The documentation lists these supported basket parameters: variety, tradingsymbol, exchange, transaction_type, order_type, quantity, product, price, trigger_price, readonly, disclosed_quantity, validity, and tag.
The market_protection parameter is not documented at all, yet it appears to be required for MARKET orders to succeed. The Kite offsite basket frontend(https://kite.zerodha.com/connect/basket?api_key=&sess_id=) does not include market_protection in the final API call to /api/connect/basket/orders/regular, regardless of what we pass in the basket JSON. This causes a 400 Bad Request.
Steps to reproduce:
Submit the basket form with MARKET order JSON: [ { "exchange": "NSE", "tradingsymbol": "SJVN", "transaction_type": "BUY", "order_type": "MARKET", "quantity": 1, "product": "CNC", "validity": "DAY", "market_protection": -1 } ]
User logs in, basket renders correctly on Kite. When placing orders, the Kite frontend constructs the POST body without the market_protection field. Orders fail with 400 Bad Request. { "status": "error", "message": "Market orders without market protection are not allowed via API. Please set market protection or use a Limit order.", "data": null, "error_type": "InputException" }
Verification: Copying the failed request as fetch from browser DevTools and adding market_protection=-1 to the body — the order succeeds. This confirms the order API expects a valid market_protection value, but the offsite basket frontend is not including it.
Request:
Could the offsite basket frontend be updated to either accept market_protection from the basket JSON or default to -1 (market default) for MARKET orders? Could the market_protection parameter be added to the basket documentation so publishers know how to handle it? This likely affects all publishers using the offsite basket flow for MARKET orders.
