HTTP status codes are standardized response codes issued by a server in response to a client’s request. They help both humans and machines understand what happened to an HTTP request — whether it succeeded, failed, or something in between. Let me refresh your understanding HTTP Status Codes: The Complete Guide here.
This guide breaks down HTTP status codes into their five broad categories and highlights the most commonly used ones.
📘 HTTP Status Code Categories
All HTTP status codes are three-digit integers, and the first digit indicates the general category of response:
| Code Range | Category | Meaning |
|---|---|---|
| 1xx | Informational | Request received, continuing |
| 2xx | Success | Request successfully processed |
| 3xx | Redirection | Further action required |
| 4xx | Client Error | Request has bad syntax |
| 5xx | Server Error | Server failed to fulfill request |
✅ 2xx – Success
These indicate the request was received, understood, and accepted.
200 OK
- The request was successful.
- Common for
GETorPOSTresponses.
201 Created
- A new resource was created (often in response to a
POST). - Used in REST APIs when creating a new object.
204 No Content
- The request succeeded, but there’s no response body.
- Useful for
DELETEorPUToperations.
🚦 3xx – Redirection
These indicate that the client must take additional steps to complete the request.
301 Moved Permanently
- Resource has been permanently moved to a new URL.
- Browsers and clients should update bookmarks.
302 Found (Temporary Redirect)
- Resource is temporarily at another URL.
304 Not Modified
- The client can use cached data; nothing has changed since the last request.
- Often used with the
If-Modified-Sinceheader.
⚠️ 4xx – Client Errors
These errors indicate that the client did something wrong.
400 Bad Request
- The server couldn’t understand the request due to malformed syntax.
401 Unauthorized
- Authentication is required but missing or invalid.
- Often paired with
WWW-Authenticateheader.
403 Forbidden
- Client is authenticated, but not authorized to access the resource.
404 Not Found
- The requested resource could not be found.
405 Method Not Allowed
- HTTP method not supported by the endpoint (e.g.,
PUTto aGET-only URL).
429 Too Many Requests
- Client has sent too many requests in a short time.
- Used for rate limiting.
💥 5xx – Server Errors
These indicate the server failed to process a valid request.
500 Internal Server Error
- A generic error for unexpected conditions on the server.
502 Bad Gateway
- Received an invalid response from an upstream server (e.g., proxy error).
503 Service Unavailable
- Server is temporarily unavailable (e.g., overload or maintenance).
504 Gateway Timeout
- Server did not receive a timely response from the upstream service.
🔐 Special Considerations
- Use consistent codes in your API design to improve debugging and DX.
- Leverage the right codes to enforce RESTful principles and best practices.
- Avoid using
200 OKfor all responses — communicate meaning with precise codes.
📌 Summary Table
| Code | Meaning | Use Case |
|---|---|---|
| 200 | OK | Successful GET, POST |
| 201 | Created | Resource created |
| 204 | No Content | Successful but no response body |
| 301 | Moved Permanently | URL changed, update client |
| 302 | Found (Temporary Redirect) | Temporary redirect |
| 304 | Not Modified | Use cached version |
| 400 | Bad Request | Invalid input or syntax |
| 401 | Unauthorized | Missing/invalid auth |
| 403 | Forbidden | Authenticated but not allowed |
| 404 | Not Found | Resource doesn’t exist |
| 405 | Method Not Allowed | HTTP verb not supported |
| 429 | Too Many Requests | Rate limiting |
| 500 | Internal Server Error | Unhandled server exception |
| 502 | Bad Gateway | Proxy/gateway upstream failure |
| 503 | Service Unavailable | Temporarily overloaded or down |
| 504 | Gateway Timeout | Upstream timeout |
🧪 Summary
HTTP status codes are standardized responses from a server that indicate the outcome of a client’s request—whether it succeeded, failed, or needs further action.
0 Comments