Retrieve a project

Fetch a single project’s details by ID.

Use this endpoint when:

• a user selects a project from the project list and you need full details

• you want to confirm project configuration (webhook URL, redirect URL, has_paid, etc.)

• you want to validate access to a project when using a scoped API key

Endpoint

GET /project/{project}

Full URL:

https://api.devpayr.dev/api/v1/project/{project}

Authentication

✅ Required: API Key Send your API key using:

X-API-KEY: <your_api_key>

---

Path Parameters

Parameter	Type	Required	Description
project	integer	Yes	The ID of the project to retrieve.

Access Rules

DevPayr enforces access based on the API key scope:

If the API key is project-scoped

• You can only retrieve the project the key is scoped to.

• Trying to fetch any other project is blocked.

Failure (403)

{ "message": "This API key is not authorized to access this project." }

If the API key is global

• You can retrieve any project that belongs to the API key’s owner.

• Trying to access another user’s project is blocked.

Failure (403)

{ "message": "You do not have access to this project." }

Example Request

curl -X GET "https://api.devpayr.dev/api/v1/project/2" \
  -H "Accept: application/json" \
  -H "X-API-KEY: YOUR_API_KEY"

Response

Success (200)

DevPayr returns a standard response envelope:

• status → success indicator

• message → usually "Success"

• data → the project object

• errors → null on success

Example Response

{
  "status": "success",
  "message": "Success",
  "data": {
    "id": 2,
    "name": "Devpayr",
    "slug": "devpayr",
    "description": null,
    "default_redirect_url": null,
    "logo_url": "https://cdn.devpayr.com/uploads/DevPayr-1764356356779412.jpeg",
    "webhook_url": "https://webhook.site/75dba1cc-a749-480d-8462-4cdd8be3fa96",
    "meta": [],
    "is_active": true,
    "has_paid": false,
    "locked_at": null,
    "created_at": "2025-11-22T03:37:22.000000Z",
    "updated_at": "2025-12-03T16:30:12.000000Z"
  },
  "errors": null
}

Project Object

Field	Type	Description
id	integer	Project ID
name	string	Project name
slug	string	URL-friendly identifier
description	string | null	Optional description
default_redirect_url	string | null	Optional redirect destination (used by SDK when blocked/expired)
logo_url	string | null	Optional project logo
webhook_url	string | null	Optional webhook destination
meta	object/array	Metadata payload (freeform)
is_active	boolean	Whether the project is active
has_paid	boolean	Payment enforcement flag
locked_at	string | null	If present, project is locked
created_at	string	ISO timestamp
updated_at	string	ISO timestamp

Some internal fields are intentionally hidden (such as user_id, license_key_id, and deleted_at).

Caching Behavior

This endpoint caches the response per API key + project.

• Cache TTL: 15 minutes

• Cache key is derived from:

  • API key ID

  • project ID

  • request query parameters (if any)

This improves dashboard performance for repeated reads.

Errors

Missing API Key (401)

{ "message": "Missing required X-API-KEY header." }

Invalid / Expired API Key (403)

{ "message": "Invalid or expired API key." }

Access Denied (403)

Project-scoped mismatch:

{ "message": "This API key is not authorized to access this project." }

Global key but not owner:

{ "message": "You do not have access to this project." }

Project Not Found (404)

{ "message": "Resource not found." }

Rate Limited (429)

{ "message": "Rate limit exceeded (X requests/min). Please slow down." }