Skip to main content
DELETE
/
api
/
files
/
{fileID}
Delete File
curl --request DELETE \
  --url https://api.example.com/api/files/{fileID}
{
  "message": "<string>",
  "error": "<string>"
}

Authentication

This endpoint requires Bearer token authentication. 
Authorization: Bearer YOUR_JWT_TOKEN

Request

fileID
uint
required
The unique identifier of the file to delete

Authorization

Only the file owner can delete files. Attempting to delete another user’s file will result in a 403 Forbidden error.
This operation is irreversible. The file is permanently deleted from both the database and the physical filesystem at /app/data/uploads/. Any associated access records are also deleted (cascade delete).

Deletion Process

  1. Validates user authentication and file ownership
  2. Deletes all associated access records from the accesses table
  3. Removes the file record from the database
  4. Deletes the physical file from /app/data/uploads/{username}/{filename}

Response

message
string
Success confirmation message

Error Responses

error
string
Error message describing the failure

400 Bad Request

{
  "error": "Invalid file ID"
}

401 Unauthorized

{
  "error": "User not authenticated"
}

403 Forbidden

{
  "error": "You don't have permission to delete this file"
}

404 Not Found

{
  "error": "File not found"
}

500 Internal Server Error

{
  "error": "Failed to delete file accesses"
}
Other possible 500 errors:
  • "Failed to delete file record"
  • "Failed to delete the physical file"

Examples

curl -X DELETE https://api.defdrive.com/api/files/42 \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

Success Response Example

{
  "message": "File deleted successfully"
}
After successful deletion, the file ID cannot be reused and the physical storage space is freed. Any access grants associated with the file are automatically removed before the file is deleted.

Cascade Deletion

The endpoint performs cascade deletion in the following order:
  1. Access records - All entries in the accesses table with matching file_id are deleted
  2. File record - The file entry is removed from the files table
  3. Physical file - The actual file is removed from the filesystem
If any step fails after access records are deleted, the file may be in an inconsistent state (access records deleted but file still exists).

Build docs developers (and LLMs) love

Get started for freeTalk to us