Per RFC2616
The Allow entity-header field lists the set of methods supported by the resource identified by the Request-URI. The purpose of this field is strictly to inform the recipient of valid methods associated with the resource.
It mandates that "An Allow header field MUST be present in a 405 (Method Not Allowed) response."
Further, it states
This field cannot prevent a client from trying other methods. However, the indications given by the Allow header field value SHOULD be followed. The actual set of allowed methods is defined by the origin server at the time of each request.
So for a widely consumed REST API, it appears to me that setting the Allow header in the response to other relevant HTTP Methods such as GET, PUT, POST, HEAD, PATCH(?) could be useful to clients looking to discover the capabilities/supported operations of a resource.
However, a google search on the topic did not produce results that helped me. Hence, looking for inputs from the SO community.
