Replace an Environment's configuration from a JSON payload (destructive)

POST

/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/{envSlug}/import

Authentication

Bearer Token Authorization
JWT access token

Path Parameters

Name	Required	Type	Description
`envSlug`	Required	`string`

Request body

format_versionnumber*
source_envany object*
access_modelenum: "flat" | "hierarchy"*
hierarchy_schemaany object*
permissionsany[]*
rolesany[]*
nodesany[]*
oauth_clientsany[]*
webhooksany[]*
metadataany object

Code samples

cURL

JavaScript

Python

curl -X POST "https://api.canopy.dev/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/value/import" \
  -H "Authorization: Bearer $CANOPY_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "format_version": 1,
    "source_env": {},
    "access_model": "flat",
    "hierarchy_schema": {},
    "permissions": [
      null
    ],
    "roles": [
      null
    ],
    "nodes": [
      null
    ],
    "oauth_clients": [
      null
    ],
    "webhooks": [
      null
    ],
    "metadata": {}
  }'

const response = await fetch("https://api.canopy.dev/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/value/import", {
  method: "POST",
  headers: {
    "Authorization": "Bearer $CANOPY_TOKEN",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    "format_version": 1,
    "source_env": {},
    "access_model": "flat",
    "hierarchy_schema": {},
    "permissions": [
      null
    ],
    "roles": [
      null
    ],
    "nodes": [
      null
    ],
    "oauth_clients": [
      null
    ],
    "webhooks": [
      null
    ],
    "metadata": {}
  }),
});

const data = await response.json();

import requests

response = requests.post(
    "https://api.canopy.dev/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/value/import",
    headers={
    "Authorization": "Bearer $CANOPY_TOKEN",
    "Content-Type": "application/json"
    },
    json={
        "format_version": 1,
        "source_env": {},
        "access_model": "flat",
        "hierarchy_schema": {},
        "permissions": [
            None,
        ],
        "roles": [
            None,
        ],
        "nodes": [
            None,
        ],
        "oauth_clients": [
            None,
        ],
        "webhooks": [
            None,
        ],
        "metadata": {},
    },
)

data = response.json()

package main

import (
	"bytes"
	"encoding/json"
	"net/http"
)

func main() {
	payload := map[string]interface{}{
		"format_version": 1,
		"source_env": map[string]interface{}{},
		"access_model": "flat",
		"hierarchy_schema": map[string]interface{}{},
		"permissions": []interface{}{
			nil,
		},
		"roles": []interface{}{
			nil,
		},
		"nodes": []interface{}{
			nil,
		},
		"oauth_clients": []interface{}{
			nil,
		},
		"webhooks": []interface{}{
			nil,
		},
		"metadata": map[string]interface{}{},
	}
	body, _ := json.Marshal(payload)

	req, _ := http.NewRequest("POST", "https://api.canopy.dev/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/value/import", bytes.NewBuffer(body))
	req.Header.Set("Authorization", "Bearer $CANOPY_TOKEN")
	req.Header.Set("Content-Type", "application/json")

	resp, _ := http.DefaultClient.Do(req)
	defer resp.Body.Close()
}

Responses

200 Existing roles/permissions/nodes/OAuth clients/webhook subscriptions in the target env are deleted before the payload is applied. Operational state (identities, AppMemberships, assignments) survives or cascade-deletes via FK rules.

{
  "environment": {
    "id": "string",
    "application_id": "string",
    "name": "string",
    "slug": "string",
    "settings": {},
    "version": 0,
    "created_at": "2026-04-20T12:00:00.000Z",
    "updated_at": "2026-04-20T12:00:00.000Z"
  },
  "oauth_client_rotations": [
    {
      "source_client_id": "string",
      "client_id": "string",
      "client_secret": "string"
    }
  ],
  "webhook_subscription_rotations": [
    {
      "id": "string",
      "url": "string",
      "secret": "string"
    }
  ]
}

application/json

environmentEnvironmentResponseDto*
oauth_client_rotationsOAuthClientRotationResponseDto[]*
webhook_subscription_rotationsWebhookSubscriptionRotationResponseDto[]*

400 Payload `format_version` is not supported by this server

401 Invalid or expired token

403 This token is not authorized for this endpoint (wrong principal type — e.g., admin token on identity-only endpoint, or vice versa)

404 Environment not found in this Application

Returned object

The EnvironmentCloneResponseDto object View all properties on this resource

On this page

GETList Environments in an Application
POSTCreate a new Environment in an Application
GETGet a single Environment by slug
PATCHRename or re-slug an Environment
DELETEDelete an Environment
GETExport an Environment's configuration as JSON
GETGet the Environment's access model
PUTSwitch the Environment's access model
GETGet hierarchy schema for the active Environment
PATCHUpdate hierarchy schema for the active Environment
POSTRevert this Environment from hierarchy to flat