diff --git a/core/modules/rest/src/Entity/RestEndpoint.php b/core/modules/rest/src/Entity/RestEndpoint.php
index 1b9672e..a330267 100644
--- a/core/modules/rest/src/Entity/RestEndpoint.php
+++ b/core/modules/rest/src/Entity/RestEndpoint.php
@@ -87,9 +87,17 @@ public function getResourcePlugin() {
   /**
    * {@inheritdoc}
    */
+  public function isRequestMethodEnabled($method) {
+    $method = $this->normaliseRestMethod($method);
+    return isset($this->configuration[$method]);
+  }
+
+  /**
+   * {@inheritdoc}
+   */
   public function getSupportedAuthenticationProviders($method) {
     $method = $this->normaliseRestMethod($method);
-    if (isset($this->configuration[$method]) && isset($this->configuration[$method]['supported_auth'])) {
+    if ($this->isRequestMethodEnabled($method) && isset($this->configuration[$method]['supported_auth'])) {
       return $this->configuration[$method]['supported_auth'];
     }
     return [];
@@ -106,7 +114,7 @@ public function hasSupportForAuthenticationProvider($method, $auth) {
 
   public function hasSupportedAuthenticationProviders($method) {
     $method = $this->normaliseRestMethod($method);
-    return isset($this->configuration[$method])
+    return $this->isRequestMethodEnabled($method)
            && isset($this->configuration[$method]['supported_auth'])
            && !empty($this->configuration[$method]['supported_auth']);
   }
@@ -116,7 +124,7 @@ public function hasSupportedAuthenticationProviders($method) {
    */
   public function addSupportedAuthenticationProvider($method, $auth) {
     $method = $this->normaliseRestMethod($method);
-    if (!isset($this->configuration[$method])) {
+    if (!$this->isRequestMethodEnabled($method)) {
       $this->configuration[$method] = [ 'supported_auth' => [] ];
     }
     if (!isset($this->configuration[$method]['supported_auth'])){
@@ -145,7 +153,7 @@ public function removeSupportedAuthenticationProvider($method, $auth) {
    */
   public function getSupportedFormats($method) {
     $method = $this->normaliseRestMethod($method);
-    if (isset($this->configuration[$method]) && isset($this->configuration[$method]['supported_formats'])) {
+    if ($this->isRequestMethodEnabled($method) && isset($this->configuration[$method]['supported_formats'])) {
       return $this->configuration[$method]['supported_formats'];
     }
     return [];
@@ -165,7 +173,7 @@ public function supportsFormat($method, $format) {
    */
   public function hasSupportedFormats($method) {
     $method = $this->normaliseRestMethod($method);
-    return isset($this->configuration[$method])
+    return $this->isRequestMethodEnabled($method)
            && isset($this->configuration[$method]['supported_formats'])
            && !empty($this->configuration[$method]['supported_formats']);
   }
@@ -175,7 +183,7 @@ public function hasSupportedFormats($method) {
    */
   public function addSupportedFormat($method, $format) {
     $method = $this->normaliseRestMethod($method);
-    if (!isset($this->configuration[$method])) {
+    if (!$this->isRequestMethodEnabled($method)) {
       $this->configuration[$method] = [ 'supported_formats' => [] ];
     }
     if (!isset($this->configuration[$method]['supported_formats'])){
diff --git a/core/modules/rest/src/RestEndpointInterface.php b/core/modules/rest/src/RestEndpointInterface.php
index 671ed97..b594f4b 100644
--- a/core/modules/rest/src/RestEndpointInterface.php
+++ b/core/modules/rest/src/RestEndpointInterface.php
@@ -21,6 +21,14 @@ public function getResourcePluginID();
   public function getResourcePlugin();
 
   /**
+   * Denotes where a given request method is enabled for this endpoint.
+   *
+   * @param string $method The request method
+   * @return bool
+   */
+  public function isRequestMethodEnabled($method);
+
+  /**
    * Retrieves a list of supported authentication mechanisms
    *   for a specific request method.
    *
diff --git a/core/modules/rest/src/Routing/ResourceRoutes.php b/core/modules/rest/src/Routing/ResourceRoutes.php
index f32d86e..06299e9 100644
--- a/core/modules/rest/src/Routing/ResourceRoutes.php
+++ b/core/modules/rest/src/Routing/ResourceRoutes.php
@@ -74,7 +74,7 @@ protected function alterRoutes(RouteCollection $collection) {
       foreach ($plugin->routes() as $name => $route) {
         $method = $route->getRequirement('_method');
         // Only expose routes where the method is enabled in the configuration.
-        if ($method && isset($enabled_methods[$method])) {
+        if ($method && $endpoint->isRequestMethodEnabled($method)) {
           $route->setRequirement('_access_rest_csrf',  'TRUE');
 
           // Check that authentication providers are defined.
diff --git a/core/modules/rest/src/Tests/RESTTestBase.php b/core/modules/rest/src/Tests/RESTTestBase.php
index 72ca464..73d1f12 100644
--- a/core/modules/rest/src/Tests/RESTTestBase.php
+++ b/core/modules/rest/src/Tests/RESTTestBase.php
@@ -238,7 +238,7 @@ protected function entityValues($entity_type) {
    * @param array $auth
    *   (Optional) The list of valid authentication methods.
    */
-  protected function enableService($resource_type, $method = 'GET', $format = NULL, array $auth = NULL) {
+  protected function enableService($resource_type, $method = 'GET', $format = NULL, array $auth = []) {
     if ($resource_type) {
       // Enable REST API for this entity type.
       $endpoint_id = str_replace(':', '__', $resource_type);
@@ -252,7 +252,7 @@ protected function enableService($resource_type, $method = 'GET', $format = NULL
       }
       $endpoint->addSupportedFormat($method, $format);
 
-      if ($auth == NULL) {
+      if (!is_array($auth) || empty($auth)) {
         $auth = $this->defaultAuth;
       }
       foreach ($auth AS $auth_provider) {