405 Method Not Allowed

The URL exists — but not for the HTTP method you used. The response must include an Allow header listing what the endpoint accepts. This is almost always a routing or client-code mismatch rather than a missing feature.

What usually causes it

  • POSTing to a GET-only route (or vice versa)
  • A redirect downgraded POST to GET (301/302 behavior), and the target rejects GET
  • Trailing-slash normalization changing which route matches
  • CORS preflight OPTIONS hitting a route with no OPTIONS handler

How to debug and fix it

  1. Read the Allow header — it tells you exactly what the route accepts.
  2. If preflights fail, configure OPTIONS handling/CORS middleware rather than adding manual OPTIONS routes.
  3. Check for redirects in the chain (curl -v shows the method after each hop).

Easily confused with