HTTP Status Codes
The HTTP Status codes allow a server to communicate the results of processing a client’s request. These
status codes are grouped into the following categories:
•  Informational Codes—Status codes indicating that the server has received the
request but hasn’t completed processing it. These intermediate response codes are
in the 100 series.
•  Success Codes—Status codes indicating that the request has been successfully
received and processed. These codes are in the 200 series.
•  Redirection Codes—Status codes indicating that the request has been processed, but
the client must perform an additional action to complete the request. These actions
typically involve redirecting to a different location to get the resource. These codes
are in the 300 series.
•  Client Error Codes—Status codes indicating that there was an error or a problem
with client’s request. These codes are in the 400 series.
•  Server Error Codes—Status codes indicating that there was an error on the server
while processing the client’s request. These codes are in the 500 series.
The HTTP Status codes play an important role in REST API design as meaningful codes help
communicate the right status, enabling the client to react appropriately. Table 1-2 shows some of the
important status codes into which you typically run.

Table 1-2. HTTP status codes and their descriptions
Status Code Description
100 (Continue) Indicates that the server has received the first part of the request and the rest
of the request should be sent.
200 (OK) Indicates that all went well with the request.
201 (Created) Indicates that request was completed and a new resource got created.
202 (Accepted) Indicates that request has been accepted but is still being processed.
204 (No Content) Indicates that the server has completed the request and has no entity body to
send to the client.
301 (Moved Permanently) Indicates that the requested resource has been moved to a new location and
a new URI needs to be used to access the resource.
400 (Bad Request) Indicates that the request is malformed and the server is not able to
understand the request.
401 (Unauthorized) Indicates that the client needs to authenticate before accessing the resource.
If the request already contains client’s credentials, then a 401 indicates
invalid credentials (e.g., bad password).
403 (Forbidden) Indicates that the server understood the request but is refusing to fulfill it.
This could be because the resource is being accessed from a blacklisted IP
address or outside the approved time window.
404 (Not Found) Indicates that the resource at the requested URI doesn’t exist.
406 (Not Acceptable) Indicates that the server is capable of processing the request; however, the
generated response may not be acceptable to the client. This happens when
the client becomes too picky with its accept headers.
500 (Internal Server Error) Indicates that there was an error on the server while processing the request
and that the request can’t be completed.
503 (Service Unavailable) Indicates that the request can’t be completed, as the server is overloaded or
going through scheduled maintenance.