Launch offer: 50% off.Paid plans only.See pricing
Skip to content
Lamba
Open menu
Get started

Documentation

Concepts

Request Scoping

How X-Tenant-Id and X-Project-Id control access boundaries.

Why request scoping exists

Lamba is tenant-first. API calls must carry explicit context so access checks, audit trails, and rate/plan enforcement remain deterministic.

Required headers

X-Tenant-Id: <tenant-guid>
X-Project-Id: <project-guid>

Add Authorization: Bearer <access-token> for protected routes.

Scoping rules

  • Tenant-scoped endpoints require X-Tenant-Id.
  • Project-scoped endpoints require both X-Tenant-Id and X-Project-Id.
  • Auth flows may accept both or neither, depending on endpoint.

Failure modes

  • Missing tenant/project context can return 403 or validation errors.
  • Mismatched membership context returns authorization denial.

Best practices

  • Resolve tenant/project once per request pipeline and inject centrally.
  • Add X-Correlation-Id for traceability.
  • Never infer tenant from client input without membership validation.

Related docs

  • Tenant model: /docs/concepts/tenant-project
  • API contract: /docs/reference/api-overview
  • Error handling: /docs/reference/errors