If you don’t have a developer account already, please fill out the Request Developer Access form. Mention that you intend to develop a Canopy Connect App.

Once access is granted a representative will reach out to complete the setup process.

App Settings

We will request the following details.

Setting	Description	Type
Name	The public name of your App, shown to Canopy Connect users.	Required
Description	A short description of your App to help users understand its purpose.	Required
Marketing URI	A landing page on your site that explains your App’s features. We recommend creating a Canopy Connect-specific page highlighting how your App integrates with our service.	Required
Logo	We recommend an SVG where appropriate for your logo, but PNG and JPEG logos are also accepted. Your logo must be maskable.	Required
Redirect URIs	During the OAuth flow the user will visit the Canopy Connect Dashboard to grant access to your app. Once authenticated, you can request the user be returned to one of these URIs. Requests for other URIs will cause the OAuth flow to fail.	Required
IP Whitelist	A set of IP addresses or networks that your App’s requests will come from. Requests originating from IPs outside of this list will be rejected.	Recommended
Auth Start URI	Your App will receive a listing in the Canopy Connect App Marketplace. If provided, we will display a “Grant Access” button to send the user to the Auth Start URI. You should ensure the user is logged in to your app if necessary and then immediately start the OAuth flow.	Recommended

App Credentials

We will provide you with the following details.

Setting	Description
Client ID	Your Client ID is a UUID that uniquely identifies your App. You will need it during the OAuth flow.
Client Secret	The Client Secret is a “passphrase” which you must keep private and secure. We will only be able to provide you with your Client Secret once. It authenticates that your requests are coming from your App.

Sandbox Mode

Your App will initially be in Sandbox Mode which will mean that only users in your own Team can grant API access to your App.

Production Apps can only use the preconfigured Redirect URIs in requests and they must be using https:, however to aid with development a Sandbox Mode App can use any localhost URI (eg. &redirect_uri=http://localhost:25055/auth-result).

Sandbox Mode Apps also allow wildcards in the subdomain, for example https://*.example.com/auth-result.

Once your App is ready for production please contact us to prepare for public release.