正在加载,请稍候…

HTTP Status Codes: The Complete Developer Reference

A comprehensive guide to all HTTP status codes: 1xx informational, 2xx success, 3xx redirection, 4xx client errors, 5xx server errors — with real-world examples.

Understanding HTTP Status Codes

HTTP status codes are three-digit numbers returned by web servers to indicate the result of an HTTP request. They are grouped into five categories and provide essential information about whether requests succeeded, failed, or require additional action.

Status Code Categories

1xx Informational

Temporary responses indicating the server has received the request and is continuing to process it.

  • 100 Continue: Server has received headers, client should proceed with request body
  • 101 Switching Protocols: Server agrees to upgrade protocol (WebSocket handshake)
  • 103 Early Hints: Preload resources while the server prepares the response

2xx Success

The request was successfully received, understood, and accepted.

  • 200 OK: Standard success response for GET, POST
  • 201 Created: Resource created successfully (typically after POST)
  • 204 No Content: Success but no response body (DELETE operations)
  • 206 Partial Content: Server delivering part of a resource (range requests)

3xx Redirection

The client must take additional action to complete the request.

  • 301 Moved Permanently: Resource permanently moved; update your links/bookmarks
  • 302 Found: Temporary redirect; original URL may be used again
  • 304 Not Modified: Resource unchanged since last request; use cached version
  • 307 Temporary Redirect: Like 302 but preserves HTTP method
  • 308 Permanent Redirect: Like 301 but preserves HTTP method

4xx Client Errors

The request contains an error on the client side.

  • 400 Bad Request: Malformed request syntax or invalid parameters
  • 401 Unauthorized: Authentication required or credentials invalid
  • 403 Forbidden: Authenticated but not authorized for this resource
  • 404 Not Found: Resource doesn't exist at this URL
  • 405 Method Not Allowed: HTTP method not supported for this endpoint
  • 409 Conflict: State conflict (e.g., duplicate resource, version conflict)
  • 410 Gone: Resource permanently removed (unlike 404, confirms it existed)
  • 422 Unprocessable Entity: Request well-formed but semantically incorrect
  • 429 Too Many Requests: Rate limiting in effect

5xx Server Errors

The server failed to fulfill a valid request.

  • 500 Internal Server Error: Generic server-side error
  • 501 Not Implemented: Server doesn't support the request method
  • 502 Bad Gateway: Upstream server returned invalid response
  • 503 Service Unavailable: Server temporarily unavailable (maintenance, overload)
  • 504 Gateway Timeout: Upstream server didn't respond in time

Status Codes in REST API Design

Using Status Codes Semantically

Good APIs use status codes to communicate precisely:

GET /users/123     → 200 OK (user found)
GET /users/999     → 404 Not Found (user doesn't exist)
POST /users        → 201 Created (user created)
DELETE /users/123  → 204 No Content (deleted, no body)
POST /login        → 401 Unauthorized (wrong password)
GET /admin/data    → 403 Forbidden (not an admin)
POST /users        → 409 Conflict (email already exists)

Common Mistakes

  • Returning 200 with error details in the body ("200 OK" with {error: "User not found"})
  • Using 403 for unauthenticated requests (should be 401)
  • Using 500 for client validation errors (should be 400/422)
  • Always returning 200 regardless of result

Authentication vs. Authorization Confusion

401 Unauthorized is poorly named — it actually means "unauthenticated":

  • You haven't proven who you are
  • Sends WWW-Authenticate header indicating how to authenticate

403 Forbidden means "unauthorized" — you're identified but not allowed:

  • Server knows who you are
  • Your permissions don't include this resource

Caching and Status Codes

Status codes affect HTTP caching behavior:

  • 200: Cacheable by default (with appropriate headers)
  • 301: Cached indefinitely by browsers
  • 302: Generally not cached
  • 404: Can be cached (configurable)
  • 5xx: Generally not cached

Using the HTTP Status Codes Reference

Our tool provides:

  1. All status codes organized by category with names and descriptions
  2. Common usage examples for each code
  3. Search — find codes by number or keyword
  4. RFC references — link to official specifications
  5. Copy code — quickly copy the status code number for use in code

Keep it handy as a reference when designing APIs, debugging HTTP responses, and understanding web server behavior.