All tools in this category Full tool catalog
Guide
Browse 1xx through 5xx codes used in REST APIs, browsers, and proxies. Each row includes the standard reason phrase and a practical one-line meaning. Use the filter to jump to a code quickly.
Jump to a section or filter rows. Anchor for each code:
| Class | Code | Reason phrase | Meaning |
|---|---|---|---|
| 1xx | 100 | Continue | Client should continue with the request. |
| 1xx | 101 | Switching Protocols | Server agrees to change application protocol (for example Upgrade to WebSocket). |
| 1xx | 102 | Processing | Interim response while the server processes a WebDAV request with no final response yet. |
| 1xx | 103 | Early Hints | Used to return partial headers before the final HTTP message, often for link preload hints. |
| Class | Code | Reason phrase | Meaning |
|---|---|---|---|
| 2xx | 200 | OK | Request succeeded; meaning depends on method (GET: resource returned, POST: action result, etc.). |
| 2xx | 201 | Created | Request fulfilled and one or more new resources were created. |
| 2xx | 202 | Accepted | Request accepted for processing but processing is not complete. |
| 2xx | 203 | Non-Authoritative Information | Payload is transformed or from a secondary source compared to the origin server. |
| 2xx | 204 | No Content | Success with no response body; common for DELETE or updates that return nothing. |
| 2xx | 205 | Reset Content | Success and the client should reset the document view that sent the request. |
| 2xx | 206 | Partial Content | Range request succeeded; body contains only part of the resource. |
| 2xx | 207 | Multi-Status | WebDAV: multiple independent operations returned status in the body. |
| 2xx | 208 | Already Reported | WebDAV: members of a DAV binding were already enumerated in a previous part of the response. |
| 2xx | 226 | IM Used | Server fulfilled a GET for a resource and the response is a result of one or more instance manipulations. |
| Class | Code | Reason phrase | Meaning |
|---|---|---|---|
| 3xx | 300 | Multiple Choices | Resource has multiple representations; the client should choose. |
| 3xx | 301 | Moved Permanently | Resource URI changed permanently; future requests should use the new URI. |
| 3xx | 302 | Found | Temporary redirect; client should keep using the original URI for future requests unless directed otherwise. |
| 3xx | 303 | See Other | Response is at a different URI; GET should be used to retrieve it. |
| 3xx | 304 | Not Modified | Resource not modified since conditional headers; useful for caching validators. |
| 3xx | 307 | Temporary Redirect | Temporary redirect preserving the original HTTP method and body. |
| 3xx | 308 | Permanent Redirect | Permanent redirect preserving the original HTTP method and body. |
| Class | Code | Reason phrase | Meaning |
|---|---|---|---|
| 4xx | 400 | Bad Request | Server cannot process the request due to client error (syntax, invalid framing, or bad parameters). |
| 4xx | 401 | Unauthorized | Authentication is required or failed; often paired with WWW-Authenticate. |
| 4xx | 402 | Payment Required | Reserved for future payment schemes; rarely used in practice. |
| 4xx | 403 | Forbidden | Server understood the request but refuses to authorize it. |
| 4xx | 404 | Not Found | Origin server did not find a current representation for the target resource. |
| 4xx | 405 | Method Not Allowed | Method not supported for this resource; Allow header lists valid methods. |
| 4xx | 406 | Not Acceptable | Resource cannot produce a representation matching Accept headers. |
| 4xx | 407 | Proxy Authentication Required | Client must authenticate with the proxy first. |
| 4xx | 408 | Request Timeout | Server timed out waiting for the complete request. |
| 4xx | 409 | Conflict | Request conflicts with current state of the resource (for example version conflicts). |
| 4xx | 410 | Gone | Resource existed but is permanently gone; stronger signal than 404 for removals. |
| 4xx | 411 | Length Required | Server refuses the request without a defined Content-Length. |
| 4xx | 412 | Precondition Failed | One or more preconditions given in request headers evaluated to false. |
| 4xx | 413 | Payload Too Large | Request entity is larger than limits defined by the server. |
| 4xx | 414 | URI Too Long | Request-target longer than the server is willing to interpret. |
| 4xx | 415 | Unsupported Media Type | Payload format or Content-Type is not supported for this method or resource. |
| 4xx | 416 | Range Not Satisfiable | Range header cannot be fulfilled for the current resource size. |
| 4xx | 417 | Expectation Failed | Expect request-header field expectation could not be met. |
| 4xx | 418 | I'm a teapot | Easter egg from HTCPCP RFC; sometimes used humorously or as a non-standard signal. |
| 4xx | 421 | Misdirected Request | Request directed at a server that cannot produce a response for this authority. |
| 4xx | 422 | Unprocessable Entity | Semantics invalid (often validation errors) while syntax was acceptable; common in JSON APIs. |
| 4xx | 423 | Locked | WebDAV: resource is locked. |
| 4xx | 424 | Failed Dependency | WebDAV: method failed because a dependent action failed. |
| 4xx | 425 | Too Early | Server unwilling to risk replay when processing an early-data request. |
| 4xx | 426 | Upgrade Required | Server refuses to perform using current protocol until the client upgrades. |
| 4xx | 428 | Precondition Required | Origin server requires conditional requests to avoid lost-update problems. |
| 4xx | 429 | Too Many Requests | Rate limit or quota exceeded; often includes Retry-After. |
| 4xx | 431 | Request Header Fields Too Large | Server rejects the request because header fields are collectively too large. |
| 4xx | 451 | Unavailable For Legal Reasons | Access denied because of a legal demand (for example censorship or takedown). |
| Class | Code | Reason phrase | Meaning |
|---|---|---|---|
| 5xx | 500 | Internal Server Error | Unexpected server condition prevented fulfilling the request. |
| 5xx | 501 | Not Implemented | Server does not support the functionality required to fulfill the request. |
| 5xx | 502 | Bad Gateway | Invalid response received from an upstream server while acting as a gateway. |
| 5xx | 503 | Service Unavailable | Temporary overload or maintenance; Retry-After is common. |
| 5xx | 504 | Gateway Timeout | Upstream server did not respond in time while acting as a gateway. |
| 5xx | 505 | HTTP Version Not Supported | Server does not support the HTTP protocol version used in the request. |
| 5xx | 506 | Variant Also Negotiates | Server configuration error: chosen variant also negotiates. |
| 5xx | 507 | Insufficient Storage | WebDAV: method could not be performed on the resource because the server cannot store the representation. |
| 5xx | 508 | Loop Detected | WebDAV: server detected an infinite loop while processing the request. |
| 5xx | 510 | Not Extended | Further extensions are required for the server to fulfill the request. |
| 5xx | 511 | Network Authentication Required | Client must authenticate to gain network access (often captive portals). |
These codes often appear in nginx or Cloudflare logs but are not part of the same core RFC semantics family as 404 or 500.
| Class | Code | Reason phrase | Meaning |
|---|---|---|---|
| 4xx | 499 | Client Closed Request | Often seen with nginx when the client disconnects before the server finishes sending the response. Treat as operational telemetry, not a universal standard. |
| 5xx | 520 | Web Server Returned an Unknown Error | Used by Cloudflare when the edge cannot get a valid HTTP response from the origin. Debug upstream health, TLS, and firewall paths. |
This reference page is static HTML. The search filter runs locally in your browser and does not upload queries.
The main sections cover common RFC-family codes; a short appendix lists frequent proxy or CDN extensions. Rare vendor codes may still be missing.
History and caching rules differ. For permanent moves prefer 301 or 308; for temporary redirects prefer 302 or 307 depending on method preservation needs.
Some APIs do, but it breaks generic HTTP tooling. Prefer meaningful 4xx/5xx codes when clients should treat the response as an error at the HTTP layer.
Often it means success with no body. Clients should not expect a payload.
No. Codes describe outcomes; threat modeling, authZ, and validation are separate concerns.