I'm building a restful API for my Symfony app.
I have a resource that can't be created via the API, so my first idea was to don't create the POST method/URI. But now I'm wondering if create the POST method and throw manually a
405 Method Not Allowed
In other frameworks - e.g. spring in java or django rest framework in python - it's done automatically. If an HTTP method isn't listed the framework will automatically return a
405 Method Not Allowed. It's very useful.
Personally I'd go for handling it manually - I mean returning a
405 Method Not Allowed - to be explicit about the error. This is not the case that route does not exist, hence
404 Not Found is a bad choice. It does exist, however not serving
403 Forbidden will be much better than
404 Not Found.