diff --git a/server/models/Transfer.js b/server/models/Transfer.js
index d5e5df35..1351e5ca 100644
--- a/server/models/Transfer.js
+++ b/server/models/Transfer.js
@@ -141,7 +141,7 @@ class Transfer {
       }
       if (token.claim) {
         throw new HttpError(
-          403,
+          409,
           `The token ${token.id} is claimed, cannot be transfered`,
         );
       }
@@ -242,7 +242,7 @@ class Transfer {
     // }
     // console.log(notClaimedTokenCount);
     if (notClaimedTokenCount < bundleSize) {
-      throw new HttpError(403, `Do not have enough tokens to send`);
+      throw new HttpError(409, `Do not have enough tokens to send`);
     }
 
     const isDeduct = await this.isDeduct(walletLoginId, sender);
@@ -336,7 +336,7 @@ class Transfer {
     const transfer = await this._transferRepository.getById(transferId);
     const receiverId = transfer.destination_wallet_id;
     if (transfer.state !== TransferEnums.STATE.pending) {
-      throw new HttpError(403, 'The transfer state is not pending');
+      throw new HttpError(409, 'The transfer state is not pending');
     }
     const doesCurrentAccountHasControlOverReceiver = await this._wallet.hasControlOver(
       walletLoginId,
@@ -362,7 +362,7 @@ class Transfer {
         bundleSize,
       );
       if (tokens.length < bundleSize) {
-        throw new HttpError(403, 'Do not have enough tokens');
+        throw new HttpError(409, 'Do not have enough tokens');
       }
       await this._token.completeTransfer(tokens, transfer);
     } else {
@@ -388,7 +388,7 @@ class Transfer {
       transfer.state !== TransferEnums.STATE.requested
     ) {
       throw new HttpError(
-        403,
+        409,
         'The transfer state is neither pending nor requested',
       );
     }
@@ -433,7 +433,7 @@ class Transfer {
       transfer.state !== TransferEnums.STATE.requested
     ) {
       throw new HttpError(
-        403,
+        409,
         'The transfer state is neither pending nor requested',
       );
     }
@@ -489,7 +489,7 @@ class Transfer {
     }
     if (transfer.state !== TransferEnums.STATE.requested) {
       throw new HttpError(
-        403,
+        409,
         'Operation forbidden, the transfer state is wrong',
       );
     }
@@ -533,7 +533,7 @@ class Transfer {
     }
     if (transfer.state !== TransferEnums.STATE.requested) {
       throw new HttpError(
-        403,
+        409,
         'Operation forbidden, the transfer state is wrong',
       );
     }
@@ -547,14 +547,14 @@ class Transfer {
       // check it
       if (tokens.length > bundleSize) {
         throw new HttpError(
-          403,
+          409,
           `Too many tokens to transfer, please provider ${bundleSize} tokens for this transfer`,
           true,
         );
       }
       if (tokens.length < bundleSize) {
         throw new HttpError(
-          403,
+          409,
           `Too few tokens to transfer, please provider ${bundleSize} tokens for this transfer`,
           true,
         );
@@ -573,7 +573,7 @@ class Transfer {
       // transfer
       await this._token.completeTransfer(tokens, transfer);
     } else {
-      throw new HttpError(403, 'No need to specify tokens', true);
+      throw new HttpError(409, 'No need to specify tokens', true);
     }
     return transferJson;
   }
diff --git a/server/models/Trust.js b/server/models/Trust.js
index d6e98ad6..99d1f98b 100644
--- a/server/models/Trust.js
+++ b/server/models/Trust.js
@@ -163,7 +163,7 @@ class Trust {
       ) {
         log.debug('Has duplicated trust');
         throw new HttpError(
-          403,
+          409,
           'The trust relationship has been requested or trusted',
         );
       }
diff --git a/server/models/Wallet.js b/server/models/Wallet.js
index 894597d3..363b8ea0 100644
--- a/server/models/Wallet.js
+++ b/server/models/Wallet.js
@@ -17,7 +17,7 @@ class Wallet {
     // check name
     try {
       await this._walletRepository.getByName(wallet);
-      throw new HttpError(403, `The wallet '${wallet}' already exists`);
+      throw new HttpError(409, `The wallet '${wallet}' already exists`);
     } catch (e) {
       if (e instanceof HttpError && e.code === 404) {
         // fine
diff --git a/server/services/JWTService.js b/server/services/JWTService.js
index a71884d4..468f5fd2 100644
--- a/server/services/JWTService.js
+++ b/server/services/JWTService.js
@@ -30,7 +30,7 @@ class JWTService {
   static verify(authorization) {
     if (!authorization) {
       throw new HttpError(
-        403,
+        401,
         'ERROR: Authentication, no token supplied for protected path',
       );
     }
@@ -43,17 +43,17 @@ class JWTService {
       JWTTools.verify(token, publicKEY, verifyOptions, (err, decod) => {
         if (err || tokenArray[0] !== 'Bearer') {
           log.debug(err);
-          throw new HttpError(403, 'ERROR: Authentication, token not verified');
+          throw new HttpError(401, 'ERROR: Authentication, token not verified');
         }
         result = decod;
         if (!result.id)
           throw new HttpError(
-            403,
+            401,
             'ERROR: Authentication, invalid token received',
           );
       });
     } else {
-      throw new HttpError(403, 'ERROR: Authentication, token not verified');
+      throw new HttpError(401, 'ERROR: Authentication, token not verified');
     }
     return result;
   }
diff --git a/server/services/TokenService.js b/server/services/TokenService.js
index c291523c..2b919589 100644
--- a/server/services/TokenService.js
+++ b/server/services/TokenService.js
@@ -48,7 +48,7 @@ class TokenService {
 
       const walletIds = [...allWallets.map((e) => e.id)];
       if (!walletIds.includes(token.wallet_id)) {
-        throw new HttpError(401, 'Have no permission to visit this token');
+        throw new HttpError(403, 'Have no permission to visit this token');
       }
     }