Approvals

Your agent is powerful, but some actions need a human decision. Approvals let you set up gates so the agent asks permission before doing anything risky — deleting files, running commands, calling external APIs, deploying code.

You approve, reject, edit the request, or ask for changes — all from the dashboard.

How It Works

1. Your agent calls a tool that requires approval
2. The agent pauses and sends a request to the dashboard
3. You see the request with full details — what tool, what parameters, why
4. You choose: Approve, Reject, Edit Parameters, or Request Changes
5. The agent continues (or stops) based on your decision

Setting Up Approval Rules

Approving a Request

When a request comes in, you see:

• Tool name — which tool the agent wants to call
• Parameters — the exact arguments the agent is passing
• Context — what the agent was doing when it made the request
• Risk level — low, medium, high, or critical

You have four options:

Approve

The agent proceeds with the original parameters. The tool executes and the agent continues its work.

Reject

The agent is told the request was denied. It can adjust its approach or ask you what to do instead.

Edit Parameters

Change the parameters before approving. For example, if the agent wants to delete a directory, you can narrow it to a specific file. The agent uses your edited parameters.

Request Changes

Send a message back to the agent explaining what you want changed. The agent reads your feedback, adjusts its approach, and submits a new request. This can go back and forth as many times as needed.

Multi-Round Conversations

Approvals are not just yes/no. You can have a conversation about the request:

Agent: “I want to run rm -rf ./old-data/ to clean up disk space.”

You: “Don’t delete everything. Only remove files older than 30 days.”

Agent: “Got it. Updated command: find ./old-data/ -mtime +30 -delete. Requesting approval.”

You: Approve

Each round of discussion is tracked as part of the approval record, so you have a full audit trail of why decisions were made.

Example Approval Configurations

Conservative — Approve Everything

Pattern: *
Risk Level: medium
Auto-Approve: none

Every tool call requires your approval. Good for initial setup when you want to understand what your agent does.

Balanced — Read Freely, Write with Approval

Pattern: *__get_*, *__list_*, *__search_*
Auto-Approve: all

Pattern: *
Risk Level: medium
Auto-Approve: none

Read operations (get, list, search) run without interruption. Anything that writes, creates, updates, or deletes requires approval.

Team Setup — Auto-Approve for Experienced Members

Pattern: *
Risk Level: low
Auto-Approve: admin role

Pattern: *__delete_*
Risk Level: critical
Auto-Approve: none

Admins can auto-approve low-risk operations. Delete operations always require explicit approval regardless of role.

Timeout

If you do not respond to an approval request within 24 hours, it expires. The agent is notified that the request timed out and can either retry or move on.

Approval History

All approval decisions are logged. Go to Workspaces → Approvals to see:

• Every request, with status (approved, rejected, expired, changes requested)
• Who approved or rejected it
• The full conversation thread for multi-round approvals
• Timestamps and risk levels

This is your audit trail for compliance and review.

Next Steps

• Connect OpenClaw — approvals work automatically once your agent is connected
• Activity Monitor — see all agent actions, not just approved ones
• Team Access — each team member manages their own approvals