The routing happens in app.url_map, which is an instance of Werkzeug's Map class. That class uses regular expressions to determine if a function decorated by @app.route matches the incoming request. The routing only looks at the path you provided in the route call to see if it matches the client's request.
By default, the mapper will only accept GET, OPTIONS, and HEAD calls on a declared route. Calling a valid endpoint with an unsupported method will return a 405 Method Not Allowed response together with the list of supported methods in the Allow header:
$ curl -v -XDELETE localhost:5000/api
* Connected to localhost (127.0.0.1) port 5000 (#0)
> DELETE /api/person/1 HTTP/1.1
> Host: localhost:5000
> User-Agent: curl/7.51.0
> Accept: */*
>
* HTTP 1.0, assume close after body
< HTTP/1.0 405 METHOD NOT ALLOWED
< Content-Type: text/html
< Allow: GET, OPTIONS, HEAD
< Content-Length: 178
< Server: Werkzeug/0.11.11 Python/3.5.2
< Date: Thu, 22 Dec 2016 21:35:01 GMT
<
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>405 Method Not Allowed</title>
<h1>Method Not Allowed</h1>
<p>The method is not allowed for the requested URL.</p> *
Curl_http_done: called premature == 0
Closing connection 0
If you want to support specific methods, you can pass them to the route decorator with the methods argument as follows:
@app.route('/api', methods=['POST', 'DELETE', 'GET'])
def my_microservice():
return jsonify({'Hello': 'World!'})
Note that the OPTIONS and HEADS methods are implicitly added in all rules, since it is automatically managed by the request handler. You can deactivate this behavior by setting a provide_automatic_options attribute to False to the function. This can be useful when you want to add custom headers in the response when OPTIONS is called, like when dealing with CORS where you need to add several Access-Control-Allow-* headers.