HTTP Status Codes
HTTP 400 Bad Request
Bad Request — the server cannot process the request because it is malformed
A 400 Bad Request indicates that the server rejected the request because its syntax, framing, or structure was invalid. It belongs to the 4xx class, which points to a problem with the request sent by the client rather than a server-side failure. Many servers emit 400 before application code runs, especially when headers, body encoding, or URL formatting cannot be parsed into a valid request.
Visual summary
A quick reference view of how HTTP 400 works: A structurally broken or garbled data package being rejected by the server's outer filter.

What 400 Means
The shortest useful reading of this status code.
Bad Request means the server cannot process the request because it is malformed.
This status falls into the 4xx class, indicating a client-side error outcome for the request.
Quick read
Bad Request
the server cannot process the request because it is malformed
Technical Context
How this status behaves without turning the page into a repair guide.
Standard usage
A 400 response is the generic HTTP signal that the server rejected the request before normal processing could continue. It usually points to invalid syntax, malformed framing, or input the server cannot parse into a valid request object.
Technical nuance
Many frameworks also use 400 for failed validation when no more specific status code is configured. That makes 400 broader than 422, which is usually reserved for payloads that are structurally valid but semantically unacceptable to the application.
Related HTTP Codes
Nearby HTTP status codes help clarify how 400 differs inside the same response family.
400
Bad Request
the server cannot process the request because it is malformed
401
Unauthorized
valid authentication credentials are missing for the target resource
403
Forbidden
the server understood the request but refuses to authorize it
422
Unprocessable Content
the server understood the request but cannot apply its instructions
Common Causes
Malformed request syntax or invalid body encoding
A common condition that triggers a 400 response when the web server evaluates the transaction.
Missing required headers or incorrect Content-Length
A common condition that triggers a 400 response when the web server evaluates the transaction.
Corrupted query string or unsupported character encoding
A common condition that triggers a 400 response when the web server evaluates the transaction.
Request body does not match the declared format
A common condition that triggers a 400 response when the web server evaluates the transaction.
Typical Scenarios
A client sends malformed JSON with a content type that claims the body is valid JSON
A proxy forwards a request with a broken Content-Length header
A URL contains invalid characters that the server refuses to parse
What To Know
A 400 is usually tied to the specific request that triggered it rather than to the entire site. If many unrelated requests start returning 400 at once, the common cause is often a proxy, client library, or encoding issue instead of a missing page or application crash.
Frequently Asked Questions
Common interpretation questions about HTTP 400.
A 400 response usually points to malformed request syntax, invalid encoding, broken headers, or a request body the server cannot parse into a valid format.
It is a client-side request error in the HTTP model. The server is reachable and responding, but it is rejecting the specific request it received.
A 400 error usually means the server could not parse the request correctly at all. A 422 means the request format was valid, but the content still violated application rules or validation logic.