> ## Documentation Index
> Fetch the complete documentation index at: https://docs.tracecat.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Submit Approvals

> Submit approval decisions to a running agent workflow.

This endpoint sends approval decisions back to an agent workflow
that is waiting for human-in-the-loop approval on tool calls.

Args:
    role: The authenticated user role.
    session_id: The agent session ID (used to lookup the workflow).
    payload: The approval decisions mapping tool_call_id to decision.
    session: Database session for workspace-scoped lookups.

Raises:
    HTTPException 400: If the approval submission fails validation.
    HTTPException 404: If the agent session/workflow is not found.
    HTTPException 500: For unexpected errors.



## OpenAPI

````yaml https://platform.tracecat.com/api/openapi.json post /workspaces/{workspace_id}/approvals/{session_id}
openapi: 3.1.0
info:
  title: Tracecat API
  summary: Tracecat API
  description: The open source AI automation platform for security teams and agents.
  termsOfService: >-
    https://docs.google.com/document/d/e/2PACX-1vQvDe3SoVAPoQc51MgfGCP71IqFYX_rMVEde8zC4qmBCec5f8PLKQRdxa6tsUABT8gWAR9J-EVs2CrQ/pub
  contact:
    name: Tracecat Founders
    email: founders@tracecat.com
  license:
    name: AGPL-3.0
    url: https://www.gnu.org/licenses/agpl-3.0.html
  version: '1'
servers:
  - url: /api
security: []
tags:
  - name: public
    description: Public facing endpoints
  - name: workflows
    description: Workflow management
  - name: actions
    description: Action management
  - name: triggers
    description: Workflow triggers
  - name: secrets
    description: Secret management
  - name: variables
    description: Workspace variable management
paths:
  /workspaces/{workspace_id}/approvals/{session_id}:
    post:
      tags:
        - approvals
      summary: Submit Approvals
      description: |-
        Submit approval decisions to a running agent workflow.

        This endpoint sends approval decisions back to an agent workflow
        that is waiting for human-in-the-loop approval on tool calls.

        Args:
            role: The authenticated user role.
            session_id: The agent session ID (used to lookup the workflow).
            payload: The approval decisions mapping tool_call_id to decision.
            session: Database session for workspace-scoped lookups.

        Raises:
            HTTPException 400: If the approval submission fails validation.
            HTTPException 404: If the agent session/workflow is not found.
            HTTPException 500: For unexpected errors.
      operationId: approvals-submit_approvals
      parameters:
        - name: session_id
          in: path
          required: true
          schema:
            type: string
            format: uuid
            title: Session Id
        - name: workspace_id
          in: path
          required: true
          schema:
            type: string
            format: uuid
            title: Workspace Id
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ApprovalSubmission'
      responses:
        '204':
          description: Successful Response
        '422':
          description: Validation Error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/HTTPValidationError'
      security:
        - APIKeyCookie: []
components:
  schemas:
    ApprovalSubmission:
      properties:
        approvals:
          $ref: '#/components/schemas/ApprovalMap'
      type: object
      required:
        - approvals
      title: ApprovalSubmission
      description: Request model for submitting approval decisions.
    HTTPValidationError:
      properties:
        detail:
          items:
            $ref: '#/components/schemas/ValidationError'
          type: array
          title: Detail
      type: object
      title: HTTPValidationError
    ApprovalMap:
      additionalProperties:
        anyOf:
          - type: boolean
          - oneOf:
              - $ref: '#/components/schemas/ToolApproved'
              - $ref: '#/components/schemas/ToolDenied'
            discriminator:
              propertyName: kind
              mapping:
                tool-approved:
                  $ref: '#/components/schemas/ToolApproved'
                tool-denied:
                  $ref: '#/components/schemas/ToolDenied'
      type: object
    ValidationError:
      properties:
        loc:
          items:
            anyOf:
              - type: string
              - type: integer
          type: array
          title: Location
        msg:
          type: string
          title: Message
        type:
          type: string
          title: Error Type
        input:
          title: Input
        ctx:
          type: object
          title: Context
      type: object
      required:
        - loc
        - msg
        - type
      title: ValidationError
    ToolApproved:
      properties:
        override_args:
          anyOf:
            - additionalProperties: true
              type: object
            - type: 'null'
          title: Override Args
        kind:
          type: string
          const: tool-approved
          title: Kind
          default: tool-approved
      type: object
      title: ToolApproved
    ToolDenied:
      properties:
        message:
          type: string
          title: Message
          default: The tool call was denied.
        kind:
          type: string
          const: tool-denied
          title: Kind
          default: tool-denied
      type: object
      title: ToolDenied
  securitySchemes:
    APIKeyCookie:
      type: apiKey
      in: cookie
      name: fastapiusersauth

````