client error RFC 9110

HTTP 405 Method Not Allowed

The URL exists but doesn't support the HTTP method the client used.

What it means

The route is real but the method isn't. For example, sending POST to `/users/42` when the endpoint only supports GET, PUT, and DELETE. The server must include an `Allow` header listing which methods ARE supported for that URL.

When servers send it

  • POST to a GET-only endpoint
  • PUT to a POST-only endpoint
  • Any method on a URL that only defines specific methods

What the client does

Reads the `Allow` header to find valid methods. Retries with a supported method.

Common causes

  • Frontend calling the API with the wrong verb (usually a bug)
  • Using POST for what should be PUT or PATCH
  • CORS preflight — OPTIONS request rejected because it wasn't explicitly configured

How to fix it

  • 1.Check the API docs for the correct HTTP method
  • 2.Read the `Allow` header in the 405 response
  • 3.For CORS: add OPTIONS handler that returns 204 with `Access-Control-Allow-Methods`

Similar codes

← All HTTP status codes · HTTP status cheat sheet · HTTP headers reference