HTTP Status Codes You Must Know
Explained as simply as possible… but not simpler.
Every API response includes a status code. Most early stage engineers only know 200, 404, and 500.
Here are the ones that can set you apart:
2xx - Success
200 OK → Request succeeded
201 Created → New resource created (POST)
204 No Content → Success, nothing to return (DELETE)
3xx - Redirection
301 Moved Permanently → URL changed forever
302 Found → Temporary redirect
4xx - Client Error
400 Bad Request → Malformed request
401 Unauthorized → Not authenticated
403 Forbidden → Authenticated, but not allowed
404 Not Found → Resource doesn’t exist
5xx - Server Error
500 Internal Server Error → Something broke
502 Bad Gateway → Upstream server failed
503 Service Unavailable → Server overloaded
504 Gateway Timeout → Upstream didn’t respond
Like posts like this?
You may also like these:
By subscribing, you get a breakdown like this every week.
Free subscribers also get a little bonus:
🎁 The System Design Interview Preparation Cheat Sheet
If you’re into visuals, paid subscribers unlock:
→ My Excalidraw system design template – so you have somewhere to start
→ My Excalidraw component library – used in the diagram of this issue
No pressure though. Your support helps me keep writing, and I appreciate it more than you know ❤️
Love how clean this breakdown is! The 401 vs 403 distinction is somethng I wish I'd understood earlier—I used to throw 401 for everything auth-related until a code review caught me mixing authentication failures with permission issues. Once I started thinking "who are you?" for 401 and "you're not allowd here" for 403, debugging API errors got way easier. Gonna save this for onboarding new devs on the team!