Approval gates

What an approval gate does

An approval gate pauses execution at a specific node and routes a decision request to a human. The proposed output is shown in full; the human can Approve, Reject, or Edit and approve. Until they decide, the workflow holds.

Default gates

Out of the box, the following actions are gated:

You can tighten or loosen these per-tenant in Settings → Agents → Gates.

Custom gates

Add a gate to any workflow node by setting the node's Gate field. A gate definition is:

gateName:    "Outbound legal redline"
approvers:   role:legal-lead OR user:sara@acme.com
sla:         8h
escalateTo:  role:owner
expiresAt:   24h → reject

If no approver acts within the SLA, the gate escalates. If no one acts within expiresAt, the gate rejects by default — fail-closed, never fail-open.

What approvers see

The approval surface shows:

1. The proposed output (the email body, the payment, the contract clause).
2. The full context the agent used — every memory read, every reference.
3. The agent's chain-of-decisions in summary form.
4. The blast radius (how many recipients, what total amount, etc.).

Approving is one click. Editing keeps the trace; the agent's draft and the human's edit are both retained.

Why this matters

Gates are how ThorStack reconciles agent autonomy with the truth that some actions need a human signature. The right design isn't "approve everything" (that defeats automation) or "approve nothing" (that defeats trust). Default gates are tuned to the actions that have legal, financial, or reputational blast radius.

Next

• Workflow basics — the surrounding model.
• Agent management — configure gates per agent.