Pesquise todos os códigos de estado HTTP por nome ou código. Inclui descrições, exemplos e melhores práticas.
60 códigos de estado
The server has received the request headers and the client should proceed to send the request body.
Caso de uso: Large file uploads — client sends Expect: 100-continue before body.
The server agrees to switch protocols as requested by the client.
Caso de uso: WebSocket upgrades: HTTP → WebSocket.
The server has received and is processing the request, but no response is yet available.
Caso de uso: Long-running WebDAV operations to prevent client timeout.
Returns response headers before the final response, allowing the client to preload resources.
Caso de uso: Preloading critical CSS/JS while the server prepares the full response.
The request has succeeded. The response body contains the requested resource.
Caso de uso: Standard successful GET, POST, PUT, PATCH responses.
The request has been fulfilled and a new resource has been created.
Caso de uso: Successful POST that creates a resource. Include Location header pointing to new resource.
The request has been accepted for processing but processing has not been completed.
Caso de uso: Async operations: email sending, report generation, batch jobs.
The response is successful but the information was obtained from a third-party source.
Caso de uso: Proxies or mirrors that transform the original response.
The server successfully processed the request but returns no content.
Caso de uso: DELETE operations, form submissions with no redirect, successful PATCH with no body needed.
The server successfully processed the request and asks the client to reset the document view.
Caso de uso: Forms — server wants the client to clear the form after submission.
The server is delivering only part of the resource due to a range header sent by the client.
Caso de uso: Video streaming, resumable file downloads, pagination of large binary resources.
The response body contains status information for multiple independent operations.
Caso de uso: WebDAV batch operations where each sub-request has its own status.
Members of a DAV binding have already been enumerated in a previous reply.
Caso de uso: WebDAV — avoids re-listing resources already returned.
The server has fulfilled a GET for the resource and the response represents the result of one or more instance manipulations.
Caso de uso: HTTP delta encoding — differential responses for caching efficiency.
The request has more than one possible response. The user should choose one.
Caso de uso: Content negotiation — multiple formats or languages available.
The resource has been permanently moved to a new URL. Future requests should use the new URL.
Caso de uso: Site migration, domain changes. Passes full SEO link equity to new URL.
The resource is temporarily at a different URL. Client should continue using original URL.
Caso de uso: Temporary maintenance pages, A/B testing redirects.
The server directs the client to get the requested resource at another URI using a GET request.
Caso de uso: Post/Redirect/Get pattern — after a successful POST, redirect to a confirmation page.
The resource has not been modified since the last request. Client should use its cached version.
Caso de uso: Conditional GET with If-None-Match or If-Modified-Since. Saves bandwidth.
The resource is temporarily at a different URL. The method and body must not change.
Caso de uso: Like 302, but guarantees the HTTP method is preserved on redirect.
The resource has permanently moved. The method and body must not change.
Caso de uso: Like 301 but method-preserving. Good for migrating POST endpoints.
The server cannot process the request due to client error (malformed syntax, invalid parameters).
Caso de uso: Invalid JSON body, missing required fields, invalid query params, validation failures.
The client must authenticate itself to get the requested response.
Caso de uso: Missing or invalid Bearer token / API key. Should trigger a login prompt.
Reserved for future use; some APIs use it for subscription/paywall responses.
Caso de uso: Paywalled API endpoints, exceeded free-tier limits, subscription required.
The client is authenticated but lacks permission to access the resource.
Caso de uso: User is logged in but lacks the required role or ownership. Don't reveal resource existence.
The server cannot find the requested resource. The URL may be incorrect or the resource deleted.
Caso de uso: Missing pages, deleted resources, invalid IDs. Most common HTTP error.
The HTTP method is not supported for the requested resource.
Caso de uso: Calling DELETE on a read-only endpoint. Include Allow header listing valid methods.
The server cannot produce a response matching the Accept headers sent by the client.
Caso de uso: Client requests application/xml but only JSON is available.
The client must authenticate itself with the proxy server.
Caso de uso: Corporate proxy requiring credentials before passing requests through.
The server timed out waiting for the request.
Caso de uso: Client took too long to send the complete request. Server closes the connection.
The request conflicts with the current state of the server.
Caso de uso: Duplicate username registration, version conflicts in optimistic concurrency.
The resource is permanently deleted and will not be available again.
Caso de uso: Deleted content where you want search engines to deindex permanently.
The server requires a Content-Length header in the request.
Caso de uso: API endpoints that need to pre-allocate resources based on expected body size.
The server does not meet a precondition the client specified in its headers.
Caso de uso: Optimistic concurrency with If-Match/ETags. Edit conflict detection.
The request body is larger than the server is willing to process.
Caso de uso: File upload exceeds limit. Include Retry-After if temporary.
The URI provided was too long for the server to process.
Caso de uso: Excessively long query strings, typically from GET requests with too much data.
The media format of the request body is not supported by the server.
Caso de uso: Sending XML to an endpoint that only accepts JSON.
The range specified in the Range header cannot be fulfilled.
Caso de uso: File download resumed beyond the file's actual size.
The expectation indicated in the Expect header cannot be met by the server.
Caso de uso: Client sends Expect: 100-continue but server can't accommodate it.
The server refuses to brew coffee because it's a teapot (RFC 2324 April Fools' joke).
Caso de uso: Easter egg in APIs. Some services use it to reject clearly bot-driven requests.
The request was well-formed but failed semantic validation.
Caso de uso: JSON is valid but business logic validation fails (e.g., end date before start date).
The resource that is being accessed is locked.
Caso de uso: WebDAV — file checked out by another user.
The request failed because it depended on another request that failed.
Caso de uso: WebDAV batch operations where a prior step failed.
The server is unwilling to process a request that might be replayed.
Caso de uso: TLS 0-RTT early data that could be a replay attack.
The client should switch to a different protocol.
Caso de uso: Server requires HTTPS but received HTTP, or requires HTTP/2.
The server requires the request to be conditional to prevent lost updates.
Caso de uso: API requires If-Match header for update operations to prevent conflicts.
The user has sent too many requests in a given amount of time (rate limiting).
Caso de uso: API rate limits exceeded. Include Retry-After header with wait time.
The server is unwilling to process the request because its header fields are too large.
Caso de uso: Excessively large cookies or too many custom headers.
The resource is unavailable due to legal reasons such as government censorship.
Caso de uso: GDPR compliance blocking, DMCA takedowns, regional legal restrictions.
The server encountered an unexpected condition that prevented it from fulfilling the request.
Caso de uso: Unhandled exceptions, database errors, configuration issues. Generic catch-all.
The server does not support the functionality required to fulfill the request.
Caso de uso: HTTP method not recognized or not yet implemented by the server.
The server, while acting as a gateway, received an invalid response from the upstream server.
Caso de uso: Upstream API timeout, crashed microservice behind load balancer.
The server is temporarily unable to handle the request due to overload or maintenance.
Caso de uso: Planned maintenance, server overload. Include Retry-After header.
The server, acting as a gateway, did not receive a timely response from the upstream server.
Caso de uso: Slow database queries, slow microservices causing proxy timeouts.
The HTTP protocol version used in the request is not supported by the server.
Caso de uso: Rare — client uses an unsupported HTTP version.
The server has an internal configuration error with transparent content negotiation.
Caso de uso: Circular reference in content negotiation configuration.
The server is unable to store the representation needed to complete the request.
Caso de uso: WebDAV — disk full. Also used in some APIs for quota exhaustion.
The server detected an infinite loop while processing the request.
Caso de uso: WebDAV — infinite loop in directory binding.
Further extensions to the request are required for the server to fulfill it.
Caso de uso: HTTP Extension Framework — specific extension policy not met.
The client needs to authenticate to gain network access.
Caso de uso: Captive portals — hotel/airport Wi-Fi login pages.
Os códigos de estado HTTP são números de 3 dígitos devolvidos por um servidor web em resposta a um pedido de cliente. Indicam se um pedido foi bem-sucedido, redirecionado ou encontrou um erro. O primeiro dígito define a classe de resposta: 1xx (informacional), 2xx (sucesso), 3xx (redirecionamento), 4xx (erro do cliente), 5xx (erro do servidor).
301 (Moved Permanently) informa os navegadores e motores de busca que uma página foi permanentemente movida para um novo URL, transferindo todo o link equity de SEO para o novo URL. 302 (Found / Temporary Redirect) sinaliza uma mudança temporária; os navegadores redirecionam, mas os motores de busca normalmente mantêm o URL original indexado.
401 Unauthorized significa que o cliente não está autenticado — nenhuma credencial fornecida ou credenciais inválidas. 403 Forbidden significa que o cliente está autenticado mas não está autorizado a aceder ao recurso. Use 401 para solicitar um início de sessão e 403 quando o utilizador está autenticado mas não tem permissão.
Para um POST bem-sucedido que cria um recurso, devolva 201 Created com um cabeçalho Location apontando para o novo recurso. Para um POST bem-sucedido que desencadeia processamento sem criar um recurso, devolva 200 OK. Para operações assíncronas onde o processamento ainda não foi concluído, devolva 202 Accepted.
Ferramentas Relacionadas