/ Tools
A tranquil library filled with books on wooden shelves, offering a warm, inviting atmosphere.

HTTP Status Code Reference

Complete interactive reference for all HTTP status codes with real-time search, multiple display modes, and comprehensive troubleshooting guides. From 100 Continue to 511 Network Authentication Required.

Interactive Features

  • Real-Time Search – Search by code number, name, or keyword with instant results
  • Advanced Filtering – Toggle categories, view by type, filter frequently used codes
  • Multiple Display Modes – List view, grid layout, sortable table, or category tabs
  • Copy Functions – One-click copy for status codes and descriptions
  • Bookmark Codes – Save frequently used codes for quick reference
  • Keyboard Navigation – Full keyboard support for efficient browsing
  • Dark Mode – WCAG 2.1 AA compliant with automatic theme detection
  • RFC References – Direct links to official HTTP specifications
  • Print-Friendly – Optimized reference version for offline use
  • Mobile Responsive – Full functionality on all device sizes

Complete Status Code Library

Our reference includes all 40+ HTTP status codes from 100 Continue to 511 Network Authentication Required, including rare codes like 418 I’m a teapot and 451 Unavailable For Legal Reasons. Each code includes:

Detailed Information

  • Status number and text (e.g., “404 Not Found”)
  • Category classification with color coding
  • Plain-English description and meaning
  • Common causes and scenarios
  • Resolution and troubleshooting steps

Technical Details

  • RFC specification references with links
  • Sample HTTP response headers
  • Related status codes and alternatives
  • REST API best practices
  • Framework-specific implementation notes

Custom & Extended Codes

  • Non-standard proprietary status codes
  • CDN-specific codes (Cloudflare, AWS CloudFront)
  • WebSocket close codes
  • Framework-specific extensions
  • Historical and deprecated codes

HTTP Status Code Categories

HTTP status codes are organized into five categories, each with a specific purpose. Our tool uses intuitive color coding to help you quickly identify the type of response.

1xx Informational

Purpose: Request received, continuing process
Color: Blue
Common Codes: 100 Continue, 101 Switching Protocols, 102 Processing, 103 Early Hints

Use for: Long-running requests, protocol upgrades, WebSocket handshakes, early hints for preloading

2xx Success

Purpose: Request successfully received and accepted
Color: Green
Common Codes: 200 OK, 201 Created, 202 Accepted, 204 No Content, 206 Partial Content

Use for: Successful API responses, resource creation, deletions, partial content delivery

3xx Redirection

Purpose: Further action needed to complete request
Color: Yellow
Common Codes: 301 Moved Permanently, 302 Found, 304 Not Modified, 307 Temporary Redirect, 308 Permanent Redirect

Use for: URL changes, caching, load balancing, SEO-friendly redirects

4xx Client Errors

Purpose: Request contains bad syntax or cannot be fulfilled
Color: Orange
Common Codes: 400 Bad Request, 401 Unauthorized, 403 Forbidden, 404 Not Found, 422 Unprocessable Entity, 429 Too Many Requests

Use for: Invalid input, authentication failures, missing resources, rate limiting

5xx Server Errors

Purpose: Server failed to fulfill valid request
Color: Red
Common Codes: 500 Internal Server Error, 502 Bad Gateway, 503 Service Unavailable, 504 Gateway Timeout, 511 Network Authentication Required

Use for: Server crashes, overload, maintenance, upstream failures, configuration errors

Common Use Cases

🔍 API Development & Debugging

Quick reference for implementing correct status codes in REST APIs, debugging API responses, understanding third-party API errors, and documenting API behavior

🎓 Learning & Education

Comprehensive resource for computer science students, coding bootcamp students, certification exam preparation (AWS, Azure, GCP), and web development courses

🛠️ DevOps & Support

Troubleshoot server errors and gateway issues, monitor application health, explain errors to non-technical users, document incident responses

📝 Technical Writing

Reference for API documentation, error message design, user guides and troubleshooting docs, knowledge base articles about common errors

HTTP Status Code Best Practices

✅ Best Practices

  • Use semantic codes – Choose the most accurate status code for the situation
  • Include error details – Provide helpful error messages in response body with error codes
  • Differentiate errors – Use 400 vs 422 vs 409 appropriately for different error types
  • Return 201 for creation – Use 201 Created with Location header for new resources
  • Use 204 for no content – Return 204 No Content for successful deletes with no body
  • Implement rate limiting – Return 429 Too Many Requests with Retry-After header
  • Use 401 vs 403 correctly – 401 for missing auth, 403 for insufficient permissions
  • Return proper redirects – 301 for permanent, 302/307 for temporary redirects

❌ Avoid These

  • Don’t always return 200 – Use proper error codes even for application-level failures
  • Don’t use 500 for client errors – Reserve 5xx for actual server failures, not validation
  • Don’t confuse 401 and 403 – 401 means “who are you?”, 403 means “I know who you are but no”
  • Avoid custom status codes – Stick to standard HTTP codes for interoperability
  • Don’t hide errors – Returning 200 with error in body breaks HTTP semantics
  • Don’t leak sensitive info – Be careful with stack traces in 500 error messages
  • Don’t ignore caching – Use 304 Not Modified for conditional requests
  • Don’t overuse 200 – Many APIs incorrectly use 200 for everything

Frequently Asked Questions

What’s the difference between 401 Unauthorized and 403 Forbidden?

401 Unauthorized means authentication is required or failed. The client needs to provide valid credentials (“Who are you?”). 403 Forbidden means the server understood the request and knows who you are, but refuses to authorize it – even with valid credentials, access is denied (“I know who you are, but you can’t do that”).

Should I use 301 or 302 for redirects?

301 Moved Permanently tells clients and search engines the resource has permanently moved. Browsers will cache this redirect. Use for permanent URL changes and SEO. 302 Found (or 307 Temporary Redirect) is for temporary redirects. The original URL should still be used in the future. Use for A/B testing, maintenance pages, or temporary moves.

What does 502 Bad Gateway mean and how do I fix it?

502 Bad Gateway means the server acting as a gateway or proxy received an invalid response from an upstream server. Common causes: upstream server is down, network issues between servers, misconfigured proxy/load balancer, upstream server timeout, or upstream returning invalid HTTP response. To fix: check upstream server health, verify network connectivity, review proxy/load balancer config, check upstream server logs.

When should I use 204 No Content?

Use 204 No Content when the request succeeded but there’s no content to return. Common scenarios: DELETE requests (resource deleted successfully), PUT/PATCH updates that don’t return the updated resource, POST actions that don’t create resources (like “mark as read” or “like”), or any action where success is confirmed but no data needs to be sent back.

What’s the difference between 400 Bad Request and 422 Unprocessable Entity?

400 Bad Request means the request is malformed or syntactically incorrect at the HTTP level (invalid JSON, missing required headers, malformed URL). 422 Unprocessable Entity means the request was well-formed but semantically incorrect (validation errors, business logic failures, like “email already exists” or “invalid date range”).

What is 418 I’m a teapot and is it real?

418 I’m a teapot is a real HTTP status code from RFC 2324 (Hyper Text Coffee Pot Control Protocol), an April Fools’ joke from 1998. It was meant as a joke about controlling coffee pots over HTTP. Despite being humorous, it’s officially recognized and sometimes used by developers for Easter eggs or to indicate that the server refuses to brew coffee because it’s a teapot.

Related Developer Tools

🔐 JWT Token Decoder

Decode and verify JWT tokens, analyze claims, and calculate CVSS scores for API security.

Decode JWTs →

🌐 Port Reference Database

Comprehensive database of network ports and their associated services for networking and security.

View Ports →

🛠️ All Developer Tools

Explore our complete suite of free developer and security tools for your workflow.

View All Tools →

Need Help with API Development?

Our development team can help design REST APIs, implement proper error handling, build robust API infrastructure, and ensure your applications use HTTP status codes correctly.

Contact Our Development Team