# 431 Request Header Fields Too Large

> https://http-status.org/docs/431

**Family:** 4xx Client Error

## Rationale

Server is unwilling to process the request because its header fields are too large.

## In Plain Terms

Your request headers (the extra information like cookies) are too big for me to handle. Clean up your cookies or make the headers smaller.

## Description

The HTTP 431 Request Header Fields Too Large status code indicates that the server is unwilling to process the request because its header fields are too large. The request may be resubmitted after reducing the size of the request header fields.

## Server Perspective

### Usage
- Return 431 for oversized Cookie, Authorization, or accumulated proxy headers
- Use it when the problem is header size rather than body size or URI length
- Request headers exceed server limits
- Too many cookies causing large Cookie header
- Authorization headers that are too long
- Custom headers that exceed size limits
- Accumulated headers from proxies

### Implementation
- Tell the client whether one specific header or the overall header set is the problem when possible
- Set clear size limits across proxies and app servers to avoid inconsistent failures

### Common Headers
- No status-specific header is required; still send normal HTTP metadata such as Content-Type, caching, or tracing headers when they help the client.

### Body
- Identify the offending header or total header limit when that can be shared safely.

### Pitfalls
- Do not use 431 for bad header syntax; use 400 for malformed headers
- Do not confuse oversized headers with oversized bodies or URLs
- Request body too large (use 413 Content Too Large)
- URI too long (use 414 URI Too Long)
- Bad header format (use 400 Bad Request)

## Client Perspective

### Pitfalls
- Do not assume the body is the problem when the failure is in the headers

## Examples

### Excessive cookies

Cookie header size exceeds server's 8KB limit

**Request:**
```
GET https://api.example.test/api/data
Cookie: session=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
```

**Response:**
```
431 Request Header Fields Too Large
Content-Type: application/json

{
  "error": "request_header_fields_too_large"
}
```

### Large Authorization header

JWT token size exceeds server's header size limit

**Request:**
```
GET https://api.example.test/api/users
Authorization: Bearer <very-large-jwt>
```

**Response:**
```
431 Request Header Fields Too Large
Content-Type: application/json

{
  "error": "request_header_fields_too_large"
}
```

## Related Codes

- [400 Bad Request](/docs/400.md)
- [413 Content Too Large](/docs/413.md)