100% Free Forever
AI-Powered Learning
Industry Expert Content
Certificates & Badges
Learn At Your Own Pace

HTTP Status Codes Cheat Sheet

HTTP Status Codes Cheat Sheet

A complete reference of 2xx, 3xx, 4xx, and 5xx HTTP status codes with correct meanings and example server-side usage.

1 PageBeginnerMar 2, 2026

Setting Status Codes (Express)

Returning the right code from a REST endpoint.

javascript
const express = require('express');const app = express();app.get('/users/:id', (req, res) => {  const user = db.findUser(req.params.id);  if (!user) return res.status(404).json({ error: 'User not found' });  res.status(200).json(user);});app.post('/users', (req, res) => {  const user = db.createUser(req.body);  res.status(201).location(`/users/${user.id}`).json(user);});app.delete('/users/:id', (req, res) => {  db.deleteUser(req.params.id);  res.status(204).send(); // no body});app.use((req, res) => res.status(404).json({ error: 'Route not found' }));

2xx Success & 3xx Redirection

Codes for successful and redirected requests.

  • 200 OK- Standard success response with a response body
  • 201 Created- Resource created; typically includes a Location header pointing to it
  • 204 No Content- Success with no response body (common for DELETE)
  • 301 Moved Permanently- Resource permanently relocated; clients should update stored links
  • 302 Found- Temporary redirect
  • 304 Not Modified- Cached response is still valid (used with ETag/If-None-Match)
  • 307/308- Temporary/Permanent redirect that preserves the original method and body

4xx Client Errors

Codes indicating a problem with the request.

  • 400 Bad Request- Malformed syntax or invalid request parameters
  • 401 Unauthorized- Missing/invalid authentication credentials
  • 403 Forbidden- Authenticated but not permitted to access this resource
  • 404 Not Found- Resource doesn't exist at this URL
  • 405 Method Not Allowed- The URL exists but doesn't support this HTTP method
  • 409 Conflict- Request conflicts with current state (e.g. duplicate resource)
  • 422 Unprocessable Entity- Syntactically valid but semantically invalid (e.g. failed validation)
  • 429 Too Many Requests- Rate limit exceeded; often includes a Retry-After header

5xx Server Errors

Codes indicating the server failed to fulfill a valid request.

  • 500 Internal Server Error- Generic catch-all for unhandled server-side exceptions
  • 502 Bad Gateway- Upstream server (behind a reverse proxy) returned an invalid response
  • 503 Service Unavailable- Server temporarily overloaded or down for maintenance
  • 504 Gateway Timeout- Upstream server did not respond in time
  • 507 Insufficient Storage- Server can't store the representation needed to complete the request (WebDAV)
Pro Tip

Distinguish 401 vs 403 correctly: return 401 when the client isn't authenticated at all (or its token is invalid/expired), and 403 when it's authenticated but lacks permission — conflating them makes API errors far harder to handle.

Was this cheat sheet helpful?

Explore Topics

#HTTPStatusCodes#HTTPStatusCodesCheatSheet#WebDevelopment#Beginner#Setting#Status#Codes#Express#Networking#CheatSheet#SkillVeris
Advertisement
Sri Hayavadhana Info-Tech

Professional Web Designing Services

  • Responsive Websites
  • E-commerce Solutions
  • SEO Friendly Design
  • Fast & Secure
  • Support & Maintenance
Get a Free Quote

Share this Cheat Sheet