> ## Documentation Index
> Fetch the complete documentation index at: https://docs.limitless.exchange/llms.txt
> Use this file to discover all available pages before exploring further.

# Cancel Order (Combined)

> Cancel one open order by either internal orderId or client-provided clientOrderId.

Cancel one order by either the internal `orderId` or the `clientOrderId` supplied when creating the order.

Provide exactly one identifier. Requests with both identifiers or neither identifier return `400 Bad Request`.

<Info>
  `DELETE /orders/{orderId}` remains supported for existing integrations that cancel only by internal order ID.
</Info>

## Authentication

Cancelling is **not** EIP-712 signed. Unlike placing an order, you do not include a `signature` in the request. Cancellation is an off-chain operation that removes the resting order from the book, so it applies to any order type (GTC, FAK) regardless of how it was signed.

* **Scope:** the `trading` scope covers both placing and cancelling. No extra scope is needed to cancel your own orders.
* **Auth:** HMAC (`apiToken`), Privy, or session, same as placing.

### Cancelling a sub-account's orders (partner flow)

If you placed an order with `onBehalfOf` (so it is owned by a managed sub-account, not your partner profile), cancel it through your partner token with the `onBehalfOf` query parameter:

```
POST /orders/cancel?onBehalfOf=<subProfileId>
```

This on-behalf-of path additionally requires the **`delegated_signing`** scope on your partner token. The scope is reused as the authorization gate for acting on a sub-account; it does **not** mean the order must be server-signed, and it works for EOA sub-accounts that signed their own orders. See [Delegated Signing](/developers/authentication).

<Warning>
  The HMAC signature must be computed over the **full path including the query string**, so sign `/orders/cancel?onBehalfOf=42`, not `/orders/cancel`. See [Authentication](/developers/authentication).
</Warning>


## OpenAPI

````yaml POST /orders/cancel
openapi: 3.0.0
info:
  title: Limitless Exchange API
  description: >-
    Production-ready REST API for prediction market trading, portfolio
    management, and market data on Limitless Exchange (Base L2).
  version: '1.0'
  contact:
    name: API Support
    url: https://limitless.exchange
    email: help@limitless.network
servers:
  - url: https://api.limitless.exchange
    description: Production API
security: []
tags:
  - name: Authentication
    description: User authentication and session management
  - name: Markets
    description: Browse, search, and analyze prediction markets
  - name: Market Navigation
    description: Navigation tree, market pages, and property filters
  - name: Trading
    description: Create, manage, and cancel orders
  - name: Portfolio
    description: Position tracking, trade history, and performance
  - name: API Tokens
    description: Scoped API token management for partner integrations
  - name: Partner Accounts
    description: Sub-account creation and allowance recovery for partner integrations
  - name: System
    description: Public API state and availability information
paths:
  /orders/cancel:
    post:
      tags:
        - Trading
      summary: Cancel Order (Combined)
      description: >-
        Cancel one open order by either internal orderId or client-provided
        clientOrderId.
      operationId: OrderController_cancelOrderCombined
      parameters: []
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CancelOrderCombinedDto'
      responses:
        '200':
          description: Order successfully cancelled
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CancelOrderResponseDto'
        '400':
          description: Invalid identifier input or order cannot be cancelled
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponseDto'
        '401':
          description: User not authenticated or not the order owner
        '404':
          description: Order not found
        '500':
          description: Server error during cancellation
      security:
        - HmacAuth: []
components:
  schemas:
    CancelOrderCombinedDto:
      type: object
      properties:
        orderId:
          type: string
          format: uuid
          description: Internal order ID. Provide exactly one of orderId or clientOrderId.
          example: 6f52b6d2-6c9e-4a5c-8a4f-28ab4b7ff203
        clientOrderId:
          type: string
          maxLength: 128
          description: >-
            Client-provided order ID from order creation. Provide exactly one of
            orderId or clientOrderId.
          example: partner-order-001
      oneOf:
        - required:
            - orderId
        - required:
            - clientOrderId
    CancelOrderResponseDto:
      type: object
      properties:
        message:
          type: string
          description: Confirmation message for the cancelled order
          example: Order canceled successfully
      required:
        - message
    ErrorResponseDto:
      type: object
      properties:
        message:
          type: string
          description: Error message
          example: Invalid order data
      required:
        - message
  securitySchemes:
    HmacAuth:
      type: apiKey
      in: header
      name: lmts-api-key
      description: >-
        Scoped API token with HMAC-SHA256 signing. Requires three headers:
        lmts-api-key (token ID), lmts-timestamp (ISO-8601), lmts-signature
        (Base64-encoded HMAC). See Authentication docs for details.

````