How It Works
Permission Slip sits between your AI agents and the actions they want to take. Here’s what happens when an agent submits a request.The Approval Flow
Agent Submits a Request
Your agent calls the Permission Slip API with the action it wants to perform — for example, sending an email or making an API call. The request includes the action type, parameters, and a risk level.
You Get Notified
Permission Slip sends you a notification through your configured channels — email, SMS, or browser push notification. The dashboard also updates in real time via server-sent events.
You Review the Details
On your dashboard, you see exactly what the agent wants to do: the action type, all parameters, the risk level, and which agent is making the request. You have full context to make a decision.
You Approve or Deny
Click Approve to let the action proceed, or Deny to block it. High-risk actions are flagged with a warning so you can review them more carefully.
Action Executes
If approved, Permission Slip immediately executes the action via the appropriate connector using your stored credentials. The result is recorded on the approval.
Standing Approvals
For routine actions you trust, you can create standing approvals that pre-authorize an agent to perform a specific action type without asking you each time. Standing approvals have built-in guardrails:- Execution limits — cap how many times the agent can use the approval (or set it to unlimited).
- Expiration — standing approvals automatically expire, up to a maximum of 90 days.
- Revocation — you can revoke a standing approval at any time.
Risk Levels
Every action has an associated risk level:| Level | Description |
|---|---|
| Low | Routine, read-only, or low-impact actions |
| Medium | Actions that modify data or have moderate impact |
| High | Sensitive actions — financial transactions, data deletion, external communications |