4xx status codes are defined in RFC 3261 and its successors.
They indicate the request was malformed or otherwise cannot be fulfilled due to client-side errors.
They do not indicate server failure. Instead, they’re triggered when a SIP device, endpoint, or intermediary proxy receives something it cannot or will not accept based on the SIP protocol or local policies.
Here’s a breakdown of each code, in numerical order, with correct definitions, practical examples, and deeper protocol insights.
Tired of Forbidden, Not Found, or Timeout errors?
Voyced helps eliminate the most common 4xx issues by ensuring your setup is SIP-compliant, secure, and stable.
Fix your SIP issues with Voyced
400 – Bad Request
-
The request could not be understood due to malformed syntax.
-
Could be caused by incorrect header formatting, missing fields (e.g.
To
,From
,Call-ID
), or malformed URI. -
Example: INVITE sent with an improperly encoded SDP body.
401 – Unauthorized
-
Indicates that authentication is required to proceed.
-
Used mainly by registrars and UASs to challenge the request.
-
Includes a
WWW-Authenticate
header with nonce values and realm.
402 – Payment Required
-
Reserved for future use (not implemented in SIP today).
-
Might be used in future billing or prepaid systems.
403 – Forbidden
-
Server understood the request but refuses to fulfil it.
-
Not a challenge; re-sending credentials will not help.
-
May be returned if the source IP or username is banned or blocked.
404 – Not Found
-
The user is not known at the domain in the
Request-URI
. -
Returned by registrars or proxies unable to locate the target.
405 – Method Not Allowed
-
The method (e.g. OPTIONS, INVITE) is known but not permitted for the requested resource.
406 – Not Acceptable
-
Server cannot return a response acceptable to the client.
-
Often relates to media types and
Accept:
headers.
407 – Proxy Authentication Required
-
Same as 401, but issued by a SIP proxy, not the UAS.
-
Requires a valid
Proxy-Authenticate
header to be processed.
408 – Request Timeout
-
The server couldn’t find the target user in time.
-
Often caused by NAT issues, DNS failures, or dropped packets.
-
May be retried.
409 – Conflict (Deprecated)
-
Previously used when a user was already registered.
-
Removed in newer RFCs; not used in modern SIP implementations.
410 – Gone
-
The user used to exist but no longer does at this location.
-
Unlike 404, this is permanent.
411 – Length Required (Deprecated)
-
The request must include a valid
Content-Length
. -
Obsolete in SIP since all requests should already include this.
412 – Conditional Request Failed
-
A required condition for the request has not been met.
-
Rare in practice.
413 – Request Entity Too Large
-
The request body exceeds server limits.
-
May be triggered by over-sized SDP or headers.
414 – Request-URI Too Long
-
The URI provided in the request is too long for the server to process.
415 – Unsupported Media Type
-
The server does not support the format in the message body.
-
Could be an unsupported SDP codec or an invalid content type.
416 – Unsupported URI Scheme
-
The URI scheme is unknown or not allowed (e.g. "mailto:" instead of "sip:").
417 – Unknown Resource-Priority
-
The
Resource-Priority
header contained a tag that the server doesn’t understand.
420 – Bad Extension
-
The request uses an unsupported SIP extension.
-
Look for a
Require:
header with unknown options.
421 – Extension Required
-
The server needs an extension not supported by the requestor.
-
The required extensions are listed in the
Require:
header.
422 – Session Interval Too Small
-
The
Session-Expires
value is below the server’s minimum acceptable time.
423 – Interval Too Brief
-
The
Expires:
or similar timer value is too short.
424 – Bad Location Information
-
Provided location data is malformed or incomplete.
425 – Bad Alert Message
-
The emergency call alert was malformed enough that no safe response could be initiated.
428 – Use Identity Header
-
The provider requires an
Identity:
header and it was not included.
429 – Provide Referrer Identity
-
The request lacked a valid
Referred-By:
token.
430 – Flow Failed
-
One flow to the UA failed (seen in Outbound RFC 5626 scenarios). (and if it is seen by one, should be treated as a 400 Bad Request response)
433 – Anonymity Disallowed
-
Caller’s identity is hidden but anonymity is not allowed by recipient policy.
436 – Bad Identity-Info
-
The URI in the
Identity-Info:
header can’t be resolved.
437 – Unsupported Certificate
-
Server can’t validate the provided certificate.
438 – Invalid Identity Header
-
The
Identity:
signature cannot be verified.
439 – First Hop Lacks Outbound Support
-
The initial SIP proxy does not support outbound registrations, which the registrar requires.
440 – Max-Breadth Exceeded
-
Forking breadth (parallel target reach) exceeded. No fallback method provided.
469 – Bad Info Package
-
The
INFO
request refers to an unsupported Info-Package.
470 – Consent Needed
-
The source lacks permission to initiate this request.
480 – Temporarily Unavailable
-
Callee cannot currently be reached; no forwarding is available.
481 – Call/Transaction Does Not Exist
-
No active dialog or transaction matched the incoming request.
482 – Loop Detected
-
SIP message is stuck in a routing loop.
483 – Too Many Hops
-
Max-Forwards:
header reached zero.
484 – Address Incomplete
-
The URI lacks digits or format (e.g. partial number).
485 – Ambiguous
-
Address is ambiguous (multiple matches found).
486 – Busy Here
-
Callee is busy and declines the call.
487 – Request Terminated
-
The request (usually INVITE) was cancelled by a
CANCEL
orBYE
.
488 – Not Acceptable Here
-
Session parameters (media, transport, etc.) aren’t supported by the target.
489 – Bad Event
-
Event package in the
Event:
header is unknown or unsupported.
491 – Request Pending
-
Another request is in progress in this dialog.
493 – Undecipherable
-
Message body is encrypted but recipient can’t decrypt it.
494 – Security Agreement Required
-
Secure communication required but not negotiated. Response will contain supported methods.
Why this matters
If your provider:
-
Doesn’t explain what went wrong
-
Sends incomplete SIP responses
-
Doesn’t help you troubleshoot issues like 408s or 488s
…then you’re left guessing.
✅ Why professionals choose Voyced
-
Premium Plus A-Z termination
-
High-quality CLI presentation
-
Local numbers in 165+ countries
-
SIP done right, per RFC 3261
-
FREE Hosted IPPBX (with almost all solutions)
-
Full VoIP stack including IVR, queues, voicemail-to-email
-
Clear SIP headers, full diagnostic tools, proper 4xx response handling
Switch to smart SIP
Let’s face it: if you're seeing SIP 4xx codes often, your current setup may not be fully compliant or stable.
✅ Talk to Voyced
and get SIP that just works.
Last updated: 01/04/2025
© Voyced
All information provided is copyrighted and purely informative in nature. It is maintained by Voyced with the greatest of care using reliable sources only.
Given the fast evolution of the telecom sector, Voyced does not offer any guarantee about the accuracy and completeness of the information offered.
We explicitly do not give anyone permission to use this information in any other way than to inform themselves about what (legal) requirements there may be and they need to comply with when registering Services and/or DIDs with Voyced.