Create a hierarchy node

POST

/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/{envSlug}/nodes

Authentication

Bearer Token Authorization
JWT access token

Request body

parent_node_idstring
Parent node ID (null for root)
node_typestring*
Node type (org-defined, e.g. 'department', 'team')
namestring*
Display name for the node
slugstring
URL-friendly slug (auto-generated if omitted)
metadataany object
Arbitrary metadata

Code samples

cURL

JavaScript

Python

curl -X POST "https://api.canopy.dev/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/{envSlug}/nodes" \
  -H "Authorization: Bearer $CANOPY_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "parent_node_id": "string",
    "node_type": "string",
    "name": "string",
    "slug": "string",
    "metadata": {}
  }'

const response = await fetch("https://api.canopy.dev/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/{envSlug}/nodes", {
  method: "POST",
  headers: {
    "Authorization": "Bearer $CANOPY_TOKEN",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    "parent_node_id": "string",
    "node_type": "string",
    "name": "string",
    "slug": "string",
    "metadata": {}
  }),
});

const data = await response.json();

import requests

response = requests.post(
    "https://api.canopy.dev/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/{envSlug}/nodes",
    headers={
    "Authorization": "Bearer $CANOPY_TOKEN",
    "Content-Type": "application/json"
    },
    json={
        "parent_node_id": "string",
        "node_type": "string",
        "name": "string",
        "slug": "string",
        "metadata": {},
    },
)

data = response.json()

package main

import (
	"bytes"
	"encoding/json"
	"net/http"
)

func main() {
	payload := map[string]interface{}{
		"parent_node_id": "string",
		"node_type": "string",
		"name": "string",
		"slug": "string",
		"metadata": map[string]interface{}{},
	}
	body, _ := json.Marshal(payload)

	req, _ := http.NewRequest("POST", "https://api.canopy.dev/portal/v1/accounts/{accountSlug}/applications/{appSlug}/environments/{envSlug}/nodes", bytes.NewBuffer(body))
	req.Header.Set("Authorization", "Bearer $CANOPY_TOKEN")
	req.Header.Set("Content-Type", "application/json")

	resp, _ := http.DefaultClient.Do(req)
	defer resp.Body.Close()
}

Responses

201 Node created successfully

{
  "id": "string",
  "application_id": "string",
  "parent_node_id": "string",
  "node_type": "string",
  "name": "string",
  "slug": "string",
  "status": "string",
  "metadata": {},
  "created_at": "2026-04-20T12:00:00.000Z",
  "updated_at": "2026-04-20T12:00:00.000Z",
  "version": 0
}

application/json

idstring*
application_idstring*
parent_node_idstring
node_typestring*
namestring*
slugstring*
statusstring*
metadataany object*
created_atstring (date-time)*
updated_atstring (date-time)*
versionnumber*
Optimistic-lock version. Send back as the `If-Match` header when updating, moving, or deleting to detect concurrent edits.

400 Invalid parent-child relationship

401 Invalid or expired token

403 This token is not authorized for this endpoint (wrong principal type — e.g., admin token on identity-only endpoint, or vice versa)

409 Root node already exists

Returned object

The NodeResponseDto object View all properties on this resource

On this page

GETList hierarchy (scoped tree)
GETGet a hierarchy node
PATCHUpdate a hierarchy node
DELETEDelete a hierarchy node
GETGet subtree from a node
GETGet ancestor chain for a node
GETGet direct children of a node
POSTMove (reparent) a node
GETList identities at a node
GETGet identity summary for a node