Being a responsible RESTful API the status codes that are sent in responses are matched as best as possible to the actual condition met. For example, when rate limiting
429 Too Many Requests is sent rather than twitters more esoteric (although funny) custom
420 Enhance Your Calm. The REST API Tutorial website has a fantastic reference for HTTP Status Codes. The following is a list of the most common status codes returned in responses:
The request has succeeded. The information returned with the response is dependent on the method used in the request. For example: when a patch to an existing package has been processed.
The request has been fulfilled and resulted in a new resource being created. For example: when a new repository has been created.
The request has been accepted for processing, but the processing has not been completed. For example: when a package upload has been completed but not yet processed.
The request requires user authentication. For example: viewing a private repository requires authentication and authorisation (permission to view the repository).
The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. For example: sending requests to places that you shouldn't be.
404 Not Found
The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent. For example: requesting a repository that doesn't exist (or one that you don't have permission to see).
422 Unprocessable Entity
The server understands the content type of the request entity, and the syntax of the request entity is correct but was unable to process the contained instructions. For example: sending a request that contains field validation errors (such as a missing field).