Records the human decision and reopens the parent task for worker resume
On approve, the parent execution is requeued from the parked step and the tool call proceeds with its original arguments; on reject, the rejection text is fed back into the flow as the tool result so the agent can react to (or surface) the operator's reasoning. The responder identity is captured from the caller's auth context, not the request body, so audit trails reflect the real user. Requires Admin role on the agent to prevent arbitrary viewers from authorizing privileged tool calls; to abandon a request without resuming, use `POST .../pendingApprovals/{approvalId}:cancel`.
Authorization
Bearer JWT Authorization header using the Bearer scheme. Enter 'Bearer' [space] and then your token.
In: header
Path Parameters
The unique identifier of the agent.
The approval request ID.
uuidThe tenant identifier
The response text.
Free-text reply from the approver. Must be non-empty (empty replies are
rejected as accidental submits — see the equivalent guard in
HumanApprovalRequestService.RespondViaConnectorAsync).
Response Body
curl -X POST "https://api.fruxon.com/v1/tenants/string/agents/string/pendingApprovals/497f6eca-6276-4993-bfeb-53cbbbba6f08:respond" \ -H "Content-Type: application/json" \ -d '{}'{
"id": "00000000-0000-0000-0000-000000000000",
"agentId": "string",
"agentRevision": 0,
"flow": "string",
"sessionId": "string",
"taskQueueId": 0,
"executionRecordId": "00000000-0000-0000-0000-000000000000",
"gateType": "TOOL_FLOW_STEP",
"stepIdentifier": "string",
"toolCallId": "string",
"toolKey": "string",
"outboundMessage": "string",
"proposedParameters": {},
"authorizedApprovers": [
"string"
],
"deliveryRoute": {
"id": "00000000-0000-0000-0000-000000000000",
"connectorId": "00000000-0000-0000-0000-000000000000",
"provider": "string",
"parameters": {}
},
"deliveryMessageId": "string",
"correlationToken": "string",
"status": "PENDING",
"expiresAt": 0,
"respondedAt": 0,
"respondedBy": "string",
"decision": "APPROVE",
"responseText": "string",
"createdAt": 0,
"modifiedAt": 0
}{
"type": "string",
"title": "string",
"status": 0,
"detail": "string",
"instance": "string",
"property1": null,
"property2": null
}{
"type": "string",
"title": "string",
"status": 0,
"detail": "string",
"instance": "string",
"property1": null,
"property2": null
}{
"type": "string",
"title": "string",
"status": 0,
"detail": "string",
"instance": "string",
"property1": null,
"property2": null
}{
"type": "string",
"title": "string",
"status": 0,
"detail": "string",
"instance": "string",
"property1": null,
"property2": null
}Gets a single approval request by id.
Returns the full record for one human-approval gate, including its current lifecycle state, the tool call payload awaiting approval, the parent execution id, and (if already resolved) the responder identity, decision, and decision text. Returns 404 if the approval id does not belong to the agent in the route — approval ids are agent-scoped and cross-agent access is not permitted even with tenant-admin credentials.
Lists all available alert types with labels and descriptions.
Returns the static catalog of alert types an agent can fire — these are compiled into the server via `AlertTypeRegistry`, not tenant-scoped or persisted. Use the returned identifiers when classifying alerts on agent runs so the UI can map them to friendly labels and severities. The list is stable across requests; cache aggressively client-side.