HTTP status codes are numeric code values that a server sends back to the client wrapped in the response indicating the status of the request. They are categorized into 5 classes:
200 OK
Status code 200 indicates that the request has been successfully received, understood, and accepted by the server. It is the most common status code used to indicate a successful request. When a client, such as a web browser, sends a request to a server and the server responds with a status code 200, it means that the server was able to understand and process the request and that the requested resource, such as a webpage, is available to the client. This is the standard response for HTTP requests that have been successfully completed.
201 Created
A status code of 201 indicates that the request has been successfully received, understood, and accepted by the server, and that a new resource has been created as a result. This status code is typically used in response to a POST request that has resulted in the creation of a new resource on the server. When a client sends a request to create a new resource, such as a new user or a new blog post, and the server responds with a status code 201, it means that the server has successfully processed the request and created the new resource. Along with the status code, the response should include a Location header with the URL of the newly created resource.
202 Accepted
A status code of 202 indicates that the request has been received by the server, but it has not been processed yet. It means that the server has understood the request, but it needs additional time to complete it. This status code is typically used when the server is processing a long-running request, such as a file upload or a database update. This status code can be used along with the Retry-After header to indicate how long the client should wait before trying again.
203 Non-Authoritative Information
A status code of 203 indicates that the request has been successfully received and understood by the server, but the server is returning information that is not from the authoritative source. It means that the server is returning information that is not considered to be the original or official source of the data. This status code is typically used in situations where a server may be proxying or caching information from another source. This status code is similar to the 200 OK status code, but it indicates that the information being returned may not be the original or official data.
204 No Content
A status code of 204 indicates that the request has been successfully received, understood, and accepted by the server, but there is no further information to send back. This status code is typically used in response to a DELETE, PUT or PATCH request that has been successful, but there is no additional information to be returned to the client. This status code should not include a message body.
205 Reset Content
A status code of 205 indicates that the request has been successfully received, understood, and accepted by the server, and that the server is asking the client to reset the document view. This status code is typically used in response to a PUT or PATCH request that modifies the resource on the server, but the client needs to refresh its view of the resource.
It's important to note that this status code should not include a message body, and it should also include a "Reset" header field to indicate which fields the client should reset. This status code is not commonly used and it's not supported by all browsers.
206 Partial Content
A status code of 206 indicates that the server has successfully fulfilled a partial GET request for the resource. This status code is typically used when a client sends a request for a specific range of bytes of a resource, rather than the entire resource.
When a client sends a request with a "Range" header field, indicating that it only wants to retrieve a specific range of bytes from the resource, and the server responds with a status code 206, it means that the server has successfully fulfilled the request and it's returning the specific range of bytes requested. Along with the status code, the response should include a "Content-Range" header field indicating the range of bytes being returned and the total size of the resource.
This status code is useful when a client wants to retrieve only a portion of the resource, such as when streaming video or audio, or when resuming a download that was previously interrupted. It's important to note that the requested range should be satisfiable and the server should return the 416 "Requested Range Not Satisfiable" status code if the range is not satisfiable.
300 Multiple Choices
A status code of 300 indicates that the requested resource has multiple options for the client to choose from. It means that the requested resource can be accessed from multiple locations and the server is returning a list of options for the client to choose from.
This status code is typically used when a server has multiple representations of a resource, such as in the case of content negotiation, and the client needs to choose which representation it wants to access.
It's important to note that this status code should be accompanied by a "Location" header field or an HTML page containing links to the different options, in order to give the client an idea of the available options and it's up to the client to decide which representation it wants to access. This status code is not commonly used and it's not supported by all browsers.
301 Moved Permanently
A status code of 301 indicates that the requested resource has been permanently moved to a new location and that all future requests should be directed to the new location. It means that the requested resource is no longer available at the original location and that the client should update its bookmarks or cached links to the new location.
Along with the status code, the response should include a "Location" header field indicating the new location of the resource.
It's important to note that this status code also causes the client browser to cache the new location, and it will redirect all future requests to the new location without asking the server, unless the cache is cleared. This status code should be used when the resource has been permanently moved, if the move is temporary the status code 302 "Found" or 307 "Temporary Redirect" should be used instead.
302 Found (Previously "Moved Temporarily")
A status code of 302 indicates that the requested resource has been temporarily moved to a new location and that the client should continue to request the resource from the new location. It means that the requested resource is temporarily not available at the original location and that the client should continue to request the resource from the new location.
This status code is typically used when a website or a specific resource has been temporarily moved to a new URL, and the server wants to redirect all future requests to the new location. Along with the status code, the response should include a "Location" header field indicating the new location of the resource.
It's important to note that this status code also causes the client browser to cache the new location, and it will redirect all future requests to the new location without asking the server, unless the cache is cleared. This status code should be used when the resource has been temporarily moved, if the move is permanent the status code 301 "Moved Permanently" should be used instead.
303 See Other
A status code of 303 indicates that the requested resource can be found at a different location and that the client should request the resource from that location instead. It means that the requested resource is available at a different location, and the server is redirecting the client to that location.
This status code is typically used in situations where the requested resource has been replaced with a new resource, and the server wants to direct the client to the new resource. Along with the status code, the response should include a "Location" header field indicating the new location of the resource.
It's important to note that this status code is similar to the 301 "Moved Permanently" status code, but it indicates that the move is not permanent and the client should continue to use the original URL for future requests. Additionally, this status code is also similar to the 307 "Temporary Redirect" but it indicates that the method used to request the resource should be changed to a GET method, regardless of the method used in the original request.
304 Not Modified
A status code of 304 indicates that the requested resource has not been modified since the last time it was requested by the client. It means that the client already has a cached copy of the resource and the server is confirming that the cached copy is still up to date.
This status code is typically used when a client sends a request with an "If-Modified-Since" or "If-None-Match" header, and the resource has not been modified since the specified date or ETag. Along with the status code, the response should not include a message body.
It's important to note that this status code is used as a way to save bandwidth and reduce server load by not sending a full response when the resource hasn't changed. This status code is often used in conjunction with caching mechanisms, both on the client and server side, to improve the performance and user experience of web applications.
305 Use Proxy
A status code of 305 indicates that the requested resource must be accessed through the specified proxy. It means that the client needs to use the specified proxy to access the requested resource.
This status code is typically used when the server wants to direct the client to access the resource through a specific proxy. Along with the status code, the response should include a "Location" header field indicating the location of the proxy.
It's important to note that this status code is not commonly used and it's not supported by all browsers. Additionally, it's not a recommended way to redirect clients to a proxy, it's better to use the 302 or 307 status codes instead. This status code is also not a good way to implement access control, it's better to use authentication and authorization methods instead.
307 Temporary Redirect
A status code of 307 indicates that the requested resource has been temporarily moved to a new location and that the client should continue to request the resource from the new location using the same method as the original request. It means that the requested resource is temporarily not available at the original location and that the client should continue to request the resource from the new location using the same method as the original request.
This status code is typically used when a website or a specific resource has been temporarily moved to a new URL, and the server wants to redirect all future requests to the new location using the same method as the original request. Along with the status code, the response should include a "Location" header field indicating the new location of the resource.
It's important to note that this status code is similar to the 302 "Found" status code, but it indicates that the client should use the same method as the original request when requesting the resource from the new location. Additionally, this status code is also similar to the 303 "See Other" status code, but it indicates that the client should use the same method as the original request when requesting the resource from the new location, rather than changing it to a GET method.
400 Bad Request
HTTP status code 400, also known as "Bad Request", is a client error status code indicating that the server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). It means that the request sent by the client was in some way malformed or invalid, and the server was unable to process it.
This status code is typically used when the server is unable to understand or process the request due to a problem with the request itself, such as a missing or incorrect parameter. It can also be used when the client has provided incorrect authentication credentials or when the request is missing a required header.
It's important to note that this status code should be used when the client is at fault, if the problem is with the server, the 500 series of status codes should be used instead. Additionally, it's a good practice to include a response body with more information about the error, and also include the "Allow" header if the client is sending a request with a method that's not supported by the server.
401 Unauthorized
HTTP status code 401, also known as "Unauthorized", is a client error status code indicating that the request requires user authentication. It means that the client needs to provide valid authentication credentials in order to access the requested resource.
This status code is typically used when the client is trying to access a resource that is protected by an authentication mechanism, such as a login page or a restricted area of a website. Along with the status code, the response should include a "WWW-Authenticate" header field indicating the authentication method and realm.
It's important to note that this status code should be used when the client has failed to provide valid authentication credentials, if the problem is with the server, the 500 series of status codes should be used instead. Additionally, it's a good practice to include a response body with more information about the error, and also include the "Allow" header if the client is sending a request with a method that's not supported by the server.
402 Payment Required
HTTP status code 402, also known as "Payment Required", is a reserved status code and it's not currently used in HTTP/1.1. It's reserved for future use and it could be used as a payment-related response code, however, it's not widely used and it's not supported by most browsers.
The original intention for this status code was to indicate that the client needs to make a payment in order to access the requested resource. The idea was that the server could return this status code along with a message explaining the payment requirements and a link to a payment gateway. But this status code was never widely adopted and it's not in use in HTTP/1.1.
It's important to note that, this status code should not be used in current applications and if you want to indicate that a payment is required, you should use a different status code or return a message in the response body with the payment details and instructions.
403 Forbidden
HTTP status code 403, also known as "Forbidden", is a client error status code indicating that the server understands the request, but it refuses to authorize it. It means that the client has not been granted access to the requested resource, even though they have provided valid authentication credentials.
This status code is typically used when the client is trying to access a resource that they are not authorized to access, even though they have provided valid credentials. It can also be used when the client has been blocked by the server, or when the server has detected a violation of its terms of service.
It's important to note that this status code should be used when the client is not authorized to access the resource, even though they have provided valid credentials, if the problem is with the client credentials, the 401 "Unauthorized" status code should be used instead. Additionally, it's a good practice to include a response body with more information about the error, and also include the "Allow" header if the client is sending a request with a method that's not supported by the server.
404 Not Found
HTTP status code 404, also known as "Not Found", is a client error status code indicating that the server cannot find the requested resource.
It's important to note that this status code should be used when the client has requested a resource that doesn't exist on the server, if the problem is with the server, the 500 series of status codes should be used instead. Additionally, it's a good practice to include a response body with more information about the error, and also include the "Allow" header if the client is sending a request with a method that's not supported by the server. It's also a good practice to provide a custom 404 page with links to other pages in your website, which can help the user to find what they were looking for.
405 Method Not Allowed
HTTP status code 405, also known as "Method Not Allowed", is a client error status code indicating that the requested resource does not support the HTTP method that the client used in the request. It means that the client has used an HTTP method (such as GET, POST, PUT, DELETE) that is not supported by the requested resource.
This status code is typically used when the client sends a request using an HTTP method that is not supported by the server.
It's important to note that this status code should be used when the client has used an HTTP method that is not supported by the requested resource, if the problem is with the server, the 500 series of status codes should be used instead. Additionally, it's a good practice to include a response body with more information about the error, and also include the "Allow" header if the client is sending a request with a method that's not supported by the server. This can help the client to understand which methods are supported by the resource and avoid similar errors in the future.
406 Not Acceptable
HTTP status code 406, also known as "Not Acceptable", is a client error status code indicating that the server cannot produce a response matching the list of acceptable values defined in the client's request headers. It means that the client has asked for a specific representation of a resource, but the server is unable to provide it.
If the problem is with the server, the 500 series of status codes should be used instead. Additionally, it's a good practice to include a "Content-Type" header in the response, indicating the media type that the server is able to provide. This can help the client understand what media types are supported by the resource and avoid similar errors in the future.
407 Proxy Authentication Required
HTTP status code 407, also known as "Proxy Authentication Required", is a client error status code indicating that the client must first authenticate itself with the proxy before the requested resource can be accessed. It means that the client needs to provide valid authentication credentials to the proxy in order to access the requested resource.
This status code is typically used when the client is trying to access a resource that is protected by a proxy-based authentication mechanism. Along with the status code, the response should include a "Proxy-Authenticate" header field indicating the authentication method and realm.
It's important to note that this status code should be used when the client has failed to provide valid authentication credentials to the proxy, if the problem is with the client credentials, the 401 "Unauthorized" status code should be used instead. Additionally, it's a good practice to include a response body with more information about the error, and also include the "Allow" header if the client is sending a request with a method that's not supported by the server.
408 Request Timeout
HTTP status code 408, also known as "Request Timeout", is a client error status code indicating that the server did not receive a complete request message within the time that it was prepared to wait. It means that the client took too long to send the request and the server closed the connection.
Additionally, it's a good practice to include a response body with more information about the error and also include the "Retry-After" header field if the client is able to retry the request after a certain time.
409 Conflict
HTTP status code 409, also known as "Conflict", is a client error status code indicating that the request could not be completed due to a conflict with the current state of the resource.
This status code is typically used when the client sends a request to create, update or delete a resource and the request cannot be fulfilled due to a conflict with the current state of the resource.
Additionally, it's a good practice to include a response body with more information about the error, and also include the "Allow" header if the client is sending a request with a method that's not supported by the server.
410 Gone
HTTP status code 410, also known as "Gone", is a client error status code indicating that the requested resource is no longer available at the server and no forwarding address is known. It means that the client's request cannot be fulfilled because the resource is permanently unavailable.
This status code is typically used when the client sends a request for a resource that no longer exists on the server and the server has no forwarding address for it. This could happen for various reasons such as the resource being deleted, moved or retired.
It's important to note that this status code should be used when the client's request cannot be fulfilled because the resource is permanently unavailable, unlike the 404 status code which indicates that the resource is temporarily not found. Additionally, it's a good practice to include a response body with more information about the error and also include the "Allow" header if the client is sending a request with a method that's not supported by the server.
411 Length Required
HTTP status code 411, also known as "Length Required", is a client error status code indicating that the server is refusing to accept the request without a valid Content-Length header field.
The "Content-Length" header field is used to indicate the size of the request body, and it's required for certain types of requests such as POST and PUT.
Additionally, it's a good practice to include a response body with more information about the error, and also include the "Allow" header if the client is sending a request with a method that's not supported by the server.
412 Precondition Failed
HTTP status code 412, also known as "Precondition Failed", is a client error status code indicating that one or more preconditions in the request headers have failed to be met by the server. It means that the client's request cannot be fulfilled because it did not meet the server's preconditions.
This status code is typically used when the client sends a request with certain preconditions in the headers, such as "If-Match" or "If-Unmodified-Since", and the server is unable to meet those preconditions.
Additionally, it's a good practice to include a response body with more information about the error and also include the "Allow" header if the client is sending a request with a method that's not supported by the server. Also, the headers that caused the precondition failure can be included in the response, this can help the client understand what went wrong and adjust the request accordingly.
413 Request Entity Too Large
HTTP status code 413, also known as "Payload Too Large", is a client error status code indicating that the server is refusing to process a request because the request payload (the data sent in the request body) is too large.
This status code is typically used when the client sends a request with a payload that exceeds the server's maximum allowed size.
Additionally, it's a good practice to include a response body with more information about the error and also include the "Allow" header if the client is sending a request with a method that's not supported by the server. Also, the server can include the maximum allowed payload size in the response, this can help the client understand the size limit and adjust the request accordingly.
414 Request-URI Too Long
HTTP status code 414, also known as "URI Too Long", is a client error status code indicating that the server is refusing to service the request because the request URI (the part of the URL that comes after the domain name) is too long.
415 Unsupported Media Type
HTTP status code 415, also known as "Unsupported Media Type", is a client error status code indicating that the server is refusing to accept the request because the request payload format is in a format not supported by the server or by the resource identified by the URI. It means that the client's request cannot be fulfilled because the format of the data sent in the request body is not supported by the server.
416 Requested Range Not Satisfiable
HTTP status code 416, also known as "Range Not Satisfiable", is a client error status code indicating that the server is unable to satisfy the client's request for a specific range of bytes of a resource, typically because the range is invalid or outside the range of the current resource. It means that the client's request cannot be fulfilled because the specified range of bytes of the resource is not valid.
417 Expectation Failed
HTTP status code 417, also known as "Expectation Failed", is a client error status code indicating that the server was unable to meet the expectations set in the request's "Expect" header field. It means that the client's request cannot be fulfilled because the server cannot meet the expectation specified in the request.
500 Internal Server Error
HTTP status code 500, also known as "Internal Server Error", is a server error status code indicating that the server has encountered an unexpected condition that prevented it from fulfilling the request. It means that there is a problem with the server and the client's request cannot be fulfilled.
It's important to note that this status code should be used when there is a problem with the server and the client's request cannot be fulfilled. The 500 series of status codes are intended for cases where the server itself is at fault, as opposed to the client. Additionally, it's a good practice to include a response body with more information about the error, if possible. It's also worth noting that a 500 error can occur due to many reasons, such as a programming error, a database connection error, misconfigured server and etc.
501 Not Implemented
HTTP status code 501, also known as "Not Implemented", is a server error status code indicating that the server does not support the request method used by the client.
This status code is typically used when the client sends a request with a method (such as GET, POST, PUT, DELETE, etc.) that the server is not configured to handle or support. When a client sends a request and the server responds with a status code 501, it means that the server does not support the request method used by the client.
It's important to note that this status code should be used when the client's request cannot be fulfilled because the server does not support the request method used by the client. The 501 status code should be used when the server does not support or recognize the request method. Additionally, it's a good practice to include a response body with more information about the error and also include the "Allow" header with a list of the methods that are supported by the server.
502 Bad Gateway
HTTP status code 502, also known as "Bad Gateway", is a server error status code indicating that the server, while acting as a gateway or proxy, received an invalid response from an inbound server it accessed while attempting to fulfill the request.
This status code is typically used when the server, while acting as a gateway or proxy, receives an invalid response from an inbound server it accessed while attempting to fulfill the request.
503 Service Unavailable
HTTP status code 503, also known as "Service Unavailable", is a server error status code indicating that the server is currently unable to handle the request due to a temporary overload or maintenance. It means that the client's request cannot be fulfilled because the server is currently unavailable to handle the request.
It's important to note that this status code should be used when the client's request cannot be fulfilled because the server is currently unavailable to handle the request, this can happen for a variety of reasons such as too many requests being made to the server, maintenance, or issues with the server. Additionally, it's a good practice to include a response body with more information about the error, if possible, and also include the "Retry-After" header to indicate when the server will be available again.
504 Gateway Timeout
HTTP status code 504, also known as "Gateway Timeout", is a server error status code indicating that the server, while acting as a gateway or proxy, did not receive a timely response from an upstream server it accessed while attempting to fulfill the request.
This status code is typically used when the server, while acting as a gateway or proxy, did not receive a timely response from an upstream server it accessed while attempting to fulfill the request.
505 HTTP Version Not Supported
HTTP status code 505, also known as "HTTP Version Not Supported" is a server error status code indicating that the server does not support the protocol version used in the request.
It's important to note that this status code should be used when the client's request cannot be fulfilled because the server does not support the version of the HTTP protocol used in the request. The 505 status code is intended for cases where the server is not able to understand the version of the protocol used in the client's request, which can happen if the client is using an old or outdated version of the protocol. Additionally, it's a good practice to include a response body with more information about the error, if possible, and also include the "Allow" header to indicate the versions of the protocol that the server supports.