405 Method Not Allowed
Client Error - HTTP method not supported for this endpoint
HTTP 405 Method Not Allowed
What It Means
The HTTP 405 Method Not Allowed status code indicates that the server knows the request method, but the target resource doesn't support this method. For example, trying to POST to a read-only endpoint.
Common Examples
| Request | Result |
|---|---|
| POST /api/users | 201 Created ✓ |
| DELETE /api/users | 405 (bulk delete not allowed) |
| PUT /api/readonly | 405 (read-only resource) |
Allow Header
The 405 response must include an Allow header listing the supported methods:
HTTP/1.1 405 Method Not Allowed
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
{
"error": "Method Not Allowed",
"message": "DELETE is not supported for this resource",
"allowed_methods": ["GET", "HEAD", "OPTIONS"]
}REST API Method Conventions
| Method | Purpose |
|---|---|
| GET | Retrieve a resource |
| POST | Create a new resource |
| PUT | Replace a resource entirely |
| PATCH | Partially update a resource |
| DELETE | Remove a resource |
| OPTIONS | Get allowed methods (CORS) |
Implementation
Express.js
// Only allow GET and POST on /api/users
app.route('/api/users')
.get(getUsers)
.post(createUser)
.all((req, res) => {
res.set('Allow', 'GET, POST');
res.status(405).json({
error: 'Method Not Allowed',
allowed: ['GET', 'POST']
});
});Python Flask
from flask import Flask, jsonify
@app.route('/api/users', methods=['GET', 'POST'])
def users():
if request.method == 'GET':
return get_users()
return create_user()
# Flask automatically returns 405 for non-listed methods405 vs 404
- 405: Resource exists, but doesn't support this method
- 404: Resource doesn't exist at all
Common Debugging Steps
- Check the HTTP method in your request (GET vs POST)
- Read the Allow header in the response
- Check API documentation for supported methods
- Verify you're hitting the correct endpoint