Last updated Mar 3, 2020

Status Codes in the REST API

We give an HTTP status code with every HTTP response we send. These status codes are intended to comply with the IETF specification that specification says what the status code means and things like whether the clients can cache this result, or whether they should try the same request again. Here’s a non-exhaustive list of the frequently used status codes in the REST API and what we mean by them.

Status CodeNameMeaning
200SuccessEverything was fine and worked.
400Bad RequestThe request does not have the required fields, or the fields the request has are invalid in some way.
401UnauthorizedThe request has invalid credentials, or no credentials when credentials are required, or the user doesn't have permissions to do that.
403ForbiddenAPI will not allow that in this case. Like, the user can't add another checklist if they have too many.
404Not FoundWe don't have a route registered there, e.g. it's not possible to GET /1/cards, or POST /1/elephants. Or the model the request is trying to operate on couldn't be found. Or some nested resource can't be found.
409ConflictThe request doesn't match our state in some way.
429Too Many RequestsAPI wants your application to send fewer requests. Because for example the user is violating a rate limit by sending too many requests per time period.
449Sub-Request FailedAPI was unable to process every part of the request.
500Internal Server ErrorSomething went wrong and we don't know what.
503Service UnavailableSomething is down that should be up. Our load balancers might return this if we're down. And we return it if something we're relying on to handle the request successfully isn't answering.
504Gateway TimeoutWe couldn't handle the GET request within our time limit (30s).

Rate this page: