Quick lookup table for HTTP error codes you might see from WordPress for Cowork operations. For the full troubleshooting steps, see Troubleshooting by error code.
| Code | Meaning | Most common cause |
|---|---|---|
| 200 | OK | Everything worked. |
| 301 / 302 | Redirect | Site is redirecting (often HTTP → HTTPS). Cowork follows redirects; this is fine. |
| 400 | Bad Request | Malformed JSON in the request body. Usually a Cowork-side bug — report it. |
| 401 | Unauthorized | License key wrong/expired, OR Application Password wrong/revoked. |
| 403 | Forbidden | Security plugin or host firewall blocked the request. |
| 404 | Not Found | REST API not registered (permalinks issue, security plugin disabled it). |
| 409 | Conflict | device_limit_reached — you’ve hit your 2-device cap per seat. |
| 413 | Payload Too Large | You uploaded a file bigger than PHP’s upload_max_filesize. |
| 429 | Too Many Requests | Rate limited by CDN (Cloudflare), security plugin, or host firewall. |
| 500 | Internal Server Error | PHP fatal in a plugin or theme. Check the error log. |
| 502 | Bad Gateway | Reverse proxy can’t reach PHP. Restart PHP-FPM. |
| 503 | Service Unavailable | Server overloaded or in maintenance mode. Wait or check host status. |
| 504 | Gateway Timeout | Operation took too long. Often happens on bulk operations against slow hosts. |
Reading the response body
Cowork’s plugin returns a structured error body alongside the HTTP code. Look for these fields:
code— the WordPress-side error code (e.g.,rest_no_route,rest_forbidden).message— human-readable error.user_message— additional context Claude shows you directly.
For licence-related errors: license_not_found, license_expired, device_limit_reached, rate_limited.