canvas-drop
Internal canvases for your org

Drop it in.
Share it out.

Your team builds working web tools, then has nowhere safe to put them. canvas-drop is where they land: deploy a static canvas in seconds, share it behind your org sign-in, and skip the screenshots and slide decks.

Sign in with your org Read the docs

Connect your agent over MCP, or curl a folder straight to a live URL.

A guided tour

See it across the whole workflow.

Create, edit, share, and govern. Every surface of canvas-drop, in one place.

Your dashboard. Every canvas your org has built — filter by tag, search by name or content, and see versions, sharing, and status at a glance.
Your dashboard. Every canvas your org has built — filter by tag, search by name or content, and see versions, sharing, and status at a glance.
In-browser editor. Edit files, preview, and publish a new version. No local setup, no deploy pipeline.
In-browser editor. Edit files, preview, and publish a new version. No local setup, no deploy pipeline.
Shared gallery. Browse, filter by tag, search, and clone what the team has made — featured picks up top, each with a real preview cover, not screenshots buried in a DM.
Shared gallery. Browse, filter by tag, search, and clone what the team has made — featured picks up top, each with a real preview cover, not screenshots buried in a DM.
Preview covers. Every canvas gets an auto screenshot as its cover on publish — or turn it off, or upload your own image that sticks.
Preview covers. Every canvas gets an auto screenshot as its cover on publish — or turn it off, or upload your own image that sticks.
Sharing & access. Per canvas: keep it private, share with a team, add a named few, open it org-wide, or publish an admin-gated public link.
Sharing & access. Per canvas: keep it private, share with a team, add a named few, open it org-wide, or publish an admin-gated public link.
Teams & invites. Make a team — your colleagues, or friends & family — and invite anyone by email. They join the instant they first sign in; no password for you to manage.
Teams & invites. Make a team — your colleagues, or friends & family — and invite anyone by email. They join the instant they first sign in; no password for you to manage.
Backend in a click. Switch on the primitives a canvas can use: KV, files, AI, identity, realtime.
Backend in a click. Switch on the primitives a canvas can use: KV, files, AI, identity, realtime.
Admin & control. Tune quotas, manage members, and set who can publish, all from the admin console.
Admin & control. Tune quotas, manage members, and set who can publish, all from the admin console.
Usage insight. See what's actually getting used, per canvas. No guesswork.
Usage insight. See what's actually getting used, per canvas. No guesswork.

Why canvas-drop

From “I built a thing” to “the team is using it,” without a deploy pipeline.

01

Deploy in seconds

Drag a folder, paste HTML, push from a script, or connect your AI agent over MCP so it can create and deploy canvases for you. A canvas is just static files: no build to wait on, nothing to provision.

02

Shared exactly as far as you mean

An access ladder, per canvas: keep it private, share with a team, add a named few, open it to the whole org, or publish an admin-gated public link. Invite anyone by email — colleagues, or friends & family — and they're in the moment they sign in, with no extra account or password for you to manage. Add a password or expiry, and revoke anytime.

03

Versions you can roll back

Each publish snapshots an immutable version. Edit in the browser, preview the draft, then publish. If something breaks, make an earlier version current again in one click.

Sharing

An access ladder that fits how people actually share.

One rung per canvas — from just you to the whole internet, with everything in between. Teams sit in the middle: a group you create and share a subset of canvases with.

1
Private

Just you, the owner.

2
Specific people

A named few you add or invite, by email.

3
Team

A group you create — your colleagues, or friends & family you invite by email.

4
Whole org

Anyone signed in to your organization.

5
Public link admin

Anyone with the URL — admin-gated, and static files only.

Invite anyone by email — colleagues, contractors, or friends & family. They're in the moment they sign in through your instance's auth: no app-managed passwords, no magic-link accounts. A personal team needs no org at all.

Five primitives

Static canvases, real backend power.

Canvases ship as static files, with no server build. When a canvas needs more, it reaches exactly five audited primitives. Secrets stay server-side, always.

Key–value kv

Persist state with a tiny get/set store. No database to run.

Files files

Upload, store, and serve assets straight from a canvas.

AI ai

Call the model through a server-side proxy, with no keys in the browser.

Identity identity

Know who is viewing. `me()` returns the signed-in org member, resolved server-side.

Realtime realtime

Broadcast and subscribe over a managed socket. No server to operate.

Built for teams

Control, without the overhead.

canvas-drop is built for your whole org from day one. Access, limits, and accountability come standard, not bolted on.

Teams & invites

Group people into a team — your colleagues, or friends & family — and share a subset of canvases with just them. Invite by email; new people get access the instant they first sign in. No app-managed passwords, no magic-link accounts.

Org sign-in (SSO)

Everyone signs in with your Google or OIDC org account, gated by email domain and an admin allowlist.

Admin console

Set global quotas and defaults, and choose which members may publish public links.

Your brand, your look

Flip the whole instance — dashboard, editor, and landing — to one of four design skins from the admin console. No restart, no code.

Member management

See who's in, grant or revoke admin, and block access in a click.

Audit log

Significant actions are recorded, so there's always an account of what changed.

Make it yours

One platform, your look.

Pick a design skin in the admin console and the whole instance re-voices — accent colour, display type, and corner shape — across the dashboard, the editor, and this landing page. Same app, your brand. No restart, no code.

The same canvas-drop dashboard shown in two design skins side by side — Editorial (deep-teal serif) and Canvas (violet, bold) — to show the admin-flippable skin layer.

Private by design

Your tools, your data, your infrastructure.

Privacy isn't a setting here. It's the default posture: canvas-drop keeps the minimum it needs to run, and nothing leaves your instance.

Org-only by default

Every canvas sits behind your sign-in until you deliberately share it.

No telemetry, ever

canvas-drop never phones home. No tracking, no analytics, no third-party beacons.

Secrets stay server-side

AI and provider keys live on the server and are never shipped to the browser.

Backend off by default

A canvas reaches no backend until you switch it on, one primitive at a time. Public visitors get static files only.

Your infrastructure

Self-host on your own VPS or cloud; your data lives where you put it.

Read the Privacy Policy and Terms of Service.

Open source

Yours to run. MIT-licensed, self-hostable.

canvas-drop is open source and self-contained: your database, your storage, your sign-in. SQLite or Postgres, local disk or S3, all a config change away. No telemetry, no phone-home. Host it on a single VPS or bring your own cloud.

View on GitHub Self-host guide