Hello,
I’m new and I was testing some requests with Postman and I find that I can cancel orders with “Cancel all Open Orders on a Symbol (TRADE)” when I only have the “Enable Reading” Api restriction enabled.
I double checked the restriction and I’ve also tried with different api keys and the same happens.
I also tried to create new orders and I can’t, due to permissions, obviously. But I still can cancel orders. I thought the Enable Reading restriction will only allow to read, not to cancel orders.
Is there any way to prevent orders being cancelled?
Thank you.
Thanks for the feedback, will share with team. For now I think you have to remove the key completely to prevent calling this endpoint.