We have a staging org and have bumped up against the 15K limit. We feel we need to increase the API limit to 30K. How do we do that?

We have a Canvas connected app that is using the Web Server OAuth flow.  This is working for all of our clients except for one who is in version winter 16 beta and Performance Edition in their sandbox.  We have “Admin approved users are pre-authorized”.  However for this client we are getting an error from the RemoteAccessAuthorizationPage.apexp (see the ConsoleLog.png), it is refusing to display because of the x-frame-options.  It is our understanding that with the pre-authorized OAuth setting, this page does not need to display, but simply redirect back to our Canvas app.  If we open the RemoteAccessAuthorizationPage in another window (outside the iframe), we see the see the page in the attached RequestingPermission.png image.  We are presuming this is the page users would see if the OAuth setting was “All users may self-authorize”.  After clickin “allow” on this page, our Canvas app authorizes and loads.  We want to help this customer use our app.  Can you tell us why this is not working and how to fix it?  Is there an additional setting needs to be tweak for this version?
 

A second issue is that the request to our Canvas app from all installed instances comes from a URL host ending with “visual.force.com”.  From this customer the URL host is “cvent--pcopy.cs21.my.salesforce.com” which does not end with “visual.force.com”.  Why is that?

We have a Canvas connected app that is using the Web Server OAuth flow.  This is working for all of our clients except for one who is in version winter 16 beta and Performance Edition in their sandbox.  We have “Admin approved users are pre-authorized”.  However for this client we are getting an error from the RemoteAccessAuthorizationPage.apexp (see the ConsoleLog.png), it is refusing to display because of the x-frame-options.  It is our understanding that with the pre-authorized OAuth setting, this page does not need to display, but simply redirect back to our Canvas app.  If we open the RemoteAccessAuthorizationPage in another window (outside the iframe), we see the see the page in the attached RequestingPermission.png image.  We are presuming this is the page users would see if the OAuth setting was “All users may self-authorize”.  After clickin “allow” on this page, our Canvas app authorizes and loads.  We want to help this customer use our app.  Can you tell us why this is not working and how to fix it?  Is there an additional setting needs to be tweak for this version?
 

A second issue is that the request to our Canvas app from all installed instances comes from a URL host ending with “visual.force.com”.  From this customer the URL host is “cvent--pcopy.cs21.my.salesforce.com” which does not end with “visual.force.com”.  Why is that?