GameAPIsBeginnerHTTP status codes and response semanticsHTTPRESTstatus codesAPI semanticsGamePractice HTTP status codes with an interactive backend game covering 200, 201, 204, 301, 304, 400, 401, 403, 404, 409, 422, 429, 500, 502, and 503.HTTP Status DefenderAPIsBeginnerHTTP status codes and response semantics/games/http-status-defender/
practice/http-status-defenderAccuracy and speed score
Play, get feedback, save local progress, and optionally submit a leaderboard score.
Quick answer
HTTP Status Defender is a short backend practice game for HTTP status codes and response semantics. It helps learners make realistic decisions about HTTP, REST, status codes, then explains why each answer is safe, risky, or production-ready.
Map common API outcomes to precise HTTP status codes.
Distinguish authentication, authorization, validation, and conflict responses.
Recognize when success responses should include a body, a location, or no content.
Concept explanation
HTTP status codes are a compact language between backend services and clients. In this game, each scenario asks what the server should say through the status line before any response body is considered.
Your local progress
0 XP0 games played0 completed
Progress, review history, and best scores are stored in this browser with localStorage.
Use the controls below. Feedback appears immediately, and final scores are stored locally.
Leaderboard
Top 10 submitted scores. No account required.
Loading leaderboard...
Finish the game to load your latest local score.
Learning objectives
Map common API outcomes to precise HTTP status codes.
Distinguish authentication, authorization, validation, and conflict responses.
Recognize when success responses should include a body, a location, or no content.
How to play
Read the backend scenario.
Choose the HTTP status code that best communicates the outcome.
Use the explanation to compare nearby codes before moving to the next scenario.
Scoring
Correct answers add points.
Fast correct answers receive a small speed bonus.
Incorrect answers show the right code and continue the round.
Backend concept notes
HTTP status codes are part of the API contract. They let clients decide whether to retry, prompt for login, update local cache, or fix request data.
Good backend APIs use status codes consistently. A 401 means the client needs authentication, while a 403 means the authenticated actor is not allowed to perform the action.
Common mistakes
Returning 200 OK for every API response and hiding errors inside the JSON body.
Using 404 Not Found for authorization failures that should be 403 Forbidden.
Using 500 Internal Server Error for client validation mistakes.
Related Backend Study Lab articles
Use the main site for deeper reading after playing.