What HTTP status codes should RESTful APIs use?

RESTful APIs should use appropriate HTTP status codes to communicate the result of each request. 200 OK: successful GET, PUT, PATCH. 201 Created: successful POST that created a resource. 204 No Content: successful DELETE (no body returned). 400 Bad Request: invalid request data (validation failed). 401 Unauthorized: authentication required or invalid credentials. 403 Forbidden: authenticated but not authorized to access the resource. 404 Not Found: resource does not exist. 409 Conflict: duplicate data (e.g., email already taken). 422 Unprocessable Entity: semantically invalid data. 500 Internal Server Error: unexpected server-side error. Using the correct codes lets API consumers handle errors programmatically without parsing error messages.