> ## Documentation Index
> Fetch the complete documentation index at: https://docs.arcuserp.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Delete a package (auto-voids active label)

> Permanently deletes a package. Packed items are released back to the unfulfilled pool on
the originating order.

**Label auto-void (cascade-with-confirm policy):** if the package has one or more active
(non-voided) Shippo labels, the backend automatically voids each label via the carrier
API and requests a refund before deleting the package. Callers do not need to void the
label first. The activity log records the void with `reason: package_deleted`.

**Hard block:** fulfilled packages (`fulfillment_status = fulfilled`) cannot be deleted.
Returns 422 `cannot_delete_fulfilled_package`. Use the Unpack endpoint first
(`POST /orders/:id/unpack`) to reopen a fulfilled order for editing.

Requires `fulfillment:write` scope.




## OpenAPI

````yaml /openapi.yaml delete /packages/{id}
openapi: 3.1.0
info:
  title: Arcus ERP Public API
  version: 1.0.0
  description: >
    Arcus ERP public REST API. Designed for external integrations and data
    migration.


    **Authentication.** Bearer token (API key) via the `Authorization` header.

    Format: `Authorization: Bearer ark_live_ent_<code>_<random>` (or
    `ark_test_*` for sandbox).

    API keys are issued per-entity in **Settings > Developers > API Keys**.


    **Entity scoping.** The entity is encoded in the API key prefix; routes are
    flat

    (e.g. `/v1/accounts`, `/v1/orders`, `/v1/products`). A small set of platform
    endpoints

    (migration, reconciliation, events, webhook endpoints, API keys) use the

    `/v1/entities/{entity_id}/...` form -- those are noted in their tags.


    **Key capabilities.**
      - Related-resource hydration via `?expand[]=` (see `x-arcus-expand` on each resource).
      - Cursor-based pagination (`starting_after` / `ending_before` / `limit`).
      - Idempotency via the `Idempotency-Key` header.
      - Webhook events for asynchronous notification.
      - Conditional requests / ETag for cache validation.
servers:
  - url: https://api.arcuserp.com/v1
    description: Arcus ERP API (accepts both live `ark_live_*` and test `ark_test_*` keys)
  - url: https://dev-api.arcuserp.com/v1
    description: >-
      Dev sandbox API (test-only data, accepts `ark_test_*` keys against dev
      RDS)
security: []
paths:
  /packages/{id}:
    parameters:
      - name: id
        in: path
        required: true
        schema:
          type: string
          format: uuid
    delete:
      tags:
        - Fulfillment
      summary: Delete a package (auto-voids active label)
      description: >
        Permanently deletes a package. Packed items are released back to the
        unfulfilled pool on

        the originating order.


        **Label auto-void (cascade-with-confirm policy):** if the package has
        one or more active

        (non-voided) Shippo labels, the backend automatically voids each label
        via the carrier

        API and requests a refund before deleting the package. Callers do not
        need to void the

        label first. The activity log records the void with `reason:
        package_deleted`.


        **Hard block:** fulfilled packages (`fulfillment_status = fulfilled`)
        cannot be deleted.

        Returns 422 `cannot_delete_fulfilled_package`. Use the Unpack endpoint
        first

        (`POST /orders/:id/unpack`) to reopen a fulfilled order for editing.


        Requires `fulfillment:write` scope.
      operationId: deletePackage
      responses:
        '200':
          description: |
            Package deleted. Response body summarizes the cascade: deletion
            confirmation, the order's re-derived fulfillment_status after the
            package was removed, and any per-label void errors from Shippo
            (null when all label voids succeeded or no labels existed).
          content:
            application/json:
              schema:
                type: object
                properties:
                  data:
                    type: object
                    required:
                      - deleted
                    properties:
                      deleted:
                        type: boolean
                        description: Always true on a successful 200 response.
                        example: true
                      new_fulfillment_status:
                        type: string
                        description: |
                          The order's re-derived `fulfillment_status` after the
                          package was deleted. Reflects the cascaded recompute
                          that runs once the package is gone (e.g. if the
                          deleted package was the only fulfilled one, the order
                          drops back to `unfulfilled` or `partially_fulfilled`).
                        enum:
                          - unfulfilled
                          - partially_fulfilled
                          - fulfilled
                        example: unfulfilled
                      label_void_errors:
                        type: array
                        nullable: true
                        description: |
                          Per-label void failures from Shippo. `null` when all
                          active labels voided cleanly OR the package had no
                          active labels. When non-null, each entry describes a
                          label whose void request failed (carrier-side or
                          network) so the operator can retry or refund manually.
                        items:
                          type: object
                          properties:
                            label_id:
                              type: string
                              format: uuid
                              description: >-
                                The internal package_shipment_labels.id whose
                                Shippo void attempt failed.
                            error:
                              type: string
                              description: >-
                                Operator-safe error string from the void attempt
                                (already sanitized).
        '400':
          $ref: '#/components/responses/Error'
        '401':
          $ref: '#/components/responses/Error'
        '403':
          $ref: '#/components/responses/Error'
        '404':
          $ref: '#/components/responses/Error'
        '422':
          $ref: '#/components/responses/Error'
      security:
        - ApiKeyAuth: []
components:
  responses:
    Error:
      description: Error response (400/401/403/404/409/422/429/500)
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorEnvelope'
  schemas:
    ErrorEnvelope:
      type: object
      description: |
        Canonical error response envelope. All API errors use this shape.
      required:
        - error
        - code
      properties:
        error:
          type: string
          description: Machine-readable error key
          example: not_found
        code:
          type: string
          description: Machine-readable error code (often same as error)
          example: not_found
        type:
          type: string
          enum:
            - validation_error
            - permission_error
            - not_found
            - conflict
            - rate_limit
            - internal
            - expand_error
            - not_implemented
          example: not_found
        hint:
          type: string
          description: Human-readable one-sentence explanation (English)
          example: >-
            The requested order does not exist or does not belong to this
            entity.
        param:
          type: string
          description: The parameter that caused the error, if applicable
          example: expand[0]
        required:
          type: string
          description: The scope required (only on insufficient_scope errors)
          example: accounts:read
        request_id:
          type: string
          description: >-
            Unique request ID for support tracing (maps to CloudWatch log
            stream)
          example: req_abc123
  securitySchemes:
    ApiKeyAuth:
      type: http
      scheme: bearer
      description: |
        API key issued per entity via Settings > Developers > API Keys.
        Each key carries scopes (e.g. orders:read, products:write).
        Bearer token format: Authorization: Bearer ark_live_ent_<code>_<random>
        Test keys use ark_test_ent_<code>_<random>. Both are issued per entity
        via Settings > Developers > API Keys.

````