Sandbox credentials can only be submitted on sandbox widgets/links. You can check your widget/link type by heading over to https://app.usecanopy.com/dashboard/customize and checking if the top right corner looks like the image below:
Don't have a sandbox widget/link?Head over to https://app.usecanopy.com/dashboard/customize, create a new widget by clicking "Get another link". Then send an email to [email protected] with the subject "Covert widget to sandbox" and include your newly created widget's url in the body.
Once you have found a sandbox widget/link you can submit the credentials below to test various cases:
Do you need different test cases?The sandbox credentials provided by Canopy Connect are meant to provide sample test cases that you can experiment with and write automated tests against. If you require more unique or realistic test cases, please create your own mocks of the JSON responses.
| Username | Password | Description |
|---|---|---|
| user_good | pass_good | SFA with auto and home policies. |
| user_mfa | pass_good | MFA (With options)
|
| user_optionless_mfa | pass_good | MFA (Without options)
|
| user_good_commercial | pass_good | SFA with commercial policies. |
| user_good_flood | pass_good | SFA with flood and home policies. |
| user_good_flood_only | pass_good | SFA with flood policy only (no home policy). |
| user_good_flood_expiring | pass_good | SFA with flood and home policies that expire in 15 days. |
| user_good_flood_expired | pass_good | SFA with flood and home policies that expired 15 days ago. |
| user_good_discover | pass_good | SFA with flood and home policies. When paired with Monitoring, the subsequent monitoring pull adds a Discover Bank mortgagee to the flood policy so a MONITORING_EVENTS webhook fires with a mortgagee-change event. |
| user_adams | pass_good | SFA with realistic flood and home policies. Static data that matches PDF dec pages. |
| user_locked | pass_good | Will result in NOT_AUTHENTICATED with a login_error_message set as an example locked error message. |
| user_unactivated | pass_good | Will result in NOT_AUTHENTICATED with a login_error_message set as an example unactivated error message. |
| user_good_expensive | pass_good | SFA and has dwelling coverage premiums that are 2.45x more than user_good. |
| user_good_underinsured | pass_good | SFA & has a higher home Coverage A limit. |
| user_good_home | pass_good | SFA with home policy only. |
| user_good_home_no_pd | pass_good | SFA with home policy only. No PropertyData is returned. |
| user_good_auto | pass_good | SFA with auto policy only. |
| user_good_auto_compliant | pass_good | SFA with auto policy only. Limits are set to high values and deductibles to low values. Useful for testing Policy Check compliance rules. |
| user_good_auto_noncompliant | pass_good | SFA with auto policy only. Limits are set to low values and deductibles to high values. Useful for testing Policy Check compliance rules. |
| user_good_partial_auto | pass_good | SFA with auto and home policies. The auto policy is partial and missing VehicleCoverages. |
| user_good_landlord | pass_good | SFA with landlord policy |
| user_good_no_policies | pass_good | SFA with no policies or policy-related data. Will still return profile-related data. |
| user_provider_error | <any> | Will result in PROVIDER_ERROR status which can be detected using the ERROR webhook |
| user_internal_error | <any> | Will result in INTERNAL_ERROR status which can be detected using the ERROR webhook |
| user_good_complete | pass_good | SFA with many different combinations of policies, vehicles, dwellings, coverages, and endorsements. |
| user_good_complete_mfa | pass_good | Same policy/entity mix as user_good_complete, but gated by an MFA challenge (same MFA rules as user_mfa:000000 = bad code, 000001 = login error, any other code = good). |
| user_good_complete_active | pass_good | Same as user_good_complete, but the second auto policy is ACTIVE instead of CANCELLED. |
| user_good_transportation | pass_good | SFA with commercial auto and commercial inland marine policies. |
| user_good_life | pass_good | SFA with term life and whole life policies. |
| user_good_term_life | pass_good | SFA with term life policy. |
| user_good_whole_life | pass_good | SFA with whole life policy. |
| user_good_universal_life | pass_good | SFA with universal life policy. |
| user_good_agent | pass_good | SFA modeled after an agent-portal pull (PULL_TYPES.AGENT): multi-named-insured account, unpaid billing, and richer servicing datums (policy billing accounts, payments, transactions, notices). When paired with Monitoring, the subsequent monitoring pull emits MONITORING_EVENTS diffs. |
| user_good_diffs | pass_good | SFA with auto and home policies. Data is stable across pulls (effective dates and premiums do not drift), so subsequent Monitoring pulls produce deterministic MONITORING_EVENTS diffs. |
| user_standard | pass_good | SFA with auto, home, umbrella, recreational vehicle, and flood policies. |
| user_good_rater | pass_good | SFA with auto and home policies, tuned for comparative-rating workflows: detailed per-coverage premiums and endorsements populated. |
| user_random_policy_number | pass_good | SFA with auto and home policies. Carrier policy numbers are randomized on every pull. |
| user_good_tx | pass_good | SFA with auto and home policies located in Texas (TX driver's license state and property address). Returns no claims or driving record data. |
| user_consumer_data | pass_good | SFA with auto and home policies. Includes consumer-supplied profile data alongside carrier-sourced data. |
| user_consumer_only | pass_good | SFA that returns only consumer profile data (no policies, vehicles, or dwellings). Used to demonstrate the manual-entry pull type. |
| user_servicing_verification | pass_good | SFA with auto and home policies plus a pre-verified ServicingAction. Use to demo the Servicing product without running a live verification. |
| user_bad | <any> | Forces NOT_AUTHENTICATED regardless of password. Primarily useful in the Policy Lookup flow, which has no password field; in widget flows the "ALL OTHER USERNAMES" row below already covers this. |
| ALL OTHER USERNAMES | ALL OTHER PASSWORDS | Will result in bad credentials. |

