Approvals workflow

Most governed objects don’t take effect when created — they take effect when approved. Approvals are where a reviewer turns a submission into live, projected configuration.

A decision workbench

The approvals surface is built to decide, not just to list. For each pending item a reviewer can see what’s changing — for a server submission, a diff of the pending manifest against what’s live — and the context needed to approve or reject with confidence.

What flows through approval

• MCP server submissions (and revisions)
• API sources and their generated tools
• Agents
• Credential bindings
• Policy versions (publish)
• Connector lifecycle changes

Tenant‑wide by default

The queue spans environments by default and is filtered per row, so a reviewer sees everything awaiting them in one place rather than hopping between scopes. Approvals can also be processed in batches where it’s safe to.

Tip

Approving a server compiles it into the runtime projection — only then is it callable, and still only as policy permits. See Review & approve a submission.