4xx – client error

This list shows the client error codes:

• 400 Bad Request: The request could not be handled because of a syntax error. It could be a missing or required query parameter, unparseable JSON, a missing required JSON key, or a missing header on requests that require optimistic concurrency. It is good practice to include the reason for the error in the response body.

• 401 Unauthorized: When the client does not provide any authentication mechanism, the server refuses to handle a request.
• 403 Forbidden: When the server receives the request but the consumers are not allowed to use the method that's been requested, 403 should be retrieved. 403 only indicates permissions and not authentication. Any issue related to authentication is related to 401, whereas 403 indicates that the client is unable to access the resource with the credentials that were provided.
• 404 Not Found: One of the most famous status codes. 404 indicates that the resource does not exist.
• 405 Method Not Allowed: A request has been made using a request method that is not compatible with this resource, for example, by using GET on a form, which requires data to be submitted via POST or PUT.
• 406 Not Acceptable: Indicates that the request includes an Accepts header that the endpoint is unable to satisfy. This status code is only relevant if you support multiple response content types, though you may also encounter it during development with some particularly strict frameworks.
• 409 Conflict: Most commonly used on optimistic concurrency on resource updates. 409 indicates that the current resource has changed since the last time it was requested.
• 415 Unsupported Media Type: Indicates that the entity has a media type request that the server or resource does not support. For example, the consumer tries to post an image such as PNG and JSON, but the server is not prepared to process this format, since it expects a different one.
• 429 Too Many Requests: Sometimes, it is necessary to handle requests based on a rate-limiting or throttling function. The response should include details that explain the condition regarding the too many requests limit.