HTTP Status Codes Cheat Sheet
Overview of HTTP response codes and their respective purpose
API: /api/v1/cheatsheet/http-status-codes-cheat-sheet
1xx — Informational
| Code | Meaning | Notes |
|---|---|---|
| 100 | Continue | Client should continue request |
| 101 | Switching | Protocols e.g. HTTP → WebSocket |
| 102 | Processing | Server is working (WebDAV) |
Rarely used in frontend/backend code directly
2xx — Success
| Code | Meaning | Usage |
|---|---|---|
| 200 | OK | Standard success (GET, PUT) |
| 201 | Created | Resource created (POST) |
| 202 | Accepted | Processing async |
| 204 | No Content | Success, no body (DELETE) |
| 206 | Partial Content | Range requests (downloads, streaming) |
Example: HTTP/1.1 200 OK
3xx — Redirection
| Code | Meaning | Notes |
|---|---|---|
| 301 | Moved Permanently | SEO-relevant redirect |
| 302 | Found | Temporary redirect |
| 303 | See Other | Redirect after POST |
| 304 | Not Modified | Cache hit |
| 307 | Temporary Redirect | Keeps method |
| 308 | Permanent Redirect | Keeps method |
301/308 = permanent 302/307 = temporary
4xx — Client Errors
| Code | Meaning | Usage |
|---|---|---|
| 400 | Bad Request | Invalid input |
| 401 | Unauthorized | Missing/invalid auth |
| 403 | Forbidden | Auth OK, no permission |
| 404 | Not Found | Resource missing |
| 405 | Method Not Allowed | Wrong HTTP method |
| 406 | Not Acceptable | Cannot satisfy headers |
| 408 | Request Timeout | Client too slow |
| 409 | Conflict | State conflict (e.g. duplicate) |
| 410 | Gone | Permanently removed |
| 413 | Payload Too Large | Request too big |
| 415 | Unsupported Media Type | Wrong content type |
| 422 | Unprocessable Entity | Validation failed (common in APIs) |
| 429 | Too Many Requests | Rate limiting |
Example: HTTP/1.1 404 Not Found
5xx — Server Errors
| Code | Meaning | Notes |
|---|---|---|
| 500 | Internal Server Error | Generic failure |
| 501 | Not Implemented | Feature missing |
| 502 | Bad Gateway | Upstream server error |
| 503 | Service Unavailable | Server overloaded/down |
| 504 | Gateway Timeout | Upstream timeout |
Practical API Mapping
Typical REST patterns
- GET success 200
- POST created 201
- DELETE success 204
- Invalid input 400 / 422
- Unauthorized 401
- Forbidden 403
- Not found 404
- Server crash 500
Important Distinctions
401 vs 403
- 401 → not authenticated
- 403 → authenticated but not allowed
400 vs 422
- 400 → malformed request
- 422 → valid format, invalid data
301 vs 308 - Both permanent - 308 preserves HTTP method, 301 may not
Quick Reference
- 1xx → Info
- 2xx → Success
- 3xx → Redirect
- 4xx → Client error
- 5xx → Server error
Most Common Codes
- 200 OK
- 201 Created
- 204 No Content
- 301 Moved Permanently
- 302 Found
- 304 Not Modified
- 400 Bad Request
- 401 Unauthorized
- 403 Forbidden
- 404 Not Found
- 409 Conflict
- 422 Unprocessable Entity
- 429 Too Many Requests
- 500 Internal Server Error
- 502 Bad Gateway
- 503 Service Unavailable
- 504 Gateway Timeout
Join the Newsletter
Practical insights on Django, backend systems, deployment, architecture, and real-world development — delivered without noise.
Get updates when new guides, learning paths, cheat sheets, and field notes are published.
No spam. Unsubscribe anytime.
There is no third-party involved so don't worry - we won't share your details with anyone.