Skip to main content
GET https://api.craftkit.dev/v1/projects/{id}
Fetch a single project by id, scoped to the authenticated account.

Authorization

Authorization
string
required
Bearer ck_acct_… — must own the project.

Path

id
string
required
The project id (UUID).

Response

200:
id
string
slug
string
name
string
createdAt
string
updatedAt
string

Errors

StatuscodeMeaning
401unauthorizedMissing/invalid account key.
404not_foundNo such project owned by this account. Returned identically whether the id belongs to another account or does not exist at all — the response never discloses which.
cURL
curl https://api.craftkit.dev/v1/projects/3f9b6c2e-1a2b-4c3d-9e8f-7a6b5c4d3e2f \
  -H "Authorization: Bearer $CRAFTKIT_ACCOUNT_KEY"
200
{
  "id": "3f9b6c2e-1a2b-4c3d-9e8f-7a6b5c4d3e2f",
  "slug": "acme-corp",
  "name": "Acme Corp",
  "createdAt": "2026-06-01T09:00:00.000Z",
  "updatedAt": "2026-06-01T09:00:00.000Z"
}
Every /v1/projects/{id} call resolves ownership the same way: project.userId must equal the authenticated account, and the project must not be soft-deleted. An id belonging to a different account is indistinguishable from a nonexistent one — always 404, never 403 or leaked data.