HTTP Status Code Reference

The server received the request headers and the client should proceed to send the body. Mostly seen with Expect: 100-continue on large uploads.

The server agrees to switch protocols as requested via the Upgrade header — most commonly upgrading HTTP to a WebSocket connection.

AI APIs: Realtime voice/streaming APIs (e.g. OpenAI Realtime) use WebSocket upgrades; a missing 101 means the upgrade was refused.

The request succeeded. The response body contains the result.

AI APIs: Note that AI APIs can return 200 with an error object inside a streamed body — always inspect stream events, not just the status.

The request succeeded and a new resource was created — typical for POSTs that create files, fine-tune jobs or batch jobs.

AI APIs: Batch and fine-tuning endpoints return 201 with the job resource; poll its status URL rather than expecting results inline.

The request was accepted for asynchronous processing but is not complete. The final outcome is not yet known.

AI APIs: Async batch APIs accept work with 202; completion can take up to 24h on Anthropic and OpenAI batch tiers.

Success with no response body — common for DELETE operations.

The server is delivering only part of the resource, in response to a Range header — used for resumable downloads.

AI APIs: Seen when resuming large model or file downloads (e.g. fine-tune result files).

The resource has a new permanent URL given in the Location header. Clients should update their references.

AI APIs: API base-URL typos (http vs https, trailing slash) often surface as 301s that drop POST bodies on redirect.

The resource temporarily lives at a different URL. The original URL remains canonical.

Conditional GET: the cached copy is still valid; the server sends no body.

Like 302 but the method and body MUST be preserved when following the redirect.

Like 301 but the method and body MUST be preserved. Update stored URLs.

The server cannot process the request due to a client error — malformed JSON, invalid parameters, or schema violations.

AI APIs: The most common AI-API 400s: max_tokens exceeding the model limit, invalid model IDs, malformed tool schemas, and context-window overflow (Anthropic returns 400 with an invalid_request_error when the prompt is too long).

Authentication is missing or invalid for this request.

AI APIs: Anthropic expects the x-api-key header; OpenAI expects Authorization: Bearer. Mixing the two conventions is the classic cause. Revoked or rotated keys also land here.

The request requires payment — billing is not set up or a balance is exhausted.

AI APIs: OpenAI returns 402-style billing errors when quota is exhausted; Anthropic surfaces billing problems as 400/403 with billing messages. Check the billing console first.

The server understood the request but refuses to authorize it — valid credentials, insufficient permission.

AI APIs: Common causes: requesting a model your org has no access to, geo-blocked regions, or organization policies restricting an endpoint.

The requested resource does not exist at this URL.

AI APIs: Usually a typo'd endpoint path, a deprecated/retired model ID, or a v1 path used against a different API version.

The URL exists but does not support this HTTP method.

AI APIs: Typically a GET against a POST-only inference endpoint, often caused by a redirect that downgraded the method.

The server timed out waiting for the complete request.

AI APIs: Large request bodies (long contexts, base64 images) over slow links can trip server read timeouts.

The request conflicts with the current state of the resource — e.g. concurrent modification.

AI APIs: Seen when cancelling an already-completed batch job or double-submitting with the same idempotency key but different bodies.

The resource existed but has been permanently removed and no forwarding address is known.

AI APIs: Deprecated API versions and expired file/batch resources return 410 — unlike 404, the provider is telling you it will never come back.

The request URL exceeds the server's length limit.

AI APIs: Usually caused by stuffing data into query parameters that belongs in a POST body.

The request body exceeds the server's size limit.

AI APIs: Hit by oversized image payloads, giant tool results, or batch files over the per-file cap. Distinct from context-window overflow, which is usually a 400.

The request body format is not supported — usually a missing or wrong Content-Type header.

AI APIs: Sending JSON without Content-Type: application/json, or uploading files with the wrong multipart encoding.

The request was well-formed syntactically but semantically invalid.

AI APIs: Some providers use 422 instead of 400 for parameter validation failures — the error body carries the field-level details.

You exceeded a rate limit — requests per minute, tokens per minute, or concurrent connections.

AI APIs: THE most common AI-API error at scale. Anthropic returns retry-after seconds in the Retry-After header and separates RPM/ITPM/OTPM limits. OpenAI returns Retry-After plus x-ratelimit-remaining-* headers for both requests and tokens. Google returns RESOURCE_EXHAUSTED quota errors. Always honor Retry-After rather than guessing.

Headers exceed the server's size limits — often a runaway cookie or oversized auth token.

Access denied for legal reasons — censorship, sanctions or court orders.

AI APIs: AI providers return 451-style geo blocks in unsupported regions; a VPN exit node in a sanctioned country triggers this too.

Non-standard (nginx): the client disconnected before the server finished responding.

AI APIs: Appears in gateway logs when an agent's HTTP timeout is shorter than model generation time — the client gave up mid-stream, but you may still be billed for generated tokens.

The server hit an unexpected condition. The fault is on the provider's side.

AI APIs: All providers occasionally 500 under load or on edge-case inputs. Anthropic returns api_error; OpenAI returns server_error. A reproducible 500 on a specific prompt is worth reporting.

The server does not support the functionality required to fulfil the request.

A gateway or proxy received an invalid response from the upstream server.

AI APIs: Often transient infrastructure churn at the provider's edge (deploys, scaling events). With self-hosted gateways/proxies in front of AI APIs, check your own proxy first.

The server is temporarily unable to handle the request — overload or maintenance. May include Retry-After.

AI APIs: Providers return 503 during capacity crunches; Anthropic distinguishes its overload state with the dedicated 529 code instead.

A gateway did not receive a timely response from the upstream server.

AI APIs: Long non-streaming generations are the usual trigger — the proxy's read timeout expires before the model finishes. Streaming avoids this because bytes flow continuously.

The server does not support the HTTP protocol version used in the request.

The server cannot store the representation needed to complete the request.

Cloudflare-specific: the origin returned an empty, malformed or unexpected response.

AI APIs: Several AI providers sit behind Cloudflare; 520s indicate origin-side trouble that Cloudflare can't classify.

Cloudflare-specific: the TCP connection to the origin server timed out.

AI APIs: Indicates the provider's origin is unreachable from Cloudflare's edge — a genuine provider-side outage signal.

Cloudflare-specific: the origin accepted the connection but did not reply within Cloudflare's (typically 100s) proxy timeout.

AI APIs: The classic long-stream killer: a non-streaming request to a slow model exceeds Cloudflare's 100-second window even though the model is still working. Streaming keeps bytes moving and resets the clock — switch any request that can take >90s to streaming.

Non-standard, Anthropic-specific: the API is temporarily overloaded and shedding load.

AI APIs: Anthropic's dedicated overload signal (overloaded_error). Distinct from 429 — this is not about YOUR rate limit but about aggregate platform load. Typically resolves within seconds to minutes. The SDKs retry it automatically a limited number of times.