Skip to main content

Auto-Approval Rules

Auto-Approval Rules let Keeptrusts resolve known-safe task permission requests automatically instead of pausing a run for human review. The feature is designed for low-risk, high-frequency operations, and every auto-decision still lands in the approval record and audit trail so teams keep the same governance evidence they would have for a manual approval.

Use this page when

  • You want to reduce approval latency for routine task operations without removing governance controls.
  • You need to understand what fields, limits, and security checks apply to Auto-Approval Rules.
  • You are validating why a task continued without showing a human approval prompt.

Primary audience

  • Primary: Technical Leaders
  • Secondary: Technical Engineers, AI Agents

Main content

What Are Auto-Approval Rules

Auto-Approval Rules are policy-based approval bypass rules for task operations.

  • They are evaluated synchronously in the approval creation path.
  • If a matching enabled rule exists, the approval request is auto-resolved instead of pausing the run for a human decision.
  • The resulting approval record still carries a full governance trace, including decision_source: "auto_rule" and the matched rule ID.
  • Auto-approval changes the approval decision path, not the underlying runtime permission model.

Rule Structure

Each rule defines what Keeptrusts may auto-approve and where the rule is allowed to apply.

FieldWhat it doesNotes
nameHuman-readable rule nameUse a name that makes the intent obvious in the audit trail.
scopeRule reachteam applies to team members. personal is more restrictive and will not self-match for the rule creator.
risk_levelsAllowed risk levelsKeeptrusts stores explicit allowed levels (low, medium, high). Operationally, many teams think of this as the maximum risk the rule may auto-approve. critical is never allowed.
permission_typesWhich permission requests the rule may auto-approveTypical examples include filesystem_read, tool_execute, notification_send, or other governed permission types.
task_definition_idOptional task scopingIf set, the rule applies only to that exact task definition. If omitted, the rule can match any task definition in the team.
agent_idOptional agent scopingIf set, the rule applies only to that exact agent. If omitted, the rule can match any agent in the team.
enabledNon-destructive on/off switchDisabling a rule preserves the record but stops it from matching new requests.

If your internal governance model uses terms such as max_risk_level, task_filter, or agent_filter, map them in Keeptrusts to the selected risk_levels, task_definition_id, and agent_id fields.

Security Controls

Auto-Approval Rules reduce review friction, but they do not remove core governance safeguards.

  • Critical risk exclusion: Rules cannot include the critical risk level. Critical actions always require a human decision.
  • Self-approval prevention: A scope: personal rule does not match when the requesting user is also the rule creator. This prevents a user from silently approving their own gated action through a personal rule.
  • Role requirements: Creating, updating, or deleting rules requires team-admin-level governance write access.
  • Wallet independence: Auto-approval does not bypass wallet reserve or settle behavior. Cost governance remains independent from approval governance.

Console Settings Page

The console surface for this feature lives at Settings → Auto-Approval Rules (/settings/auto-approval-rules).

From that page, operators can:

  • review all rules in a table view
  • see rule status, scope, risk levels, and permission types at a glance
  • create or edit rules through a validated dialog
  • disable a rule without deleting it
  • delete a rule with a confirmation step

The form keeps critical risk unavailable and explains why before the rule can be saved.

Audit Trail

Auto-Approval Rules keep a full governance trail even when no human clicks Approve.

  • Every create, update, and delete action on a rule emits an audit event.
  • Auto-approved decisions still appear in the approval queue with an Auto-approved badge.
  • The approval record includes decision_source: "auto_rule" so reviewers can distinguish automatic resolution from a human decision.
  • The matched rule ID stays linked to the decision record for later investigation, reporting, or compliance review.

API Endpoints

Keeptrusts exposes Auto-Approval Rule management through the governance API.

  • GET /v1/auto-approval-rules — list rules for the current team scope
  • POST /v1/auto-approval-rules — create a rule
  • PUT /v1/auto-approval-rules/{id} — update a rule
  • DELETE /v1/auto-approval-rules/{id} — delete a rule

For AI systems

  • Canonical terms: auto-approval rule, approval queue, decision_source, auto_rule, critical risk exclusion, governance audit.
  • Exact product and UI surface: Settings → Auto-Approval Rules in the Keeptrusts console.
  • Exact API surface: GET /v1/auto-approval-rules, POST /v1/auto-approval-rules, PUT /v1/auto-approval-rules/{id}, DELETE /v1/auto-approval-rules/{id}.
  • Use risk_levels, permission_types, task_definition_id, agent_id, scope, and enabled as the authoritative rule fields.
  • Related concepts: approval queue, task permissions, governance audit, and hosted task execution.

For engineers

Prerequisites

  • Team-admin-level governance write access.
  • A team context where task definitions and governed permissions already exist.
  • A task flow that can emit a low-risk permission request for validation.

Validation

  1. Create an enabled rule for a low-risk permission type such as filesystem_read or tool_execute.
  2. Trigger a task that would normally create a matching approval request.
  3. Confirm the task does not stop for a human approval prompt.
  4. Open the approval queue and verify the request shows the Auto-approved badge.
  5. Confirm the decision record shows decision_source: "auto_rule" and the linked rule identifier.

For leaders

  • Auto-Approval Rules reduce approval latency for known-safe, repetitive task operations without removing governance visibility.
  • The risk model remains conservative: critical actions never bypass human review.
  • Full audit coverage is preserved, so automatic decisions remain reviewable for compliance, post-incident analysis, and operational reporting.
  • The feature is most effective when teams use it for stable, low-risk patterns instead of broad exceptions.

Next steps