Skip to main content
Approval workflows let you require human sign-off before a tool executes. This is useful for destructive operations, external API calls, or any action where you want a human in the loop.

Enabling Approvals

Configure approval on a tool: 
from framework.decorators import tool

@tool(
    name="delete_record",
    description="Delete a CRM record",
    agent="my-assistant",
    require_approval=True,
)
async def delete_record(record_id: str) -> dict: ...

Approval Flow

  1. The agent decides to call an approval-gated tool
  2. An approval_required event is streamed to the client
  3. Execution pauses until a human approves, approves with edited arguments, or denies
  4. On approval, the tool executes and the agent continues
  5. On denial, the agent receives the denial and adjusts
  6. On timeout, the request expires

Approval Events

{"type": "approval_required", "content": {
  "id": "approval_123",
  "tool_name": "delete_record",
  "arguments": {"record_id": "rec_123"},
  "conversation_id": "conv_001"
}}
After the user responds: 
{"type": "approval_approved", "content": {
  "id": "approval_123",
  "tool_name": "delete_record",
  "approver": "auth0|user_123"
}}

Approval Settings

Adjust approval settings for an assigned tool: 
PUT /api/v1/agent/{agent_id}/tools/{tool_identifier}/approval
{
  "enabled": true,
  "timeout_seconds": 600
}
Approve with modified_arguments when the reviewer needs to correct the proposed tool input before execution: 
POST /api/v1/approvals/{approval_id}/respond
{
  "status": "approved",
  "reason": "Corrected recipient",
  "modified_arguments": {
    "recipient": "[email protected]"
  }
}