Complete reference for every HTTP response status code. Search, filter, and understand what each code means — from 100 to 599.
HTTP status codes are three-digit numbers returned by a server in response to a client request. They indicate whether the request was successful, redirected, or resulted in an error. Understanding these codes is essential for web development, API design, and debugging.
200 OK — The request succeeded201 Created — A new resource was successfully created301 Moved Permanently — Resource has been permanently moved (SEO-friendly redirect)304 Not Modified — Cached version is still valid400 Bad Request — Server cannot process the request due to client error401 Unauthorized — Authentication is required403 Forbidden — Server refuses to authorize the request404 Not Found — The requested resource doesn't exist429 Too Many Requests — Rate limiting in effect500 Internal Server Error — Generic server-side failure502 Bad Gateway — Invalid response from an upstream server503 Service Unavailable — Server is temporarily unavailable200 for successful GET/PUT/PATCH/DELETE201 for successful POST that creates a resource204 for successful DELETE with no response body400 for validation errors401 vs 403 — 401 means "not authenticated", 403 means "authenticated but not authorized"404 for missing resources409 for conflicts (duplicate entries)422 for unprocessable entity (semantically invalid)429 with Retry-After header for rate limitingCheck out our other developer tools — JSON Formatter, JWT Decoder, and more.
Browse All Tools →A 301 (Moved Permanently) tells browsers and search engines that the resource has permanently moved to a new URL. Search engines transfer link equity and update their index. A 302 indicates a temporary move and search engines keep the original URL indexed. Use 301 for permanent SEO redirects and 302 for temporary campaigns or A/B tests.
401 Unauthorized means the request requires authentication — the user is not logged in or their token is invalid. 403 Forbidden means the server understood the request but refuses to authorize it — the user is authenticated but lacks permission. Use 401 when credentials are missing, 403 when they're present but insufficient.
Use 404 when a resource doesn't exist but may come back. Use 410 (Gone) when a resource has been permanently deleted and will never return. Search engines de-index 410 pages faster than 404 pages. For SEO cleanup of removed products or deleted content, 410 is the more precise and efficient signal.
429 Too Many Requests means the client has sent too many requests in a given time and the server is rate-limiting them. The response often includes a Retry-After header indicating when to retry. APIs use 429 to enforce usage limits. Clients should implement exponential backoff when receiving 429 responses.
500 Internal Server Error is a generic server-side error indicating something unexpected went wrong — a crash, unhandled exception, or misconfiguration. 503 Service Unavailable means the server is temporarily unable to handle requests due to overload or maintenance. 503 typically includes a Retry-After header. Use 503 during planned downtime; 500 signals an unexpected failure.