Skip to main content

Governance Approvals

Governance approvals let you protect sensitive organization changes behind a second review step. When a protected action is attempted, Conto creates a governance approval request instead of applying the change immediately. Use this when API key lifecycle, policy updates, or freeze-configuration changes should leave an explicit review trail.

What Can Be Protected

Current governance approval actions cover:
  • API key creation, rotation, and revocation
  • Freeze-configuration updates
  • Policy creation, update, and deletion
  • Policy-rule creation, update, and deletion

Roles

RoleWhat it can do
OWNERConfigure which actions require governance approval; approve or reject requests
ADMINApprove or reject requests that are already pending
VIEWERCannot configure governance approvals or decide requests

How It Works

Every request keeps the requester, requested payload, decision comment, timestamps, and decision actor together in one audit trail.

Set It Up

1

Open the Governance tab

Sign in to the dashboard and open the Governance tab in organization settings.
2

Choose protected actions

Toggle on the actions that should pause for review before they apply.
3

Optional: add webhook visibility

If your compliance, audit, or ticketing system needs a copy of governance events, add a WEBHOOK notification channel and subscribe it to governance.approval.requested and governance.approval.decided.
4

Test one protected change

Try a protected action such as updating a policy or rotating an API key. You should see a pending governance approval request instead of an immediate mutation.

Review a Request

Owners and admins review pending requests in the same Governance settings tab. For each request, Conto shows:
  • The protected action, such as POLICY_UPDATE or API_KEY_ROTATE
  • The target resource and resource ID
  • The requester and request timestamp
  • The serialized request payload
  • Expiration time
  • Decision history and optional reviewer comment
Approve when the change is expected and authorized. Reject when the request should not be applied.

Webhooks and Audit Trail

Governance approval webhooks are notification-only. External systems can observe the request and decision lifecycle, but the actual approve/reject action still happens in Conto.

API Surface

If you need to inspect the current setup or pending requests programmatically, the dashboard uses:
  • GET /api/governance/approval-settings
  • PATCH /api/governance/approval-settings
  • GET /api/governance/approval-requests
  • POST /api/governance/approval-requests/{id}/decide
These routes use the signed-in dashboard session rather than SDK keys.