Document X-Kernel-Project-Id resolution rules on the Projects page

[IlyaasK]

What

Updates info/projects.mdx with the precise resolution rules for the X-Kernel-Project-Id header.

Changes

1. Corrects the unscoped-request claim. The page said requests without the header "operate org-wide"; they actually act on the organization's default project (reads and writes both). This is the same stale "org-wide" framing kernel/kernel#2386 fixes in the OpenAPI descriptions.
2. Adds a "Resolution rules" subsection:
   • Unknown or archived project → 404 with {"code":"project_not_found"}
   • Naming the default project ≡ omitting the header
   • Project-scoped key + mismatched header → 403 (cross-links the existing API keys section)
3. Notes the header accepts a project ID or name (names already documented as the mechanism behind the CLI's --project flag further down the page).

Every rule here was verified live against a running build of kernel/kernel#2387 (before/after comparison on a dev org).

Merge timing

⚠️ Hold until kernel/kernel#2387 is deployed: the coded project_not_found body and the default-project normalization land there. Today's API returns a plain-text 404 and treats an explicit default header as a strict filter.

🤖 Generated with Claude Code

---

Note

Low Risk
Documentation-only change to projects.mdx; no runtime or API code in this repo.

Overview
Updates info/projects.mdx so X-Kernel-Project-Id behavior matches the API (aligned with kernel/kernel#2387).

Scoping without the header is no longer described as “org-wide”; unscoped requests (and org-wide keys without a header) are documented as acting on the organization’s default project for reads and writes.

Adds a Resolution rules subsection: invalid or archived projects → 404 with project_not_found; naming the default project is equivalent to omitting the header; project-scoped keys that disagree with the header → 403 (with a link to the API keys section). The intro also states the header accepts a project ID or name.

^{Reviewed by Cursor Bugbot for commit c45abdb. Bugbot is set up for automated code reviews on this repo. Configure here.}

[firetiger-agent]

Firetiger deploy monitoring skipped

This PR didn't match the auto-monitor filter configured on your GitHub connection:

PRs in the kernel, infra, hypeman, and hypeship repos. kernel is a ~mono repo with many logical services underneath, ensure to focus on the implicated service for the PR

Reason: This PR only updates documentation (info/projects.mdx) with no code changes to the kernel service itself, so it doesn't require deploy monitoring.

To monitor this PR anyway, reply with @firetiger monitor this.

[cursor]

Risk assessment: Very Low

Evidence from the diff: this PR modifies only info/projects.mdx, with a small documentation-only update describing X-Kernel-Project-Id resolution behavior. It doesn't change code, generated API specs, navigation config, infrastructure, auth/permission logic, or executable behavior. No CODEOWNERS file was present in the workspace, and there were no existing approvals when checked.

Approved based on the limited blast radius and docs-only surface.

  

_{Sent by Cursor Automation: Assign PR reviewers}

[mintlify]

Preview deployment for your docs. Learn more about Mintlify Previews.

Project	Status	Preview	Updated (UTC)
Kernel	🟢 Ready	View Preview	Jun 11, 2026, 7:26 PM

💡 Tip: Enable Workflows to automatically generate PRs for you.