Example HTTP Response
HTTP/1.1 405 Method Not Allowed
Allow: GET, HEAD- Using POST on a read-only endpoint
- Trying DELETE when only GET is allowed
- Wrong HTTP verb for the resource
What does this mean?
Wrong approach! It's like trying to open a pull door by pushing. The door exists, you're just doing it wrong.
Technical Definition
The request method is known by the server but is not supported by the target resource.
RFC Says
"The 405 (Method Not Allowed) status code indicates that the method received in the request-line is known by the origin server but not supported by the target resource. The origin server MUST generate an Allow header field in a 405 response containing a list of the target resource's currently supported methods."
Plain English:
You used the wrong HTTP method for this endpoint. The resource exists, but it doesn't support the method you tried. The Allow header tells you which methods ARE supported (e.g., GET, POST, PUT).
Common Misinterpretation
Don't forget the Allow header - it's required by the RFC and helps clients understand what methods they should use. For example, if a resource is read-only, return 405 for POST/PUT/DELETE with 'Allow: GET, HEAD, OPTIONS'.
Ready-to-use code for returning this HTTP status in your application:
// Express.js
app.get('/example', (req, res) => {
res.status(405).json({
error: 'Method Not Allowed',
message: 'Your error message here'
});
});
// Native HTTP
const http = require('http');
http.createServer((req, res) => {
res.writeHead(405, { 'Content-Type': 'application/json' });
res.end(JSON.stringify({
error: 'Method Not Allowed',
message: 'Your error message here'
}));
}).listen(3000);