Complete reference. Search by code number or description.
HTTP status codes are three-digit numbers returned by a server in response to every HTTP request. They tell the client (browser, API consumer, crawler) whether the request succeeded, failed, or needs further action. Understanding these codes is essential for debugging APIs, fixing broken pages, and building robust web applications.
Codes are grouped by their first digit: 1xx (informational — request received, processing), 2xx (success — request accepted and processed), 3xx (redirection — further action needed), 4xx (client error — bad request from the caller), and 5xx (server error — the server failed to fulfill a valid request).
The most commonly encountered codes are 200 OK (success), 301/302 (redirects), 404 Not Found (page doesn't exist), 401/403 (authentication/authorization failures), and 500 Internal Server Error (something broke on the server). This reference covers all standard codes with explanations and common causes.
This tool in other languages:
Français:
Référence des codes HTTP
Español:
Referencia de códigos HTTP
Deutsch:
HTTP-Statuscode-Referenz
Português:
Referência de códigos HTTP
日本語:
HTTPステータスコード一覧
中文:
HTTP 状态码参考
한국어:
HTTP 상태 코드 참조
العربية:
مرجع رموز حالة HTTP
Type a code number (like 404) or a keyword (like not found) in the search box. Matching codes appear instantly with their name, category, description, and common use cases. Filter by category (1xx, 2xx, 3xx, 4xx, 5xx) using the buttons.
401 Unauthorized means authentication is missing or invalid — the user isn't logged in, or the token is bad. 403 Forbidden means the user is authenticated but not allowed to access this resource. 401 says "who are you?", 403 says "you can't have this".
400 Bad Request is for malformed requests — invalid JSON, missing required headers, unparseable input. 422 Unprocessable Entity is for well-formed requests that fail business validation — email already exists, password too short, invalid date range. 400 = syntax error; 422 = semantic error.
201 Created when the POST creates a new resource — include a Location header pointing to it. 200 OK when POSTing to an action endpoint that doesn't create a resource (e.g. /login, /send-email). 204 No Content if the response has no body.
A joke status code from the April Fools 1998 RFC 2324 (Hyper Text Coffee Pot Control Protocol). It's not part of the real HTTP spec, but some frameworks support it as an easter egg. Never use it in production — clients and proxies may not handle it correctly.
The server hit an unhandled exception or misconfiguration. The client did nothing wrong — the issue is server-side. Check your server logs for the actual error. Common causes: unhandled exceptions, database connection failures, missing environment variables, or misconfigured load balancers.