DELETE/api/v1/assets/{id}

Delete asset

Hard-deletes an asset for the authenticated tenant. AssetService.delete first loads the asset by asset_id and context.tenant, deletes asset-type-specific extension data, deletes tenant_external_entity_mappings for the asset, deletes the assets row, and publishes ASSET_DELETED. The method overrides the BaseService softDelete configuration and does not explicitly clean every related table handled by the server-action delete path. Missing assets throw a generic Error and currently surface as 500 via handleApiError rather than 404. The controller also constructs a JSON response with status 204, which can throw in NextResponse. In the current route wiring, req.context may be absent because no route-level API-key auth wrapper sets it, causing a 500 before deletion.

RBAC · asset

Path parameters

idstring <uuid>Required

Asset UUID from assets.asset_id.

Response codes

204

Asset deleted successfully. Intended response has no body.

401

x-api-key is missing at middleware.

403

Authenticated request context lacks permission to delete assets when auth wiring is present.

404

Intended not-found response for missing assets; the current service throws a generic Error that may surface as 500.

500

Unexpected error, including missing req.context, generic Asset not found errors, or the current 204 JSON response construction issue.

DELETE /api/v1/assets/{id}

cURL

curl -X DELETE "https://algapsa.com/api/v1/assets/{id}" \
  -H "X-API-Key: $ALGA_API_KEY"

TypeScript

const response = await fetch("https://algapsa.com/api/v1/assets/{id}", {
  method: "DELETE",
  headers: {
    "X-API-Key": "$ALGA_API_KEY",
  }
});
const data = await response.json();

using var client = new HttpClient();
using var request = new HttpRequestMessage(HttpMethod.Delete, "https://algapsa.com/api/v1/assets/{id}");
request.Headers.TryAddWithoutValidation("X-API-Key", "$ALGA_API_KEY");
var response = await client.SendAsync(request);
var body = await response.Content.ReadAsStringAsync();