Internal canvases for your org

Drop it in.
Share it out.

People build working web tools with AI in minutes, but they have nowhere safe to put them. canvas-drop is the creation-and-sharing layer: deploy a static canvas in seconds, share it with your team, and skip the screenshots and slide decks.

Or connect your agent over MCP — or curl -F a folder — and it's live.

A guided tour

See it across the whole workflow.

Create, edit, share, and govern. Every surface of canvas-drop, in one place.

Your dashboard. Every canvas your org has built, with versions, sharing, and status in one place. — **Your dashboard.** Every canvas your org has built, with versions, sharing, and status in one place.

In-browser editor. Edit files, preview, and publish a new version. No local setup, no deploy pipeline. — **In-browser editor.** Edit files, preview, and publish a new version. No local setup, no deploy pipeline.

Shared gallery. Browse, search, and clone what the team has made, instead of screenshots buried in a DM. — **Shared gallery.** Browse, search, and clone what the team has made, instead of screenshots buried in a DM.

Sharing & access. Per canvas: keep it org-only, invite a guest, or open an admin-gated public link. — **Sharing & access.** Per canvas: keep it org-only, invite a guest, or open an admin-gated public link.

Backend in a click. Switch on the primitives a canvas can use: KV, files, AI, identity, realtime. — **Backend in a click.** Switch on the primitives a canvas can use: KV, files, AI, identity, realtime.

Admin & control. Tune quotas, manage members, and set who can publish, all from the admin console. — **Admin & control.** Tune quotas, manage members, and set who can publish, all from the admin console.

Usage insight. See what's actually getting used, per canvas. No guesswork. — **Usage insight.** See what's actually getting used, per canvas. No guesswork.

Why canvas-drop

From “I built a thing” to “the team is using it,” without a deploy pipeline.

Deploy in seconds

Drag a folder, push from a script, or connect your AI agent over MCP — sign in once and it can create and deploy canvases for you. A canvas is just static files: no build to wait on, nothing to provision.

Shared with your org

Every canvas lives behind your organization's sign-in. Invite a teammate, open a guest link, or publish to the gallery.

Safe by default

Org-only access, isolated runtimes, and server-side keys. Backend power comes only through five audited primitives.

Five primitives

Static canvases, real backend power.

Canvases ship as static files, with no server build. When a canvas needs more, it reaches exactly five audited primitives. Secrets stay server-side, always.

Key–value kv

Persist state with a tiny get/set store. No database to run.

Files files

Upload, store, and serve assets straight from a canvas.

AI ai

Call the model through a server-side proxy, with no keys in the browser.

Identity me

Know who's viewing. `me()` returns the signed-in org member.

Realtime live

Broadcast and subscribe over a managed socket for live canvases.

Built for teams

Control, without the overhead.

canvas-drop is built for your whole org from day one. Access, limits, and accountability come standard, not bolted on.

Org sign-in (SSO)

Everyone signs in with your Google or OIDC org account, gated by email domain and an admin allowlist.

Admin console

Set global quotas and defaults, and choose which members may publish public links.

Member management

See who's in, grant or revoke admin, and block access in a click.

Audit log

Significant actions are recorded, so there's always an account of what changed.

Private by design

Your tools, your data, your infrastructure.

Privacy isn't a setting here. It's the default posture: canvas-drop keeps the minimum it needs to run, and nothing leaves your instance.

Org-only by default

Every canvas sits behind your sign-in until you deliberately share it.

No telemetry, ever

canvas-drop never phones home. No tracking, no analytics, no third-party beacons.

Secrets stay server-side

AI and provider keys live on the server and are never shipped to the browser.

Isolated runtimes

Canvases are sandboxed, so they can't reach each other or the platform's internals.

Your infrastructure

Self-host on your own VPS or cloud; your data lives where you put it.

Read the Privacy Policy and Terms of Service.

Open source

Yours to run. MIT-licensed, self-hostable.

canvas-drop is open source and self-contained: one binary, your database, your storage, your sign-in. No telemetry, no phone-home. Host it on a single VPS or bring your own cloud.

View on GitHub Self-host guide

Drop it in.Share it out.