complete.tools

HTTP Status Code Reference

Interactive searchable lookup of all HTTP status codes with descriptions

What are HTTP status codes

HTTP status codes are three-digit numbers returned by a web server in response to every HTTP request. They tell the client — whether that is a browser, an API consumer, or a mobile app — whether the request succeeded, failed, or requires further action.

Every time you visit a web page, submit a form, or call an API, the server sends back a status code as part of its response. Most of the time this happens invisibly in the background, but when something goes wrong, these codes are your first clue about what happened.

Status codes are defined by the HTTP specification (RFC 9110) and are grouped into five classes, each identified by the first digit of the three-digit number. They are universally recognized across all web servers, browsers, and API clients.

Status code categories

HTTP status codes are organized into five categories based on their first digit:

**1xx — Informational:** The server has received the request and the client should continue. These codes are rarely seen directly by developers and are mostly used internally during connection setup. Examples include 100 Continue and 101 Switching Protocols (used for WebSocket upgrades).

**2xx — Success:** The request was received, understood, and accepted. These are the codes you want to see. A 200 OK means everything worked. A 201 Created confirms a new resource was made. A 204 No Content means success with nothing to return — common for DELETE requests.

**3xx — Redirection:** Further action is needed to complete the request. The client must follow the redirect to a new URL. 301 Moved Permanently is used for permanent URL changes (important for SEO), while 302 Found and 307 Temporary Redirect are used for temporary redirects. 304 Not Modified tells the client to use its cached copy.

**4xx — Client Errors:** The request contains bad syntax or cannot be fulfilled. The problem is on the client side. 400 Bad Request means the request was malformed. 401 Unauthorized requires authentication. 403 Forbidden means authenticated but not allowed. 404 Not Found is the most famous code of all. 429 Too Many Requests signals rate limiting.

**5xx — Server Errors:** The server failed to fulfill a valid request. The problem is on the server side. 500 Internal Server Error is the generic server failure. 502 Bad Gateway and 504 Gateway Timeout usually mean a downstream service is unavailable. 503 Service Unavailable means the server is temporarily overloaded or in maintenance.

Most common status codes

While there are over 60 defined HTTP status codes, a small set appears in the vast majority of web traffic:

**200 OK** is by far the most common code and means everything went as expected. Most successful web requests return 200.

**301 Moved Permanently** and **302 Found** are the standard redirect codes. 301 is preferred for permanent moves because search engines transfer ranking signals to the new URL.

**304 Not Modified** is invisible to users but improves performance. It tells the browser to use its cached copy of a resource instead of downloading it again.

**400 Bad Request** and **422 Unprocessable Content** are common in API development when submitted data fails validation.

**401 Unauthorized** appears whenever a protected endpoint is accessed without valid credentials. **403 Forbidden** appears when credentials are valid but insufficient for the requested action.

**404 Not Found** is the most recognized error on the web, appearing whenever a URL does not correspond to any existing resource.

**429 Too Many Requests** is increasingly important in the era of APIs and rate limiting. It tells clients to slow down and often includes a Retry-After header.

**500 Internal Server Error** is the catch-all for unexpected server failures. It usually indicates a bug or misconfiguration in the server application.

**502 Bad Gateway** and **503 Service Unavailable** are common in distributed architectures where one service calls another.

How to use this reference

1. Type a status code number (such as 404) or a keyword (such as "redirect" or "authentication") in the search box to filter the list. 2. Use the category buttons to filter by status code class: All, 1xx Informational, 2xx Success, 3xx Redirection, 4xx Client Error, or 5xx Server Error. 3. Read the description to understand what the code means and when it is used. 4. Use the category badge on each card to quickly identify what type of response it represents. 5. Combine search and category filters to narrow down to exactly the codes you need.

FAQs

Q: What is the difference between 401 and 403? A: A 401 Unauthorized response means the request requires authentication and the client has not provided valid credentials. A 403 Forbidden response means the client is authenticated but does not have permission to access the resource. In short, 401 means "who are you?" and 403 means "I know who you are, but you cannot do this."

Q: What is the difference between 301 and 302 redirects? A: A 301 Moved Permanently redirect indicates that the resource has moved to a new URL forever. Search engines update their index and pass SEO value to the new URL. A 302 Found redirect is temporary. Search engines keep the original URL in their index because the content may return. Use 301 for permanent site migrations and 302 for short-term redirects.

Q: Why does 404 Not Found appear so often? A: 404 appears when a URL does not map to any resource on the server. This happens when pages are deleted, URLs are changed without redirects, or when someone types a URL incorrectly. It is normal for websites to serve some 404 responses, but high volumes can indicate broken links or migration issues that need attention.

Q: What should I do when I see a 500 Internal Server Error? A: A 500 error means the server encountered an unexpected problem. As a user, you can try refreshing the page. As a developer, check your server logs for stack traces, look for recent code deployments, and verify that all dependencies and services are running correctly.

Q: What is the difference between 302, 307, and 303 redirects? A: These three codes all indicate temporary redirects but with different rules about which HTTP method to use. A 302 may change a POST to a GET (behavior varies by browser). A 307 Temporary Redirect requires the client to use the same method as the original request. A 303 See Other always uses GET for the redirect, making it ideal for the Post-Redirect-Get pattern used after form submissions.

Q: What does 429 Too Many Requests mean? A: A 429 response means the client has exceeded the rate limit set by the server. APIs use this to prevent abuse and ensure fair use. The response may include a Retry-After header telling you how long to wait before making another request. Back off and retry after the indicated time, or implement exponential backoff if no time is given.

Q: Is 418 I'm a Teapot a real HTTP status code? A: Yes, technically. It was defined in RFC 2324 as an April Fools' joke in 1998, stating that a teapot refuses to brew coffee. Despite being a joke, it made it into many web servers and frameworks as an Easter egg. It is not meant for production use but is a beloved piece of web culture.

Explore Similar Tools

Explore more tools like this one:

- QR Code Data Capacity Calculator — Check if your data fits in a given QR code version... - Vibe-Code Stress Tester — Paste AI-generated code and get a Fragility Score —... - AI Token Counter — Count the exact number of tokens in your text for GPT-4,... - API Pricing Calculator — Compare API pricing models and estimate costs - Claude Code Cleaner — Clean up messy terminal output. Strips ANSI escape...