HTTP status codes

Continue

The server received the request headers. The client should proceed to send the body. Used with large uploads to check if the server will accept the request before sending the full payload.

Switching Protocols

The server is switching to the protocol the client requested. Most commonly seen when upgrading an HTTP connection to a WebSocket.

Processing

The server received the request and is still working on it. Prevents the client from timing out on long-running operations.

Early Hints

The server is sending headers before the final response. Lets the browser start loading CSS and JS while the server is still generating the page.

OK

The request succeeded. This is the response you want to see. For GET requests, the body contains the requested resource. For POST requests, the body contains the result of the action.

Created

The request succeeded and a new resource was created. Typically returned by POST endpoints. The Location header usually points to the new resource.

Accepted

The request was accepted but hasn't been processed yet. Used for async operations — the server is saying "I got it, I'll handle it later." Common with job queues and webhooks.

No Content

The request succeeded but there's nothing to send back. Common for DELETE requests and PUT/PATCH updates where you don't need the updated resource returned.

Partial Content

The server is delivering only part of the resource. Used for range requests — downloading a large file in chunks, or resuming a broken download.

Moved Permanently

The resource has permanently moved to a new URL. Search engines transfer ranking to the new URL. Browsers cache this aggressively — if you set one by mistake, it can be hard to undo.

Found

The resource is temporarily at a different URL. The client should continue using the original URL for future requests. Often used for login redirects and temporary maintenance pages.

See Other

The response to your request is at a different URL, and you should use GET to retrieve it. Common after a POST — the server is saying "the thing you created is over here."

Not Modified

The resource hasn't changed since your last request. The server is telling the client to use its cached copy. This is a good thing — it means caching is working.

Temporary Redirect

Like 302 but stricter — the client must use the same HTTP method for the redirected request. A POST stays a POST. 302 technically allows the method to change.

Permanent Redirect

Like 301 but stricter — the client must use the same HTTP method. A POST to the old URL should POST to the new URL too.

Bad Request

The server can't process the request because something is wrong with it. Missing required fields, invalid JSON, wrong data types. Check your request body and query parameters.

Unauthorized

Authentication is required but was missing or invalid. Despite the name, this is about authentication (who you are), not authorization (what you can do). Check your API key or session.

Forbidden

The server understood the request but refuses to authorize it. You're authenticated, but you don't have permission. Unlike 401, re-authenticating won't help.

Not Found

The resource doesn't exist at this URL. Either the URL is wrong, the resource was deleted, or it never existed. The most familiar HTTP error code.

Method Not Allowed

The HTTP method isn't supported for this URL. You sent a DELETE to an endpoint that only accepts GET and POST. The response includes an Allow header listing valid methods.

Request Timeout

The server timed out waiting for the request. The client took too long to send the full request. Different from a gateway timeout (504) which is about the server being slow.

Conflict

The request conflicts with the current state of the resource. Common with concurrent updates — two people editing the same record, or trying to create a resource that already exists.

Gone

The resource existed but has been permanently deleted. Unlike 404, this is deliberate — the server is saying "it was here, it's not anymore, and it's not coming back."

Content Too Large

The request body is larger than the server is willing to accept. Common when uploading files that exceed the server's size limit.

Unsupported Media Type

The server doesn't support the Content-Type of the request. You sent XML but the endpoint only accepts JSON, or you forgot the Content-Type header entirely.

Unprocessable Content

The request is well-formed but the content is invalid. The JSON is valid, but the data doesn't pass validation — missing required fields, values out of range, business rule violations.

Too Many Requests

You've hit a rate limit. The server is telling you to slow down. Check the Retry-After header for how long to wait. If you're seeing this in monitoring, your checks might be too frequent.

Internal Server Error

Something went wrong on the server. The catch-all error. Could be an unhandled exception, a crashed process, or a bug. If you're seeing this in your monitoring, check your server logs.

Bad Gateway

The server acting as a gateway got an invalid response from the upstream server. Your load balancer or reverse proxy (Nginx, Cloudflare) reached your application server, but the app returned garbage or didn't respond.

Service Unavailable

The server can't handle the request right now. Usually means the server is overloaded or down for maintenance. Often temporary — check back in a few minutes. A Retry-After header may be present.

Gateway Timeout

The gateway server didn't get a response from the upstream server in time. Your app is too slow or has hung. If you're seeing this in monitoring, the problem is usually in your application, not the gateway.

Web Server Error

Cloudflare-specific. The origin server returned an unexpected response. Often means the origin is returning an empty response, a response that's too large, or an invalid HTTP response.

Web Server Down

Cloudflare-specific. The origin server refused the connection. Your server is down, firewalling Cloudflare's IPs, or not listening on the right port.

Connection Timed Out

Cloudflare-specific. The TCP connection to the origin server timed out. The server is unreachable, overloaded, or there's a network issue between Cloudflare and your origin.

Origin Unreachable

Cloudflare-specific. Cloudflare can't reach the origin server at all. DNS is pointing to the wrong IP, or the origin server is completely offline.