Developer Tool

HTTP Status Codes Reference

Searchable reference for every HTTP status code (100–599) — plain-English meanings, retry strategies and real-world examples. Free dev reference.

✅ Free Forever 🔒 No Signup ⚡ Instant Results 🌐 Browser Based

Quick Answer

The HTTP Status Codes Reference is a searchable index of every HTTP response code (100–599) with plain-English meaning, when it occurs, and the recommended retry strategy. Filter by 1xx / 2xx / 3xx / 4xx / 5xx or search any code or term to find what you need in one click.

34 status codes

100

Continue

The server has received the request headers and the client should proceed with the request body.

Retry strategy: No retry — informational.

101

Switching Protocols

Server is switching protocols as requested (e.g. WebSocket upgrade).

Retry strategy: No retry.

102

Processing (WebDAV)

Server is processing the request but no final response yet.

Retry strategy: Wait.

200

Request succeeded. Response body contains the requested data.

Retry strategy: No retry needed.

201

Created

Resource created successfully. Often returned by POST. Location header points to the new resource.

Retry strategy: No retry.

202

Accepted

Request accepted for processing but not completed yet. Common for async / queue endpoints.

Retry strategy: Poll the status endpoint.

204

No Content

Request succeeded but there is no representation to return (often after DELETE or PUT).

Retry strategy: No retry.

206

Partial Content

Returned when responding to a Range request — used by video streaming and resumable downloads.

Retry strategy: No retry.

301

Moved Permanently

Resource has moved permanently. Update links to the new URL in Location header. Cached by browsers and crawlers.

Retry strategy: Follow the redirect.

302

Found

Temporary redirect. The resource is at the URL in Location, but the change is not permanent.

Retry strategy: Follow the redirect.

303

See Other

After a POST, redirects the client to a GET on the result URL. Used to prevent re-submitting forms on refresh.

Retry strategy: Follow with GET.

304

Not Modified

Conditional GET — the cached version is still valid. Used with ETag / If-Modified-Since.

Retry strategy: Use cached copy.

307

Temporary Redirect

Like 302 but preserves the request method. POST stays POST on the redirected URL.

Retry strategy: Follow with same method.

308

Permanent Redirect

Like 301 but preserves the request method. Use for permanent URL changes that must keep POST/PUT body.

Retry strategy: Follow with same method.

400

Bad Request

Request is malformed — missing required parameter, invalid JSON, schema validation failed.

Retry strategy: Do NOT retry — fix the request.

401

Unauthorized

Authentication required, or provided credentials are invalid / expired. Misnamed — should be "Unauthenticated".

Retry strategy: Refresh token, then retry once.

402

Payment Required

Reserved for future use. Some APIs (Stripe, GitHub) use it for billing-related rejections.

Retry strategy: Do NOT retry — resolve billing issue.

403

Forbidden

You are authenticated but lack permission for this resource. Differs from 401 — credentials are valid, just not authorized.

Retry strategy: Do NOT retry.

404

Not Found

Resource does not exist at this URL. May also indicate the server is hiding the existence of a resource (vs 403).

Retry strategy: Do NOT retry.

405

Method Not Allowed

HTTP method (GET, POST, etc.) is not supported for this URL. Check the Allow response header.

Retry strategy: Do NOT retry — use a different method.

408

Request Timeout

Server timed out waiting for the request. Often a network issue between client and server.

Retry strategy: Retry with backoff.

409

Conflict

Request conflicts with current resource state (e.g. duplicate creation, version mismatch on optimistic concurrency).

Retry strategy: Refetch state and retry.

410

Gone

Resource existed but has been permanently deleted. Stronger than 404 — explicit "do not look here again".

Retry strategy: Do NOT retry.

413

Payload Too Large

Request body exceeds the server's configured maximum. Common with file uploads.

Retry strategy: Reduce payload size.

415

Unsupported Media Type

Content-Type of the request is not accepted by the server.

Retry strategy: Send correct Content-Type.

422

Unprocessable Entity

Request syntactically correct but semantically invalid (e.g. valid JSON but business rule violated).

Retry strategy: Fix the data and retry.

429

Too Many Requests

Rate-limited. Inspect Retry-After header to know when to retry.

Retry strategy: Wait Retry-After seconds, then retry.

500

Internal Server Error

Generic server-side failure. Check server logs.

Retry strategy: Retry with exponential backoff (3 attempts max).

501

Not Implemented

Server does not support the functionality required to fulfill the request.

Retry strategy: Do NOT retry.

502

Bad Gateway

Server received an invalid response from an upstream server. Common in load-balanced / proxied setups.

Retry strategy: Retry — usually transient.

503

Service Unavailable

Server is temporarily down (overload, maintenance). Check Retry-After header.

Retry strategy: Retry after Retry-After.

504

Gateway Timeout

Upstream server failed to respond in time. Different from 408 (which is client→server timeout).

Retry strategy: Retry — increase client timeout if persistent.

507

Insufficient Storage (WebDAV)

Server cannot store the representation needed to complete the request.

Retry strategy: Do NOT retry — free space first.

511

Network Authentication Required

Client must authenticate to gain network access. Used by captive portals (e.g. hotel WiFi).

Retry strategy: Authenticate then retry.

Quick Facts

Tool Name: HTTP Status Codes Reference
Category: Developer Tool
Price: ✓ Free
Platform: Browser Based
Login Required: ✓ No
Last updated: 2026-05-20

How to Use HTTP Status Codes Reference

Enter Your Input
Paste your text or fill in the required fields in the tool above.
Click Generate
Hit the generate or analyze button to start processing.
Get Instant Results
The tool processes your input instantly in your browser.
Copy or Export
Copy your results to clipboard or download the output.

Frequently Asked Questions

Everything you need to know about HTTP Status Codes Reference

What's the difference between 401 and 403?

401 Unauthorized means the request has no valid credentials — authenticate first, then retry. 403 Forbidden means you are authenticated, but your account doesn't have permission for this resource. Misnamed historically: 401 really means 'unauthenticated', 403 really means 'unauthorized'.

When should I return 422 vs 400?

400 Bad Request = request is syntactically malformed (invalid JSON, missing required header, can't be parsed). 422 Unprocessable Entity = request parses fine but violates a business rule (e.g. age = -5, or email already registered). 422 is preferred for validation failures in REST APIs.

What does 'Retry-After' mean and which codes use it?

Retry-After is a response header telling the client when to retry. Used with 429 (Too Many Requests), 503 (Service Unavailable), and sometimes 3xx redirects. Value is either seconds (e.g. '120') or an HTTP-date. Honor it — exponential backoff alone can make rate-limited APIs worse.

Is 200 always success even if my JSON contains an error?

HTTP status describes the HTTP transaction, not your application logic. A REST API returning 200 with {error: 'not found'} is widely considered an anti-pattern — use 404 instead. GraphQL is the notable exception: it always returns 200 and surfaces errors in the response body.

Should I cache 404 responses?

By default, yes — 404 is cacheable per RFC 9111 with a default freshness lifetime. If a 404 is genuinely temporary (your DB is rebuilding), explicitly send Cache-Control: no-store. For permanent removals, use 410 Gone instead — it signals 'don't bother checking again'.

Need more than free tools?

Get Custom AI Solutions from AI2Flows