§ DOCUMENTATION

Approval Workflows 2.0

Risk-scored, tier-routed human-in-the-loop approvals with SLA escalation and a continuous authorization-certificate verification loop — turning a one-time gate into an ongoing evidence trail.

§ 01

Why continuous evidence — the gap one-time approval leaves

A classic human-in-the-loop gate answers one question: "should this agent action proceed right now?" Once the human clicks approve, the record goes stale. Circumstances change — a dataset is reclassified, a policy is tightened, an approver's authority lapses — but the original decision has no mechanism to reflect that.

Approval Workflows 2.0 adds a continuous authorization-evidence loop. Every approval issues an authorization certificate. Execlave continuously re-verifies that certificate: checking revocation status and expiry, stamping certificate_verified_at on each pass. Combined with risk scoring, tier routing, and SLA escalation, each approval record becomes a living compliance artefact — not a static timestamp.

§ 02

Risk scoring & routing

When a policy decision resolves to require_approval, Execlave computes a risk score (0–100) from the trace context: tool sensitivity, data scope, policy type, and rule definition weights. The score maps to a risk level and determines which approver tier receives the request.

Risk level	Score range	Approver tier
low	0–24	standard
medium	25–49	group
high	50–74	named_approver
critical	75–100	named_approver

The routed_to field on the approval record records which tier the request was sent to. The dashboard surfaces the risk level badge and routing tier alongside each pending item.

§ 03

SLA escalation

Pending approvals that are not acted on within their SLA window are automatically escalated. On escalation, escalation_level increments and escalated_at is stamped. The dashboard shows an escalation indicator on the affected row so higher-tier reviewers can prioritise it.

The agent SDK continues polling during escalation. The request stays pending until a human decides or the calling process times out on its side — Execlave does not auto-approve or auto-deny on escalation.

§ 04

Authorization certificates & the verification loop

Granting an approval issues an authorization certificate tied to that decision record. The certificate captures approver identity, decision timestamp, and the approval ID. Execlave re-verifies the certificate on an ongoing basis — checking that the record has not been revoked and that the certificate remains valid — and updates certificate_verified_at on each successful pass.

This produces a continuous chain of verification events rather than a single point-in-time stamp. For compliance audits, every re-verification is visible in the audit log alongside the original approval record.

DB column	Type	Set when
risk_score	integer	Approval request created
risk_level	text	Approval request created
routed_to	text	Approval request created
escalation_level	integer	SLA deadline passed
escalated_at	timestamptz	First escalation
certificate_verified_at	timestamptz	Each certificate re-verification

§ 05

Using approval workflows

Create a policy with enforcementMode: "require_approval". The SDK pauses execution and polls while a human reviews. Use the pending approvals endpoint to list open requests, and POST /api/v1/approvals/:id/decide to approve or deny.

curl -X POST https://api.execlave.com/api/v1/policies \  -H "Authorization: Bearer $EXECLAVE_API_KEY" \  -H "Content-Type: application/json" \  -d '{    "name": "Require approval for file writes",    "policyType": "tool_call",    "enforcementMode": "require_approval",    "ruleDefinition": {      "tools": ["write_file", "delete_file"],      "risk_threshold": "medium"    }  }'

List pending approvals — the response includes riskScore, riskLevel, routedTo, and escalation fields:

curl https://api.execlave.com/api/v1/approvals/pending \  -H "Authorization: Bearer $EXECLAVE_API_KEY" # Response{  "data": [    {      "id": "apr_01j...",      "agentId": "agt_01j...",      "riskScore": 72,      "riskLevel": "high",      "routedTo": "named_approver",      "escalationLevel": 0,      "escalatedAt": null,      "certificateVerifiedAt": null,      "createdAt": "2026-06-02T10:14:00Z"    }  ]}

§ 06

Frequently asked questions

What happens if no approver acts before the SLA deadline?

Execlave automatically escalates the request: the escalation_level counter increments and an escalated_at timestamp is stamped on the approval record. The dashboard surfaces the escalation indicator so higher-tier reviewers know the item is overdue. The agent SDK continues polling; the request remains pending until a human decides or the calling process times out on its side.

How is the risk score computed?

The risk score is derived from the policy rule definition and the trace context at the time the approval request is created — factors such as tool sensitivity, data scope, and policy type contribute. The score maps to a risk level (low, medium, high, critical) which determines the approver tier the request is routed to. The exact scoring weights are configurable in the policy rule definition.

What does the authorization certificate contain and how is it verified?

When an approval is granted, Execlave issues an authorization certificate tied to that decision. The certificate records the approver identity, decision timestamp, and the approval record ID. Execlave continuously re-verifies certificate validity — checking that the underlying approval record has not been revoked and that the certificate has not expired — and stamps certificate_verified_at on each successful check. This creates an ongoing evidence trail rather than a one-time snapshot.

Do older approval requests break if they lack the 2.0 fields?

No. The 2.0 columns (risk_score, risk_level, routed_to, escalation_level, escalated_at, certificate_verified_at) are nullable. Approval records created before the migration simply have null values for those fields. The dashboard and API handle null gracefully — no badge is shown when the field is absent.