> ## Documentation Index > Fetch the complete documentation index at: https://docs.trulayer.ai/llms.txt > Use this file to discover all available pages before exploring further. # List projects for the authenticated tenant > Reachable via **Clerk session auth** (dashboard) and via **API key auth** carrying the `query` scope (MCP server, SDK clients). Only returns projects that belong to the caller's tenant — tenant isolation is enforced server-side. When `cursor` or `limit` is supplied the response is a single keyset-paginated page with `next_cursor` and `has_more`. When neither is supplied the response is the full list with no pagination fields, preserving the dashboard contract. ## OpenAPI ````yaml /api-reference/openapi.yaml get /v1/projects openapi: 3.1.0 info: title: TruLayer API version: 0.1.0 description: | Trace ingestion, evaluation, query, and feedback API for TruLayer AI. ### Authentication Two auth schemes coexist: SDK API keys (`Authorization: Bearer tl_...`) and Clerk session JWTs (dashboard). Routes marked "requires Clerk auth" in their summary are unreachable via API key. ### Roles (TRU-234) Dashboard requests carry one of three organization roles: `owner`, `member`, `viewer`. Endpoints enforce role allowlists, not rank comparisons. See `docs/security.md` for the full role-permission matrix. - **owner** — full control including billing, member management, destructive deletes on failure-rules/model-routes/webhooks/eval-rules, control-loop execution, and DLQ resolution. - **member** — read + write (ingest, feedback, evals, API keys, projects, failure-rules, model-routes, webhooks). - **viewer** — read-only dashboard access plus compliance read access to `/v1/audit-log` and `/v1/dlq`. servers: - url: https://api.trulayer.ai description: Production - url: http://localhost:8080 description: Local development security: - BearerAuth: [] tags: - name: health - name: ingest - name: traces - name: metrics - name: feedback - name: evals - name: eval-rules - name: control - name: apikeys - name: model-routes - name: datasets - name: search - name: anomaly - name: webhooks - name: failure-rules - name: eval-runs - name: ci - name: otlp - name: billing - name: deprecations - name: audit - name: failures - name: projects - name: compliance - name: dsr - name: policies - name: members paths: /v1/projects: get: tags: - projects summary: List projects for the authenticated tenant description: | Reachable via **Clerk session auth** (dashboard) and via **API key auth** carrying the `query` scope (MCP server, SDK clients). Only returns projects that belong to the caller's tenant — tenant isolation is enforced server-side. When `cursor` or `limit` is supplied the response is a single keyset-paginated page with `next_cursor` and `has_more`. When neither is supplied the response is the full list with no pagination fields, preserving the dashboard contract. operationId: listProjects parameters: - name: include_archived in: query schema: type: boolean default: false - name: cursor in: query description: Opaque cursor from a prior `next_cursor`. Omit for the first page. schema: type: string - name: limit in: query schema: type: integer default: 50 minimum: 1 maximum: 200 responses: '200': description: Project list content: application/json: schema: $ref: '#/components/schemas/ProjectListResponse' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/Forbidden' components: schemas: ProjectListResponse: type: object required: - projects properties: projects: type: array items: $ref: '#/components/schemas/Project' next_cursor: type: string nullable: true has_more: type: boolean Project: type: object required: - id - organization_id - name - slug - created_at - updated_at properties: id: type: string format: uuid organization_id: type: string format: uuid name: type: string slug: type: string archived_at: type: string format: date-time nullable: true retention_days_override: type: integer nullable: true minimum: 1 description: | Per-project retention override (TRU-170). When `null`, retention follows the plan default; when set, must be between 1 and the plan's RetentionDays cap (unbounded on Enterprise). created_at: type: string format: date-time updated_at: type: string format: date-time ErrorResponse: type: object required: - error properties: error: type: string responses: BadRequest: description: Bad request content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' Unauthorized: description: Missing or invalid credentials content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' Forbidden: description: Insufficient role content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' securitySchemes: BearerAuth: type: http scheme: bearer description: SDK API key (`tl_...`) or Clerk session JWT ````