ToolBelt

HTTP Status Codes

Searchable reference of all standard HTTP status codes.

Open tool

Overview

A searchable index of every IANA-registered HTTP status code, from 100 Continue through 511 Network Authentication Required. Each entry includes the canonical phrase, defining RFC, and short notes on when each code is appropriate.

It's for API designers picking the right code for an error case, and for developers reverse-engineering an unfamiliar status from a third-party API. Reach for it when arguing whether 400 or 422 fits better, when investigating a 425 Too Early, or when documenting your own service's responses.

How it works

Status codes are 3-digit integers split into five classes by their first digit: 1xx informational, 2xx success, 3xx redirection, 4xx client error, 5xx server error. The canonical list is the IANA HTTP Status Code Registry, which tracks both RFC-defined and provisional codes.

The reference cross-references the RFC of origin (mostly RFC 9110 today, with a few specialist additions from RFC 6585, RFC 8297, etc.) so you can read the authoritative wording if a code's intent matters.

Examples

  • Common successes: 
    200 OK
201 Created
204 No Content
  • Redirects: 
    301 Moved Permanently (cache-friendly)
302 Found (legacy temporary)
307 Temporary Redirect (preserves method)
308 Permanent Redirect (preserves method)
  • 4xx client errors: 
    400 Bad Request
401 Unauthorized (means "unauthenticated")
403 Forbidden
404 Not Found
422 Unprocessable Content
429 Too Many Requests
  • 5xx server errors: 
    500 Internal Server Error
502 Bad Gateway
503 Service Unavailable
504 Gateway Timeout

FAQ

Is 401 for missing auth or wrong auth?

401 Unauthorized is for "you need to authenticate" - it implies missing or invalid credentials. 403 Forbidden is "I know who you are but you're not allowed."

Should I use 404 or 204 for an empty list?

Neither, usually - an empty collection is 200 with an empty array. 204 means "no body, but a body wasn't expected." 404 means the resource itself wasn't found.

What's the difference between 422 and 400?

400 is for syntactically invalid requests (malformed JSON, wrong content-type). 422 is for semantically valid but rejected requests (validation failed on a parseable body).

Why use 307/308 over 302/301?

307 and 308 preserve the HTTP method on redirect. 301 and 302 historically caused user agents to switch to GET, which surprised lots of API clients.

Try HTTP Status Codes

An unhandled error has occurred. Reload ×