425 Too Early
Sent when a request arrives in TLS 1.3 early data (0-RTT) and replaying it could be unsafe.
The server is unwilling to process a request that might be replayed.
What HTTP 425 Too Early Means
The server is unwilling to process a request that might be replayed.
Sent when a request arrives in TLS 1.3 early data (0-RTT) and replaying it could be unsafe.
Common Causes
- Request sent in TLS 1.3 0-RTT early data
- Anti-replay protection on the server
- Aggressive connection resumption in the client
How to Fix It (For Visitors)
- Retry the request
How to Fix It (For Developers/Admins)
- Resend the request without early data
- Avoid 0-RTT for non-idempotent requests
- Retry automatically on 425
Returning a 425 Too Early (Code Examples)
If you build APIs or web apps, here is how to send an HTTP 425 response and how to test for it:
Node.js (Express)
app.get('/resource', (req, res) => {
res.status(425).json({ error: 'Too Early' });
});Python (Flask)
@app.route('/resource')
def resource():
return jsonify(error='Too Early'), 425PHP
<?php
http_response_code(425);
header('Content-Type: application/json');
echo json_encode(['error' => 'Too Early']);Check the status with curl
curl -I https://example.com/resource
# Look for: HTTP/1.1 425 Too EarlyFrequently Asked Questions
What does HTTP 425 Too Early mean?
Sent when a request arrives in TLS 1.3 early data (0-RTT) and replaying it could be unsafe. In short: The server is unwilling to process a request that might be replayed.
Is 425 Too Early a client or server error?
425 is a 4xx client-error code, so the request itself needs to change. The server is running normally and is rejecting the request as it was sent by the browser, app, or API client.
How do I fix a 425 Too Early error?
Resend the request without early data. Avoid 0-RTT for non-idempotent requests. Retry automatically on 425.
Official Specification
The 425 Too Early status code is defined in RFC 8470.