# 405 Method Not Allowed

> https://http-status.org/docs/405

**Family:** 4xx Client Error

## Rationale

Method known by server but not supported by the target resource; include Allow header.

## In Plain Terms

You found the right place, but you're trying to do something that's not allowed here. Try a different action.

## Description

The HTTP 405 Method Not Allowed status code indicates that the request method is known by the server but is not supported by the target resource.

## Server Perspective

### Usage
- Return 405 for real resources that disallow a particular method such as POST, DELETE, or PATCH
- Use it when the method is understood by the server but not allowed on the target resource
- POST request to read-only endpoint
- DELETE request on immutable resource
- PUT request where only PATCH is supported
- Any unsupported HTTP method on existing resource

### Implementation
- Include the Allow header listing the methods currently supported by the resource
- Keep 405 distinct from 501, which means the server does not support the method at all

### Common Headers
- Allow

### Body
- A body is optional, but the Allow header is the response contract clients need most.

### Pitfalls
- Do not omit the Allow header
- Do not use 405 for unknown routes or truly unimplemented methods
- Resource doesn't exist (use 404 Not Found)
- Method not implemented at all (use 501 Not Implemented)
- Authentication required (use 401 Unauthorized)

## Client Perspective

### Pitfalls
- Do not assume the resource is missing just because the method failed

## Examples

### POST to read-only resource

Reports can be read or updated but not created at this endpoint

**Request:**
```
POST https://api.example.test/api/reports/123
```

**Response:**
```
405 Method Not Allowed
Allow: GET, PUT
```

## Related Codes

- [501 Not Implemented](/docs/501.md)
- [404 Not Found](/docs/404.md)