HTTP status codes in API responses: what they are and what they mean
HTTP status codes, or Status Codes, are the three-digit codes that indicate the outcome of a communication between clients and servers using the HTTP protocol, such as web browsers and API applications.
These codes, which generally remain hidden from the user of the service, allow the client to know the outcome of its request even before analysing the payload, which is the actual response.
Among the most common HTTP Codes are HTTP Status 404, which appears when trying to connect to a web page that does not exist, and HTTP Status 500, which indicates a server error. Even successful requests, however, have their own codes: let's see what they are and what they indicate.
The HTTP protocol is a method of transporting information widely used in client-server architectures, which has also found perfect application in the context of REST API calls.
In API calls, exactly what happens when, while surfing the Internet, an HTTP client asks a server for a resource: when the API client makes its request, the server responds by sending the HTTP Status Code indicating the type of response. What changes is the content of the response, or payload, which instead of containing an HTML page contains a json.
HTTP Codes are identical for all applications communicating via this protocol, and form part of an HTTP server's response.
When an API client queries a server, it receives back a response that contains several pieces of information, and which, apart from technical specifications, includes some basic sections:
HTTP Status Codes are an integral part of an API response: their transmission allows the client to know what happened during the transfer even before analysing the content of the response. An HTTP Status 403, for instance, indicates that the client is authenticated but cannot access the requested resource. A Status Code 200, on the other hand, means that the request was successful and that the server returned the requested data.
HTTP status codes are divided into five classes, each of which begins with a digit indicating the type of response:
Information messages are sent when the request has been received by the server and is continuing with the processing of the request: they are often used to prevent the client from time-out while waiting for a response, but may also indicate that further information needs to be sent to complete the request.
Success messages indicate that the request was received and processed successfully. This does not necessarily mean that the client will get what it wanted: in fact, the server's response may even be devoid of content.
HTTP codes beginning with 3 indicate that the client must perform further actions to satisfy the request: they are used, for example, when the requested resource has been moved to a different location.
Error codes beginning with the number 4 are perhaps the most dreaded by API client users, as they indicate that the request cannot be fulfilled due to an error on the part of the client, which may have messed up the syntax or lacked the necessary permissions. The most common HTTP 400 Status Codes are:
Error messages do not only concern the client: there are also internal server errors, which are indicated by a three-digit code starting with 5: