Projects API CRUD endpoints for projects — the scope for API keys, decisions, and tool registrations within an organization.
Projects group tools, decisions, and API keys within an organization. Every API key is scoped to a project, and decisions are logged per-project. Creating a project automatically generates an API key for it.
Most endpoints accept both JWT and API key auth. Mutating operations (create, update, delete, regenerate key) require JWT user authentication.
List projects for an organization.
Header Required Description X-Veto-API-Key or AuthorizationYes API key or Bearer JWT
Parameter Type Required Description organizationIdstringYes (JWT auth) Organization to list projects for. API key auth auto-scopes to the key's org.
{ "data" : [ { "_id" : "proj_abc123" , "organizationId" : "org_xyz789" , "name" : "Production" , "isDefault" : true , "createdAt" : "2025-01-15T10:00:00Z" , "updatedAt" : "2025-01-20T14:30:00Z" }, { "_id" : "proj_def456" , "organizationId" : "org_xyz789" , "name" : "Staging" , "isDefault" : false , "createdAt" : "2025-01-16T09:00:00Z" , "updatedAt" : null } ] } Status Code Description 400 missing_organizationorganizationId query parameter not provided403 authorization_errorNot a member of the organization
curl "https://api.veto.so/v1/projects?organizationId=org_xyz789" \ -H "Authorization: Bearer $JWT_TOKEN " Create a new project. Requires JWT auth. Automatically creates an API key for the project. If this is the first project in the organization, it becomes the default project.
Header Required Description AuthorizationYes Bearer JWT Content-TypeYes application/json
{ "organizationId" : "org_xyz789" , "name" : "Production" } Field Type Required Description organizationIdstringYes Organization to create the project in namestringYes Project name (1-100 chars)
{ "_id" : "proj_abc123" , "organizationId" : "org_xyz789" , "name" : "Production" , "isDefault" : true , "createdAt" : "2025-01-20T14:30:00Z" , "updatedAt" : null , "apiKey" : "veto_abc123def456ghi789..." } Field Type Description _idstringProject ID organizationIdstringParent organization ID namestringProject name isDefaultbooleanWhether this is the default project createdAtstringISO 8601 creation timestamp updatedAtstring?ISO 8601 last update timestamp apiKeystringFull API key for the project (only shown once)
Status Code Description 403 authorization_errorAPI keys cannot create projects, or not a member of the org
curl -X POST https://api.veto.so/v1/projects \ -H "Authorization: Bearer $JWT_TOKEN " \ -H "Content-Type: application/json" \ -d '{ "organizationId": "org_xyz789", "name": "Staging" }' Get a single project by ID.
Header Required Description X-Veto-API-Key or AuthorizationYes API key or Bearer JWT
Parameter Type Description idstringProject ID
{ "_id" : "proj_abc123" , "organizationId" : "org_xyz789" , "name" : "Production" , "isDefault" : true , "createdAt" : "2025-01-15T10:00:00Z" , "updatedAt" : "2025-01-20T14:30:00Z" } Status Code Description 403 authorization_errorNot a member of the organization 404 not_foundProject does not exist
curl https://api.veto.so/v1/projects/proj_abc123 \ -H "Authorization: Bearer $JWT_TOKEN " Update a project. Requires JWT auth.
Header Required Description AuthorizationYes Bearer JWT Content-TypeYes application/json
Parameter Type Description idstringProject ID
{ "organizationId" : "org_xyz789" , "name" : "Production v2" } Field Type Required Description organizationIdstringYes Organization ID (for ownership verification) namestringYes New project name
{ "_id" : "proj_abc123" , "organizationId" : "org_xyz789" , "name" : "Production v2" , "isDefault" : true , "createdAt" : "2025-01-15T10:00:00Z" , "updatedAt" : "2025-01-21T09:00:00Z" } Status Code Description 400 missing_organizationorganizationId not provided in body403 authorization_errorAPI keys cannot update projects, or not a member of the org 404 not_foundProject does not exist
curl -X PUT https://api.veto.so/v1/projects/proj_abc123 \ -H "Authorization: Bearer $JWT_TOKEN " \ -H "Content-Type: application/json" \ -d '{ "organizationId": "org_xyz789", "name": "Production v2" }' Delete a project. Requires JWT auth.
Header Required Description AuthorizationYes Bearer JWT
Parameter Type Description idstringProject ID
Parameter Type Required Description organizationIdstringYes Organization ID (for ownership verification)
Status Code Description 400 missing_organizationorganizationId query parameter not provided403 authorization_errorAPI keys cannot delete projects, or not a member of the org 404 not_foundProject does not exist
curl -X DELETE "https://api.veto.so/v1/projects/proj_abc123?organizationId=org_xyz789" \ -H "Authorization: Bearer $JWT_TOKEN " Regenerate the API key for a project. Creates a new key and revokes all existing keys for the project. Requires JWT auth.
Header Required Description AuthorizationYes Bearer JWT Content-TypeYes application/json
Parameter Type Description idstringProject ID
{ "organizationId" : "org_xyz789" } Field Type Required Description organizationIdstringYes Organization ID (for ownership verification)
{ "apiKey" : "veto_newkey123def456..." } The old API keys for this project are immediately revoked. Any SDK clients using the old key will start receiving 401 errors.
Status Code Description 400 missing_organizationorganizationId not provided in body403 authorization_errorAPI keys cannot regenerate keys, or not a member of the org 404 not_foundProject does not exist
curl -X POST https://api.veto.so/v1/projects/proj_abc123/regenerate-key \ -H "Authorization: Bearer $JWT_TOKEN " \ -H "Content-Type: application/json" \ -d '{ "organizationId": "org_xyz789" }' Field Type Description _idstringProject ID organizationIdstringParent organization ID namestringProject name isDefaultbooleanWhether this is the organization's default project createdAtstringISO 8601 creation timestamp updatedAtstring?ISO 8601 last update timestamp
