Media Type
The request body's Content-Type is not supported by the endpoint.
I'm a teapot
April Fools' RFC 2324: the server refuses to brew coffee in a teapot. Sometimes used as an easter egg.
Misdirected Request
The request was sent to a server unable to produce a response (e.g. wrong TLS SNI).
Unprocessable Content
The request is well-formed but semantically invalid — the classic validation-error response for APIs.
Failed Dependency
WebDAV: the request failed because a previous dependent request failed.
Too Early
The server refuses to process a request that might be replayed (TLS early data).
Upgrade Required
The client must switch to a different protocol (given in the Upgrade header).
Precondition Required
The server requires the request to be conditional to prevent lost-update conflicts.
Too Many Requests
The client exceeded a rate limit. Check the Retry-After header before retrying.
Request Header Fields Too Large
Headers (individually or collectively) exceed the server's limits — often oversized cookies.
Unavailable For Legal Reasons
Access is denied for legal reasons, such as censorship or court order.
Internal Server Error
A generic unhandled error on the server. The catch-all when nothing more specific applies.
Not Implemented
The server does not recognise or support the request method or functionality.
Bad Gateway
A gateway or reverse proxy received an invalid response from the upstream server.
Service Unavailable
The server is temporarily unable to handle the request — overload, maintenance or a crashed backend.
Gateway Timeout
A gateway or reverse proxy did not receive a timely response from the upstream server.
HTTP Version Not Supported
The HTTP protocol version used in the request is not supported.
Insufficient Storage
WebDAV: the server cannot store the representation needed to complete the request.
Loop Detected
WebDAV: the server detected an infinite loop while processing the request.
Not Extended
Further extensions to the request are required for the server to fulfil it.
Network Authentication Required
The client must authenticate to gain network access — typical of captive portals.
Recherche instantanée — pas de compte, pas de limite.
Les cinq classes de codes de statut
1xx — Information. Réponses intermédiaires pendant que le serveur continue le traitement : changement de protocole, early hints. Rarement visibles par l'utilisateur final.
2xx — Succès. La requête a été reçue, comprise et acceptée. 200 OK est le défaut ; les API utilisent aussi 201 pour la création et 204 pour les réponses vides.
3xx — Redirection. Le client doit effectuer une action supplémentaire, généralement suivre l'en-tête Location. 301/308 sont permanentes, 302/307 temporaires, 304 signifie « utilisez votre cache ».
4xx — Erreurs client. La requête elle-même est en cause : syntaxe invalide (400), authentification manquante (401), accès interdit (403), ressource introuvable (404) ou rate limiting (429).
5xx — Erreurs serveur. Le serveur n'a pas pu traiter une requête valide : exception non gérée (500), upstream cassé (502), surcharge ou maintenance (503), timeout upstream (504). Ce sont les codes à surveiller et sur lesquels alerter.
Soyez alerté dès que votre API renvoie un 5xx
ContinuumNexus vérifie vos endpoints depuis plusieurs régions et vous envoie un e-mail dès qu'un code de statut dérape.
Questions fréquentes
- Quelle différence entre 502, 503 et 504 ?
- Les trois proviennent d'une gateway ou d'un load balancer devant votre application. 502 : l'upstream a renvoyé une réponse invalide. 503 : le service est indisponible (surcharge, maintenance, backend crashé). 504 : l'upstream n'a pas répondu à temps.
- Quelle différence entre 401 et 403 ?
- 401 Unauthorized signifie « vous n'êtes pas authentifié » — fournissez des identifiants valides et réessayez. 403 Forbidden signifie « vous êtes authentifié mais pas autorisé » — réessayer avec les mêmes identifiants ne changera rien.
- 301 ou 302 pour une redirection ?
- Utilisez 301 (ou 308) quand le déplacement est permanent — les navigateurs le mettent en cache et les moteurs de recherche transfèrent les signaux de classement. Utilisez 302 (ou 307) pour du temporaire. Si la méthode HTTP doit être préservée, préférez 307/308 à 302/301.
- Que signifie 429 Too Many Requests ?
- Le serveur vous applique un rate limit : vous avez envoyé plus de requêtes qu'autorisé dans une fenêtre de temps. Respectez l'en-tête Retry-After, ajoutez un backoff à votre client ou demandez un quota supérieur.
- Quels codes un moniteur d'uptime doit-il considérer comme « down » ?
- Tout 5xx est un échec côté serveur et doit alerter. Pour les 4xx, cela dépend du contexte : un 404 sur votre endpoint de health check est un bug de déploiement, tandis qu'un 401 peut simplement signifier que le moniteur n'a pas d'identifiants. Les outils comme ContinuumNexus permettent d'asserter le code exact attendu.