The server has received the request headers and the client should proceed to send the request body.

The requester has asked the server to switch protocols and the server has agreed to do so.

The server has received and is processing the request, but no response is available yet (WebDAV).

Used to return some response headers before final HTTP message, useful for preloading resources.

The request succeeded. The meaning depends on the HTTP method: GET returns the resource, POST returns the result.

The request succeeded, and a new resource was created. The Location header should point to the new resource.

The request has been received but not yet acted upon. Used for async processing (e.g. background jobs).

The returned metadata is not exactly the same as from the origin server — it may be from a cached copy or modified proxy.

There is no content to send for this request, but the headers may be useful. Used for DELETE or PATCH with no body.

Tells the user-agent to reset the document that sent this request — useful after submitting a form.

This response is used when the Range header is sent from the client to request only part of a resource (e.g. video streaming).

Conveys information about multiple resources in situations where multiple status codes might be appropriate (WebDAV).

Used inside a DAV propstat response element to avoid enumerating bindings repeatedly (WebDAV).

The server has fulfilled a GET request, and the response is a representation of the result of one or more instance-manipulations.

The request has more than one possible response. The user agent or user should choose one.

The URL of the requested resource has been changed permanently. The new URL is given in the Location header.

The URI of the requested resource has been changed temporarily. The client should use the original URL in future requests.

The server sends this response to direct the client to get the resource at another URI with a GET request — typically after a POST.

The response has not been modified, so the client can continue to use the cached version. Used with If-None-Match and If-Modified-Since headers.

The resource is temporarily located at another URI. Unlike 302, the HTTP method must not change.

The resource is now permanently at another URI. Like 301, but the HTTP method must not change (POST stays POST).

The server cannot or will not process the request due to malformed syntax, invalid request message framing, or deceptive request routing.

Although named "Unauthorized", this means "unauthenticated". The client must authenticate to get the requested response.

Reserved for future use, but increasingly used by SaaS APIs to signal a rate limit or subscription requirement.

The client does not have access rights to the content. Unlike 401, the client's identity is known but they lack permission.

The server cannot find the requested resource. The URL is not recognized. May also be returned intentionally to hide existence of a resource.

The request method is known by the server but not supported by the target resource. The Allow header must be returned.

No content conforming to the criteria given by the user agent's Accept headers was found.

Authentication must be done by a proxy before the request is served.

The server timed out waiting for the request. The client may repeat the request.

The request conflicts with the current state of the server. Usually occurs with PUT requests and version control.

The requested content has been permanently deleted from the server and will not be reinstated. Preferred over 404 for deliberately removed content.

Server rejected the request because the Content-Length header is not defined and the server requires it.

The client has indicated preconditions in its headers which the server does not meet (e.g. If-Match, If-Unmodified-Since).

Request entity is larger than limits defined by the server. The server may close the connection or return a Retry-After header.

The URI requested by the client is longer than the server is willing to interpret.

The media format of the requested data is not supported by the server.

The range specified by the Range header in the request can't be fulfilled. Possibly out of bounds for the resource.

The expectation indicated by the Expect request header can't be met by the server.

The server refuses to brew coffee because it is, permanently, a teapot. An April Fools' joke from RFC 2324 (1998) — now a real status code.

The request was directed at a server that is not able to produce a response (HTTP/2 connection reuse issue).

The request was well-formed but could not be processed due to semantic errors (e.g. validation failures).

The resource that is being accessed is locked (WebDAV). No modifications are allowed until the lock is released.

The request failed because it depended on another request that failed (WebDAV).

Indicates that the server is unwilling to risk processing a request that might be replayed (TLS 1.3 early data).

The server refuses to perform the request using the current protocol but will accept it using a different protocol.

The origin server requires the request to be conditional to prevent lost update problems.

The user has sent too many requests in a given amount of time (rate limiting). The response should include a Retry-After header.

The server is unwilling to process the request because its header fields are too large.

The user requested a resource that cannot be legally provided (e.g. content blocked in a country due to law).

The server has encountered a situation it does not know how to handle. This is a generic catch-all error.

The request method is not supported by the server and cannot be handled. Only GET and HEAD may not produce 501.

The server, while acting as a gateway or proxy, received an invalid response from the upstream server.

The server is not ready to handle the request. Common causes: server is down for maintenance or is overloaded.

The server is acting as a gateway and did not get a timely response from an upstream server.

The HTTP version used in the request is not supported by the server.

The server has an internal configuration error — the chosen variant resource is configured to engage in transparent content negotiation itself.

The server is unable to store the representation needed to complete the request (WebDAV).

The server detected an infinite loop while processing the request (WebDAV).

Further extensions to the request are required for the server to fulfil it.

The client needs to authenticate to gain network access — used by captive portals (hotel Wi-Fi, etc.).