DELETE removes the target resource. Deleting an already-deleted resource leaves the same 'gone' final state, so it is idempotent.
A successful delete usually returns an empty 204 No Content. Return 200 with a body if you want to include the deletion result, or 202 Accepted for asynchronous processing.
Because of idempotency, whether a second DELETE on a missing target returns 404 or 204 is a design choice. Favor '204 even if absent' for retry-safety, or 404 for correctness. Some systems soft-delete (a flag) and purge later in a batch to avoid mistakes.
DELETE /api/users/42 HTTP/1.1
Host: api.example.com
Authorization: Bearer <token>HTTP/1.1 204 No Contentcurl -X DELETE https://api.example.com/api/users/42 \
-H 'Authorization: Bearer <token>'const res = await fetch('/api/users/42', { method: 'DELETE' });
if (res.status === 204) { /* removed */ }