Approvals API

When policy returns allow_with_obligation, the agent must request approval before executing the deferred HTTP call. Humans approve in the console.

Request approval

POST/v1/aegis/approvals/requestBearer ingest key
FieldTypeRequiredDescription
organization_iduuidYesOrg scope
event_idstringYesPolicy decision event ID
trace_idstringYesTrace to complete later
tool_namestringYesTool awaiting approval
deferred{ url, method? }YesHTTP call to run after approval (method defaults to GET)
json
{
  "organization_id": "…",
  "event_id": "evt_…",
  "trace_id": "trc_…",
  "tool_name": "stripe.paymentIntents.create",
  "deferred": { "url": "https://api.stripe.com/…", "method": "POST" }
}
StatusBody
201{ approval_id, status: "pending", … }
422Missing required fields

Get approval status

GET/v1/aegis/approvals/:approvalIdBearer ingest key
200 response
{
  "approval_id": "apr_…",
  "status": "pending" | "approved" | "rejected",
  "trace_id": "trc_…",
  "tool_name": "stripe.paymentIntents.create",
  "event_id": "evt_…"
}

Complete trace

POST/v1/aegis/approvals/:approvalId/completeBearer ingest key

Call after deferred fetch succeeds and approval is approved. Marks trace completed. Body may include trace_id and organization_id.

StatusBody
200{ ok: true, trace_id, status: "completed" }
409Approval not approved
404Not found

SDK resume

typescript
import { wrapFetchResume } from "@salanor/aegis";

await wrapFetchResume(approvalId, url, init, config);