1xx–5xx status codes with descriptions
Reference100 Continue Client should continue
101 Switching Protocols Protocol upgrade (WebSocket)
102 Processing WebDAV: still processing
103 Early Hints Preload resources200 OK Standard success
201 Created Resource created (POST)
202 Accepted Accepted, processing async
204 No Content Success, no body (DELETE)
206 Partial Content Range request fulfilled
207 Multi-Status WebDAV: multiple statuses301 Moved Permanently URL changed forever
302 Found Temporary redirect
303 See Other Redirect to GET
304 Not Modified Cached version OK
307 Temporary Redirect Keep method, temp
308 Permanent Redirect Keep method, permanent
301 vs 308: 301 may change POST→GET, 308 keeps method
302 vs 307: 302 may change POST→GET, 307 keeps method400 Bad Request Malformed request
401 Unauthorized Auth required
403 Forbidden Auth OK but no permission
404 Not Found Resource not found
405 Method Not Allowed Wrong HTTP method
406 Not Acceptable Can't match Accept header
408 Request Timeout Client took too long
409 Conflict State conflict
410 Gone Permanently removed
411 Length Required Content-Length needed
413 Payload Too Large Body too big
415 Unsupported Media Type Wrong Content-Type
422 Unprocessable Entity Validation error
429 Too Many Requests Rate limited
451 Unavailable For Legal Legal reasons500 Internal Server Error Generic server error
501 Not Implemented Method not supported
502 Bad Gateway Invalid upstream response
503 Service Unavailable Server overloaded/down
504 Gateway Timeout Upstream timeout
505 HTTP Version Not SupportedAPI Design — typical usage:
GET /users → 200 list
GET /users/1 → 200 | 404 get one
POST /users → 201 create
PUT /users/1 → 200 full update
PATCH /users/1 → 200 partial update
DELETE /users/1 → 204 delete
Auth flow:
POST /login → 200 (token) | 401 (invalid)
GET /admin → 403 (no permission) | 401 (no auth)
Validation:
POST /users → 422 (bad data) | 409 (duplicate)