> ## Documentation Index
> Fetch the complete documentation index at: https://docs.px0.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Grant Project Access

> Grants another team access to the project's prompts. The requester must
be an admin of the owning team or an admin of its organization. The
grantee team must belong to the same organization as the owning team.
An org-less owning team cannot share its projects.




## OpenAPI

````yaml /openapi.yaml post /v1/projects/{projectID}/access
openapi: 3.1.0
info:
  title: px0 API
  description: >
    px[0] is an open-source prompt infrastructure toolkit for managing prompts
    in production. It replaces hardcoded prompt strings with versioned
    templates, in-process caching, and OpenTelemetry observability, so teams can
    iterate on prompts without touching application code. This is the OpenAPI
    specification for all the public APIs of px0.
  version: 1.0.0
servers:
  - url: http://localhost:3000
    description: Local development server
security: []
paths:
  /v1/projects/{projectID}/access:
    post:
      tags:
        - Projects
      summary: Grant Project Access
      description: |
        Grants another team access to the project's prompts. The requester must
        be an admin of the owning team or an admin of its organization. The
        grantee team must belong to the same organization as the owning team.
        An org-less owning team cannot share its projects.
      operationId: grantProjectAccess
      parameters:
        - name: projectID
          in: path
          required: true
          description: The ID of the project.
          schema:
            type: string
            format: uuid
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/GrantProjectAccessRequest'
      responses:
        '201':
          description: Access granted
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ProjectAccessResponse'
        '400':
          description: >-
            Invalid request (invalid body/team_id, or grantee is the owning
            team)
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/APIError'
        '401':
          description: Unauthorized
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/APIError'
        '403':
          description: Forbidden (non-admin, org-less owner, or grantee outside org)
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/APIError'
        '404':
          description: Project or grantee team not found
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/APIError'
        '500':
          description: Internal Server Error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/APIError'
      security:
        - BearerAuth: []
components:
  schemas:
    GrantProjectAccessRequest:
      type: object
      required:
        - team_id
      properties:
        team_id:
          type: string
          format: uuid
          description: >-
            The team to grant access to. Must be in the owning team's
            organization.
    ProjectAccessResponse:
      type: object
      required:
        - access
      properties:
        access:
          $ref: '#/components/schemas/ProjectAccess'
    APIError:
      type: object
      properties:
        error:
          type: string
          example: invalid credentials
      required:
        - error
    ProjectAccess:
      type: object
      required:
        - project_id
        - team_id
      properties:
        project_id:
          type: string
          format: uuid
        team_id:
          type: string
          format: uuid
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      description: >-
        Use an access token retrieved from login (Bearer sess_...) or a
        programmatic API key (Bearer ak_...).

````