🌐

HTTP Status Code Reference (1xx-5xx)

Look up HTTP status codes 1xx-5xx (RFC 9110). Search by number (200, 404, 500) or name (not found, redirect). Click to copy. Handy for API debugging.

All tools Browser-only

HTTP Status Code reference (RFC 9110). Click a code to copy it. Search by number or name — handy for debugging APIs, writing REST handlers, or reading server logs.

5 HTTP status code groups

1xx Informational: the request is being processed. Rare in everyday apps.
2xx Success: success. 200 OK, 201 Created, 204 No Content.
3xx Redirection: follow another URL. 301 permanent (SEO updates), 302 temporary, 304 use cache.
4xx Client Error: the client did something wrong. 400 bad request, 401 unauth, 403 forbidden, 404 not found, 429 rate limit.
5xx Server Error: server side. 500 generic, 502/504 proxy, 503 down/overloaded.

4 commonly confused codes

401 vs 403: 401 = "I don't know who you are" (not authenticated). 403 = "I know who you are but you can't" (authenticated, lacks permission).
301 vs 302: 301 is permanent — Google updates the canonical to the new URL. 302 is temporary — Google keeps the old URL in the index.
307 vs 302: 307 preserves the HTTP method (POST stays POST). 302 lets the browser change POST to GET. Use 307 for API redirects, 302 for form submissions.
422 vs 400: 400 = malformed JSON. 422 = JSON parses fine but fails validation (e.g. bad email format). Many frameworks use 422 for form validation errors.

Best practices for REST APIs

POST /resources succeeds → 201 Created + Location header pointing to the new resource.
DELETE succeeds → 204 No Content (no body needed).
Validation fails → 422 Unprocessable Entity + JSON detail per field.
Rate limit hit → 429 + Retry-After: 60 header (seconds).
Server crash → 500 + log internally, do NOT leak the stack trace into the response.
Maintenance → 503 + Retry-After so clients/Google know when to come back.

Who this is for

Fullstack/backend/devops engineers — debug JWT, format JSON/SQL, parse cURL, compute CIDR subnets, draft Mermaid diagrams, write conventional commits… Daily toolkit alongside your terminal and editor.

FAQ

Is my pasted code/token sent anywhere?

No. All TopDev dev tools run 100% client-side — JWT, SQL, JSON, cURL, regex… process in-browser. Disconnect to verify. Safe for internal tokens, production DB queries, API keys.

Does it work offline / install as a PWA?

Tools work offline after the first load. Installable PWA is on the roadmap — for now you can bookmark and use without internet.

Related tools

See all tools →

NEW

🔐

JWT Decoder

Decode JWT tokens — header, payload, claims with readable timestamps.

NEW

🆚

Text Diff

Paste 2 texts → highlight diffs at word/line/char level. Great for diffing AI outputs.

NEW

🧩

JSON Schema Generator

Generate JSON Schema (Draft-07) from a sample — for LLM structured output and API validation.

NEW

🎨

JSON Formatter

Format / minify / validate JSON. Sort keys A-Z, custom indent, Ctrl+Enter shortcut.