Why do we receive a 405 Response without Allow Header error from our prod dev portal when trying to get an oauth token?

Former Community Member
Not applicable

We are receiving the following error when trying to get an oauth token from the dev portal. The setup is the same in nonprod and everything is working fine. We receive the same response no matter what we try sending.

9144-9-13-2019-3-08-05-pm.png

Solved Solved
0 3 1,354
1 ACCEPTED SOLUTION

Former Community Member
Not applicable

The developers were actually hitting a {org}-portal.api.{company}.com endpoint, so we had them switch to a an actual proxy with the oauth policy to resolve this issue. Still not sure how the {org}np-portal.api.{company}.com endpoint was working properly though. It seems like that should have also returned a 405 to match production, or even better a 404 to indicate that users should not be hitting the portal.

View solution in original post

3 REPLIES 3

We will need more information to be able to help you out with this.

Something on the backend is sending the 405. It could be the token-dispensing proxy. But I can't b e sure. If the backend IS a proxy in Apigee, can you collect a Trace session showing the request, and then attach it to your question?

Former Community Member
Not applicable

The developers were actually hitting a {org}-portal.api.{company}.com endpoint, so we had them switch to a an actual proxy with the oauth policy to resolve this issue. Still not sure how the {org}np-portal.api.{company}.com endpoint was working properly though. It seems like that should have also returned a 405 to match production, or even better a 404 to indicate that users should not be hitting the portal.

Ahhh, ok, thanks for the update. Glad you sorted it out.