The 404 response could also indicate a permissions problem?Why not choose 401 here?

Hi,when I am using API to get single project, whether its PAT is right or not, it yields the same result... { "message": "404 Project Not Found" }

Maybe it's counter-intuitive? [Why not like this: When the PAT is invalid, it returns 401; if PAT valid but project not existed, it returns 404(resource not found).]

Here what's the product's thinking? Could you let me know this?