HTTP Response Standards

Successful responses (200 – 299)

The request succeeded. The result meaning of "success" depends on the HTTP method:

GET: The resource has been fetched and transmitted in the message body.
HEAD: The representation headers are included in the response without any message body.
PUT or POST: The resource describing the result of the action is transmitted in the message body.
TRACE: The message body contains the request message as received by the server.

The request succeeded, and a new resource was created as a result. This is typically the response sent after POST requests, or some PUT requests.

There is no content to send for this request, but the headers may be useful. The user agent may update its cached headers for this resource with the new ones.

Client error responses (400-499)

The server cannot or will not process the request due to something that is perceived to be a client error (e.g., payload incorrect, invalid request message framing, or deceptive request routing).

Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response.

The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web.

This response is sent when the web server, after performing server-driven content negotiation, doesn't find any content that conforms to the criteria given by the user agent.

The client has indicated preconditions in its headers which the server does not meet.

The media format of the requested data is not supported by the server, so the server is rejecting the request.

The user has sent too many requests in a given amount of time ("rate limiting").

The server is unwilling to process the request because its header fields are too large. The request may be resubmitted after reducing the size of the request header fields.

Server error responses (500-599)

The server has encountered a situation it does not know how to handle.

This error response means that the server, while working as a gateway to get a response needed to handle the request, got an invalid response.

The server is not ready to handle the request. Common causes are a server that is down for maintenance or that is overloaded.

This error response is given when the server is acting as a gateway and cannot get a response in time.

The HTTP version used in the request is not supported by the server.

Indicates that the client needs to authenticate to gain network access.