405 Method Not Allowed

Client Error - HTTP method not supported for this endpoint

HTTP 405 Method Not Allowed

What It Means

The HTTP 405 Method Not Allowed status code indicates that the server knows the request method, but the target resource doesn't support this method. For example, trying to POST to a read-only endpoint.

Common Examples

Request Result
POST /api/users 201 Created ✓
DELETE /api/users 405 (bulk delete not allowed)
PUT /api/readonly 405 (read-only resource)

Allow Header

The 405 response must include an Allow header listing the supported methods: 

HTTP/1.1 405 Method Not Allowed
Allow: GET, HEAD, OPTIONS
Content-Type: application/json

{
  "error": "Method Not Allowed",
  "message": "DELETE is not supported for this resource",
  "allowed_methods": ["GET", "HEAD", "OPTIONS"]
}

REST API Method Conventions

Method Purpose
GET Retrieve a resource
POST Create a new resource
PUT Replace a resource entirely
PATCH Partially update a resource
DELETE Remove a resource
OPTIONS Get allowed methods (CORS)

Implementation

Express.js

// Only allow GET and POST on /api/users
app.route('/api/users')
  .get(getUsers)
  .post(createUser)
  .all((req, res) => {
    res.set('Allow', 'GET, POST');
    res.status(405).json({
      error: 'Method Not Allowed',
      allowed: ['GET', 'POST']
    });
  });

Python Flask

from flask import Flask, jsonify

@app.route('/api/users', methods=['GET', 'POST'])
def users():
    if request.method == 'GET':
        return get_users()
    return create_user()

# Flask automatically returns 405 for non-listed methods

405 vs 404

  • 405: Resource exists, but doesn't support this method
  • 404: Resource doesn't exist at all

Common Debugging Steps

  1. Check the HTTP method in your request (GET vs POST)
  2. Read the Allow header in the response
  3. Check API documentation for supported methods
  4. Verify you're hitting the correct endpoint

Frequently Asked Questions

What does HTTP 405 Method Not Allowed mean?
HTTP 405 Method Not Allowed means the server recognizes the HTTP method in your request but the target resource does not support it. For example, sending a DELETE request to an endpoint that only accepts GET and POST. The server must include an Allow header listing the supported methods.
How do I fix a 405 Method Not Allowed error?
Check the Allow header in the 405 response to see which HTTP methods the endpoint supports. Then verify you are using the correct method (GET, POST, PUT, DELETE, etc.) for your intended action. Common fixes include changing POST to GET for read operations, or checking your API documentation for the correct method.
What is the difference between 405 and 404?
A 404 Not Found means the resource does not exist at that URL. A 405 Method Not Allowed means the resource exists but does not support the HTTP method you used. For example, GET /api/users might return 200, but DELETE /api/users might return 405 if bulk deletion is not allowed.
Is the Allow header required in a 405 response?
Yes. According to the HTTP specification (RFC 9110), the server must include an Allow header in the 405 response listing the methods the target resource supports. For example: Allow: GET, HEAD, OPTIONS. This helps clients understand which methods they can use.
What is the difference between 405 and 501?
A 405 means the server knows the method but the specific resource does not support it. A 501 Not Implemented means the server does not recognize or support the HTTP method at all. For example, a server might return 501 for the PATCH method if it has not implemented PATCH support anywhere.

Monitor your API endpoints

Catch method misconfigurations before they affect users.

Start monitoring free →

Related Status Codes

400 Bad Request 404 Not Found 415 Unsupported Media Type 501 Not Implemented

More Resources

All HTTP Status Codes Error Reference Test Endpoints Tool API Monitoring