The HTTP OPTIONS method is used to describe the communication options for the target resource. HTTP Clients can send an OPTIONS request to find out HTTP methods and other options supported by a web server. If the request URI is an asterisk '*', the OPTIONS request is intended to apply to the server in general rather than to a specific resource.

Requests using the OPTIONS method should only retrieve data (server must not change its state). If you want to change data on the server, use POST, PUT, PATCH or DELETE methods.

The OPTIONS method is defined as idempotent, which means that multiple identical HEAD requests should have the same effect as a single request.

The following example demonstrates sending an OPTIONS request to the server:

OPTIONS Request Example Live Request
OPTIONS /echo/options HTTP/1.1

And the server response:

Server Response
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type

The Allow response header contains a list of HTTP methods that may be used on the target resource.
Additional Cross-Origin Resource Sharing (CORS) headers may present in the server response if your target resource is located on another domain.

For security purposes, browsers usually send a 'preflight' OPTIONS request to the target server when you are sending data to another domain (cross-domain requests).