Aarunya AppsAarunya Apps
400
Bad Request
Client Error

HTTP 400 Bad Request — Causes, Fix & API Validation Examples

The server cannot process the request because of a client-side error: malformed syntax, invalid message framing, or deceptive request routing. The client should not repeat the request without modification.

When to Return 400

Use 400 for input validation failures: missing required fields, invalid field values, malformed JSON, invalid date formats, or business rule violations that the client could fix by changing the request.

Common Causes

  • Malformed JSON body (parse error)
  • Missing required request fields
  • Invalid field values (wrong type, out of range)
  • Invalid query parameter format
  • Duplicate submission of a unique value

HTTP Response Example

HTTP/1.1 400 Bad Request
Content-Type: application/json

{"error": "Bad Request", "details": {"email": ["Invalid email address"]}}

Code Examples

Express.js
import { z } from 'zod'

const CreateUserSchema = z.object({
  email: z.string().email(),
  name: z.string().min(1),
})

app.post('/users', (req, res) => {
  const result = CreateUserSchema.safeParse(req.body)
  if (!result.success) {
    return res.status(400).json({
      error: 'Bad Request',
      details: result.error.flatten().fieldErrors,
    })
  }
  // proceed with result.data
})
Next.js App Router
// app/api/users/route.ts
import { z } from 'zod'

const schema = z.object({ email: z.string().email(), name: z.string().min(1) })

export async function POST(request: Request) {
  const body = await request.json().catch(() => null)
  if (!body) return Response.json({ error: 'Invalid JSON' }, { status: 400 })

  const result = schema.safeParse(body)
  if (!result.success) {
    return Response.json(
      { error: 'Bad Request', details: result.error.flatten().fieldErrors },
      { status: 400 }
    )
  }
  // proceed
}

Related Status Codes

All HTTP status codes

Browse the complete HTTP status code reference.

All Status Codes

Frequently Asked Questions

What does HTTP 400 Bad Request mean?

The server cannot process the request because of a client-side error: malformed syntax, invalid message framing, or deceptive request routing. The client should not repeat the request without modification.

When should an API return 400?

Use 400 for input validation failures: missing required fields, invalid field values, malformed JSON, invalid date formats, or business rule violations that the client could fix by changing the request.

What causes an HTTP 400 error?

Common causes: Malformed JSON body (parse error); Missing required request fields; Invalid field values (wrong type, out of range); Invalid query parameter format; Duplicate submission of a unique value.