EC
400
HTTPERRORNotable4xx Client ErrorHIGH confidence

Bad Request

Production Risk

Moderate. While it correctly identifies a client-side issue, if your API is not providing clear error messages in the response body, it can be very difficult for developers to debug their clients.

What this means

The server cannot or will not process the request due to something that is perceived to be a client error. This could be a malformed request syntax, invalid request message framing, or deceptive request routing.

Why it happens
  1. 1The client sends malformed JSON or XML in a request body.
  2. 2A required query parameter is missing from the URL.
  3. 3The client uses an invalid character or syntax in the HTTP request.
  4. 4The value of a header or parameter is in an invalid format.
How to reproduce

An API client sends a POST request with a JSON body that has a syntax error, like a missing comma.

trigger — this will error
trigger — this will error
POST /api/users HTTP/1.1
Host: example.com
Content-Type: application/json

{ "name": "John Doe" "email": "john@example.com" } // Missing comma

expected output

HTTP/1.1 400 Bad Request

Fix 1

Validate Input on the Server

WHEN Developing an API.

Validate Input on the Server
// Example in Express.js with a validator
if (!req.body.email) {
  return res.status(400).send({ error: "Email is required." });
}

Why this works

Server-Side Validation

Fix 2

Check API Documentation

WHEN Consuming an API and receiving a 400 error.

Check API Documentation
Consult the API docs to ensure all required fields and data formats are correct.

Why this works

Client-Side Debugging

What not to do

Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev

← All HTTP errors