REST API Status Codes and Error Response Design

REST API•Permalink

Practical HTTP status codes, error response bodies, validation failures, and troubleshooting-friendly API error contracts.

View

Standard Detailed Compact

Export

Copy the compact sheet, download it, or print it.

Download

`D` dense toggle · `C` copy all

## Success status codes

200 OK

↗#

HTTP/1.1 200 OK

# Standard success response with a body.

201 Created

↗#

HTTP/1.1 201 Created
Location: /users/usr_123

# Successful resource creation.

202 Accepted

↗#

HTTP/1.1 202 Accepted

# Accepted for asynchronous processing.

204 No Content

↗#

HTTP/1.1 204 No Content

# Success without a response body.

304 Not Modified

↗#

HTTP/1.1 304 Not Modified

# Cache validation succeeded; body omitted.

## Client and server errors

400 Bad Request

↗#

HTTP/1.1 400 Bad Request

# Malformed request syntax or invalid shape.

401 Unauthorized

↗#

HTTP/1.1 401 Unauthorized
WWW-Authenticate: Bearer

# Missing or invalid authentication credentials.

403 Forbidden

↗#

HTTP/1.1 403 Forbidden

# Authenticated but not allowed to perform the action.

404 Not Found

↗#

HTTP/1.1 404 Not Found

# The resource does not exist.

409 Conflict

↗#

HTTP/1.1 409 Conflict

# Request conflicts with current resource state.

412 Precondition Failed

↗#

HTTP/1.1 412 Precondition Failed

# Optimistic concurrency guard failed.

422 Unprocessable Content

↗#

HTTP/1.1 422 Unprocessable Content

# Well-formed request but semantic validation failed.

429 Too Many Requests

↗#

HTTP/1.1 429 Too Many Requests
Retry-After: 60

# The client exceeded the rate limit.

500 Internal Server Error

↗#

HTTP/1.1 500 Internal Server Error

# Unexpected server-side failure.

## Error response body

Standard error object

↗#

{
  "error": {
    "code": "EMAIL_ALREADY_EXISTS",
    "message": "An account with that email already exists.",
    "details": {
      "field": "email"
    },
    "request_id": "req_01HXYZ..."
  }
}

# A compact structured error response.

Validation errors by field

↗#

{
  "error": {
    "code": "VALIDATION_FAILED",
    "message": "One or more fields are invalid.",
    "fields": [
      { "name": "email", "code": "INVALID_FORMAT" },
      { "name": "password", "code": "TOO_SHORT" }
    ]
  }
}

# Return multiple field-level issues at once.

More in REST API

REST API Best Practices and Anti-Patterns

High-signal design rules, consistency patterns, and common mistakes to avoid in production APIs.

REST API Request and Response Patterns

JSON request bodies, envelope choices, sparse fieldsets, includes, concurrency control, and common response contracts.

REST API Authentication, Authorization, and Versioning

Bearer auth, API keys, permission errors, versioning strategies, and compatibility patterns for HTTP APIs.

REST API Pagination, Filtering, Sorting, and Search

Common collection query patterns including offset pagination, cursor pagination, filtering, sorting, and search.

REST API Resource Naming and URL Design

Naming conventions for resources, relationships, nested endpoints, and clean URL design.

REST API Methods and Idempotency

HTTP methods, safe vs unsafe semantics, and idempotency examples for API consumers and designers.

Recommended next

No recommendations yet.

Browse all sheets →