405

Method Not Allowed

4xx Client Error

ELI5

You found the right place, but you're trying to do something that's not allowed here. Try a different action.

Server perspective

Use 405 when the server knows the method but this specific resource does not support it.

When to use

•Return 405 for real resources that disallow a particular method such as POST, DELETE, or PATCH
•Use it when the method is understood by the server but not allowed on the target resource
•POST request to read-only endpoint
•DELETE request on immutable resource
•PUT request where only PATCH is supported
•Any unsupported HTTP method on existing resource

How to respond

•Include the Allow header listing the methods currently supported by the resource
•Keep 405 distinct from 501, which means the server does not support the method at all

Headers to consider

•Allow

Response body

•A body is optional, but the Allow header is the response contract clients need most.

Server-side pitfalls

•Do not omit the Allow header
•Do not use 405 for unknown routes or truly unimplemented methods
•Resource doesn't exist (use 404 Not Found)
•Method not implemented at all (use 501 Not Implemented)
•Authentication required (use 401 Unauthorized)

Examples

POST to read-only resource

Request:POST https://api.example.test/api/reports/123

Response:

405 Method Not Allowed

# Headers
Allow: GET, PUT

Reports can be read or updated but not created at this endpoint

References

Related Status Codes

Not Implemented

Our server doesn't know how to do what you asked. This feature hasn't been built yet.

Not Found

The thing you're looking for doesn't exist here. It's like knocking on a door and nobody's home.