HTTP response status codes are used by servers to indicate when a specific HTTP request has been successful or if it has encountered some sort of error.
Understanding status codes and how to utilise them can allow you to rapidly diagnose site faults and minimise downtime on your site. These status codes are the internet equivalent of a conversation between your browser and the server.
Responses are grouped into five classes. The first digit of the status code defines the class of response, while the last two digits do not have any classifying or categorization role. The standard defines five classes:
Informational Responses (100–199)
Successful Responses (200–299)
Redirection Messages (300–399)
Client Error Responses (400–499)
Server Error Responses (500–599)
Informational Responses
An informational response indicates that the server received the request and is thinking through it. It is issued temporarily while the request processing continues. It alerts the client to wait for a final response.
The message consists of the status line and optional header fields only and is terminated by an empty line.
100 Continue
This status code indicates that the server has received the request headers, and the client should proceed to send the request body. That is in the case where a body needs to be sent, like a POST request. After a request is denied due to incorrect headers, it would be inefficient to send a large request body to the server.
To have a server check the request's headers, a client must send Expect: 100-continue as a header in its initial request and receive a 100 Continue status code in response before sending the body. The request’s body should not be sent if the client receives an error code of 403 (Forbidden)or 405 (Method Not Allowed).
A response of 417 Expectation Failed indicates that the request should be repeated without the Expect header, as it indicates that the server does not support expectations.
This temporary response indicates that the client should continue the request or ignore the response if the request is already finished.
101 Switching Protocols
In response to a client's upgrade request header, the server sends this status code, which specifies the protocol the server is moving to. This simply means the client has asked the server to switch protocols, and the server has agreed to do so.
102 Processing
This status code means that although the request has been received and is being processed by the server, a response is not yet available. By doing this, the client is kept from time out and thinking that the request was lost. This status code is deprecated.
103 Early Hints
This status code is used to return some response headers before the final HTTP message. It is primarily intended to be used with the _Link _header. It lets the user agent know to start preloading resources while the server prepares a response.
Successful Responses
A successful response indicates the request was successful and the browser got the expected response from the server. This class of status codes indicates the action requested by the client was received, understood, and accepted.
200 OK
This is an indication of a successful HTTP request. The response you get will depend on the request method used.
In a GET request, the response will contain the resource that has been fetched and transmitted in the message body.
In a POST request, the resource contains a description of the result of the action, which is transmitted through the message body.
201 Created
With this status code, it means a new resource has been created due to the request succeeding. This type of response is typical for a POST request, or some PUT requests.
202 Accepted
This status code means that the request has been accepted for processing but has not been completed. The request might eventually get acted upon or not and may be disallowed when processing occurs.
This is because it is noncommittal since there is no way HTTP can send an asynchronous response indicating the outcome of the request. It is meant for cases where another server handles the request.
203 Non-Authoritative Information
This indicates that the server has received a 200 OK from its origin but it is returning a modified version of the origin’s response.
It is mostly used for backups or mirrors of another server.
204 No Content
This means that the server has received the request and processed it, but is not returning any content.
The headers may be useful in this scenario.
205 Reset Content
This indicates that the user agent or user should reset the document that sent the request. No content is usually returned.
206 Partial Content
This response code indicates that the range header sent from the client has requested only part of a resource.
The range of header is used by the client to enable resuming of interrupted downloads or split a download into multiple simultaneous streams.
207 Multi-Status
The message body from this request is usually an XML message. Such a body can contain multiple response codes and information about multiple resources, depending on how many sub-requests were made.
226 IM Used
IM stands for Instance-Manipulation. This response code means a server has successfully processed a request for the resource.
The response obtained is a representation of what happens when the current instance is subjected to one or more instance manipulations.
Redirection Messages
A redirection message is sent after you get redirected. It indicates that the request was received, but there was a redirect of some kind. This class of status code indicates that the client must take additional action to complete the request.
The additional action may be carried out by the user agent with no user interaction only if the method used in the second request is GET or HEAD. The user agent may also redirect the request. The user agent should be able to detect and intervene to prevent cyclical redirects.
300 Multiple Choices
This status code indicates that the request has more than one response. The user agent or user is prompted to choose one.
301 Moved Permanently
This status code means that the URL of the requested resource has been changed permanently and all requests should be directed to the given URL.
302 Found
This response code means that the URL of the requested resource has been changed on a temporary basis and further changes may be made to the URL in the future. Therefore, the same URL should be used by the user agent or user in future requests.
303 See Other
When the status code is displayed for a GET request, it usually indicates that the response can be found at another URL. When received in response to a POST or PUT or DELETE request, it indicates that the client should presume that the server has received the data and should send a GET request to the given URL.
304 Not Modified
This is meant for caching purposes. By caching, it means data is stored in temporary storage locations so it can be accessed faster. It also tells the user agent or user that the response has not been modified so the client can continue to use the same cached version of the response.
307 Temporary Redirect
This response code means that the user agent or user should get the requested resource at another URL using the same HTTP method. That is, if a POST request is used in the original request, a POST request should be used in the second request. However, future requests should still use the original URL as it is on a temporary basis.
308 Permanent Redirect
This means that the resource has been relocated permanently to another URL. However, the same HTTP method should be used in the second request as the first one.
Client Error Responses
This class of status codes indicates that the site or page could not be reached. This simply means that the request was made but the page is not valid. This error is from the website’s side of the conversation and often appears when a page does not exist on the site.
This class of status code is intended for situations in which the error seems to have been caused by the client. The message from the server should include an entity containing an explanation of the error situation, and whether it is a temporary or permanent condition except when it is responding to a HEAD request. Any request method can use these status codes.
400 Bad Request
This status code indicates that the server cannot process the request due to client errors like malformed request syntax, invalid request message framing or deceptive request routing.
401 Unauthorised
This response simply means "unauthenticated". That is, the client must authenticate itself to get the requested response. The response must include a WWW-Authenticate header field containing a challenge applicable to the requested resource.
Also, some sites incorrectly issue HTTP 401 when an IP address is banned from the website (usually the website domain) and that specific address is refused permission to access a website.
402 Payment Required
The main aim for creating this status code was to use it for digital payment systems, however, this status code is used very rarely and no standard convention exists.
For example, Google Developers API uses this status code if a developer has exceeded the daily limit on API requests.
Sipgate uses this status code if an account does not have sufficient funds to start a call.
Shopify uses this status code when the store has not paid its fees and has been temporarily disabled.
Stripe uses this status code for failed payments where parameters were incorrect, like blocked fraudulent payments.
403 Forbidden
This status code means that the client does not have access rights to the content, that is, it is unauthorised, so the server is refusing to give the requested resource. Here, the request contained valid and correct data that was understood by the server but refused to take action.
This may be a result of the user not having the necessary permissions for a resource, needing an account, or attempting a prohibited action like creating a duplicate record where only one is allowed.
Authentication is usually refused by the server when this status code is returned. The request should not be repeated.
404 Not Found
In an API, this status code means that the endpoint and request are valid but the resource itself does not exist. In a browser, it means the URL is not recognized.
It is the most well-known status code because of its frequent occurrence on the web.
405 Method Not Allowed
Here, this status code indicates that the request method is known by the server but is not supported by the target resource. For example, an API may not allow calling DELETE to remove a resource from its endpoint or a GET request on a form that requires data to be presented via POST.
406 Not Acceptable
This status code is sent when there is no content that matches the criteria given by the user agent. This simply means that the requested resource is only capable of generating unacceptable content for the headers in the request.
407 Proxy Authentication Required
This is similar to 401 unauthorised but authentication needs to be done by a proxy. Proxy here means a server application that acts as an intermediary between the client requesting a resource and the server providing the resource.
The client must first authenticate itself with the proxy before the requested resource can be provided.
408 Request Timeout
This means that the client did not produce a request within the time that the server was prepared to wait and would like to shut down the idle connection. The client may repeat such requests without modifications at a later time.
Also, note that some servers may shut down the connection without sending this message.
409 Conflict
This indicates that a conflict has occurred. When a request cannot be processed because of conflicts with the current state of the server, this status code is sent as a response.
410 Gone
This status code is sent when the requested content has been permanently removed from the server with no forwarding address. Upon receiving a 410 status code, the client should not request the resource in the future as it is no longer available and will not be available again.
411 Length Required
This status code indicates that the server rejected the request because the Content-Length header field is not defined and is required by the server.
412 Precondition Failed
This status code indicates that the client has indicated some preconditions in its headers that the server does not meet.
413 Payload Too Large
Here, the request load is larger than the limit allowed by the server. Hence, the server might close the connection or return a retry-after header field.
414 URI Too Long
URI stands for Uniform Resource Identifier and they allow a client to identify a resource. For this status code, however, it is displayed when the URI requested by the client is longer than a server can process.
It is often the result of too much data being encoded as a query string of a GET request, in which case it should be converted to a POST request.
415 Unsupported Media Type
This means that the server has rejected the request because the media format of the requested data is not in a supported format.
416 Range Not Satisfiable
This status code indicates that the range specified in the range header field of the request is outside the size of the target URI’s data and the request cannot be fulfilled.
417 Expectation Failed
This response code means that the server cannot meet the expectation indicated by the expect request header field.
421 Misdirected Request
You get this response when the request is directed at a server that is not able to produce a response.
422 Unprocessable Entity
This response code means that the request was well-formed but was unable to be processed due to semantic errors. And by semantic error, it means that the program produces incorrect results when executed.
423 Locked
You get this response when the resource being requested is locked.
424 Failed Dependency
This response code means that the request failed due to the failure of a previous request.
425 Too Early
This status code indicates that the server will not risk processing a request because it might be replayed.
426 Upgrade Required
This status code indicates that the server will not process the request using the current protocol but will do so after the client upgrades to a different protocol.
428 Precondition Required
This status code indicates that the server is trying to prevent a conflict. It requires the request to be conditional so as to prevent the lost update problem.
429 Too Many Requests
You get this response when you have sent too many requests in a particular amount of time.
431 Request Header Fields Too Large
You get this response when the server won’t process the request because its header fields are too large. You may need to reduce the size of your request header field to get the server to process your request.
451 Unavailable For Legal Reasons
This status code indicates that the user requested a resource that is censored legally. The server operator has received a legal demand to deny access to such resources.
Server Error Responses
This class of status codes indicate when a valid request was made by the client but the server failed to complete the request. A response status code of this kind indicates that the server is aware that it has encountered an error or is incapable of performing the request.
The message from the server should include an entity containing an explanation of the error situation, and whether it is a temporary or permanent condition except when it is responding to a HEAD request. Any request method can use these status codes.
500 Internal Server Error
You get this generic error message when the server has encountered a situation it does not know how to handle.
501 Not Implemented
This usually means that the server does not recognize the request method and such request method is not supported therefore it cannot be handled.
502 Bad Gateway
This usually indicates that the server got an invalid response from the upstream server while working as a gateway to get the response needed to handle the request.
503 Service Unavailable
This status code is sent as a response to indicate an error that is temporary. Here, the server is not yet ready to handle the request usually because the server is down for maintenance or is overloaded.
504 Gateway Timeout
This usually indicates that the server did not get a response in time while acting as a gateway from the upstream server.
505 HTTP Version Not Supported
This means the server does not support the HTTP version used in the request.
506 Variant Also Negotiates
This means that the server has an internal configuration error where a transparent content negotiation for the request results in a circular reference.
507 Insufficient Storage
The request could not be completed because the server was unable to store the representation needed to successfully complete the request.
508 Loop Detected
This means an infinite loop was detected while processing the request.
510 Not Extended
This usually means that the server requires further extension to the request to fulfil it.
511 Network Authentication Required
This indicates that the client needs to authenticate to gain network access.
Top comments (0)