405 Method Not Allowed
The URL exists — but not for the HTTP method you used. The response must include an Allow header listing what the endpoint accepts. This is almost always a routing or client-code mismatch rather than a missing feature.
What usually causes it
- POSTing to a GET-only route (or vice versa)
- A redirect downgraded POST to GET (301/302 behavior), and the target rejects GET
- Trailing-slash normalization changing which route matches
- CORS preflight OPTIONS hitting a route with no OPTIONS handler
How to debug and fix it
- Read the Allow header — it tells you exactly what the route accepts.
- If preflights fail, configure OPTIONS handling/CORS middleware rather than adding manual OPTIONS routes.
- Check for redirects in the chain (curl -v shows the method after each hop).
Easily confused with
Debugging an API? Build and inspect requests, check response headers, or read the full status-code debugging guide.