Switch the Environment's access model

PUT

/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/{envSlug}/access-model

Authentication

Bearer Token Authorization
JWT access token

Path Parameters

Name	Required	Type	Description
`envSlug`	Required	`string`

Request body

modelenum: "flat" | "hierarchy"*

Code samples

cURL

JavaScript

Python

curl -X PUT "https://api.canopy.dev/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/value/access-model" \
  -H "Authorization: Bearer $CANOPY_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "flat"
  }'

const response = await fetch("https://api.canopy.dev/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/value/access-model", {
  method: "PUT",
  headers: {
    "Authorization": "Bearer $CANOPY_TOKEN",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    "model": "flat"
  }),
});

const data = await response.json();

import requests

response = requests.put(
    "https://api.canopy.dev/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/value/access-model",
    headers={
    "Authorization": "Bearer $CANOPY_TOKEN",
    "Content-Type": "application/json"
    },
    json={
        "model": "flat",
    },
)

data = response.json()

package main

import (
	"bytes"
	"encoding/json"
	"net/http"
)

func main() {
	payload := map[string]interface{}{
		"model": "flat",
	}
	body, _ := json.Marshal(payload)

	req, _ := http.NewRequest("PUT", "https://api.canopy.dev/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/value/access-model", bytes.NewBuffer(body))
	req.Header.Set("Authorization", "Bearer $CANOPY_TOKEN")
	req.Header.Set("Content-Type", "application/json")

	resp, _ := http.DefaultClient.Do(req)
	defer resp.Body.Close()
}

Responses

200 Access model updated. Use revert-to-flat for `hierarchy → flat` — that path runs the flatten side effects (assignments rebased, nodes deleted) and emits its own audit row.

{
  "id": "string",
  "application_id": "string",
  "name": "string",
  "slug": "string",
  "settings": {},
  "version": 0,
  "created_at": "2026-04-20T12:00:00.000Z",
  "updated_at": "2026-04-20T12:00:00.000Z"
}

application/json

idstring*
application_idstring*
namestring*
slugstring*
settingsany object*
versionnumber*
created_atstring (date-time)*
updated_atstring (date-time)*

400 Direct hierarchy → flat is rejected; call revert-to-flat instead

401 Invalid or expired token

403 This token is not authorized for this endpoint (wrong principal type — e.g., admin token on identity-only endpoint, or vice versa)

404 Environment not found in this Application

Returned object

The EnvironmentResponseDto object View all properties on this resource

On this page

GETList Environments in an Application
POSTCreate a new Environment in an Application
GETGet a single Environment by slug
PATCHRename or re-slug an Environment
DELETEDelete an Environment
GETExport an Environment's configuration as JSON
POSTReplace an Environment's configuration from a JSON payload (destructive)
GETGet the Environment's access model
GETGet hierarchy schema for the active Environment
PATCHUpdate hierarchy schema for the active Environment
POSTRevert this Environment from hierarchy to flat