A3Approval Authorization API

Approvals for the actions that can't go wrong.

A3 is an Approval Authorization API that adds enforced, cryptographically verifiable approvals to privileged operations and policy-driven workflows—with an optional client app for fast human decisions.

Signed decisions
Quorum + policy rules
Audit trail + export
See how it works

Integrate in an afternoon. Start with one endpoint.

Your server
POST /approval-requests
Approvers
approve / reject
A3
webhook decision
✓ Webhook signed✓ Quorum reached: 2/3
Rotate encryption keysPending approval
System
Core security
Impact
Multiple services
Multi-party approval
Time-bound
👤
Reviewer
Reviewed recently

Incidents don't start with hacks.
They start with one risky action.

Risky production deployment

A bad deploy during a code freeze can take down production. There's no undo button.

A3 makes these actions require explicit approval.

Privilege escalation

SSO off, roles changed, keys rotated—each one click away from disaster.

A3 makes these actions require explicit approval.

Sensitive export / key rotation

Exports and secrets are high-leverage failure points that rarely get proper oversight.

A3 makes these actions require explicit approval.

Approvals you can enforce, not just record.

A3 sits between your system and a risky action, collecting a signed human decision before anything irreversible happens. Integrate with a single API request plus webhook (or polling).

1

Create approval request

  • Your backend sends the action + required fields
  • Policy defines quorum + rules
POST /approval-requests
2

Collect signed decisions

  • Approvers review context and approve/reject
  • Each decision is cryptographically signed
Not a message. A verifiable decision.
3

Enforce outcome

  • A3 returns allow/deny via webhook or polling
  • Your workflow continues or stops
POST /decision-webhook

How A3 stays unskippable

Think of it like GitHub branch protection, but for production actions.

Signed approvals

Each approver signs a decision. No "approved in Slack" screenshots.

Server-enforced policy

Quorum, roles, and required fields are validated by A3, not your UI.

Decision receipt

Your backend receives a verifiable receipt before executing any action.

curl -X POST https://a3.eighty8.xyz/v1/approval-requests   -d '{
    "tenant_id": "tenant_123",
    "action": "access.elevate",
    "reference_id": "req_9f3c",
    "policy": { "quorum": { "required": 2 } },
    "fields": {
      "role": "production_admin",
      "duration": "1h",
      "user_id": "usr_42"
    },
    "callback": {
      "type": "webhook",
      "url": "https://your-server.com/webhooks/a3"
    }
  }'

Built for the teams that carry risk

Approvals aren't owned by one role. They're shared responsibility.

Engineering

  • Ship approvals without inventing a policy engine
  • Enforce decisions in code, not Slack
  • No custom edge cases per tenant

Security / IT

  • Signed decisions, not screenshots
  • Clear audit trail
  • Hard to bypass, easy to review

Risk / Compliance

  • Deterministic policies (quorum, thresholds, required fields)
  • Exportable approval records
  • Audit-ready by default

Finance / Ops

  • Dual control for critical operations
  • Prevent irreversible mistakes
  • Confidence at scale

Approvers shouldn't need a dashboard login.

The A3 client app gives your team a fast, secure way to approve or reject requests from anywhere—no VPN, no admin panel, no friction. Approve via signed link, push notification, or mobile app without giving approvers system access.

  • Push notifications for instant visibility
  • Cryptographically signed decisions
  • View full request context before approving
  • Works on iOS and Android
Pending1/2 approved
Waiting on
@cfo, @security
Access level
Production Admin
👤
@head-of-finance
Approved 15 min ago
2 of 3 approvals
11h 24m

Want to shape the future of secure approvals?

Join our early access program. Get priority support and influence A3's roadmap.

Simple pricing, when you're ready.

We're validating usage patterns before locking pricing. Pricing will be based on approval volume.

Prototype
Starter

For teams validating approval workflows in development.

Production
Growth

For teams running approvals in production with real users.

Fintech / Regulated
Enterprise

For teams needing SSO, SLAs, audit exports, and custom policies.

Questions

Policy enforcement happens server-side on A3, not in your UI. Decisions are cryptographically signed and verified. Your backend checks for a valid decision receipt before executing any action. Combined with audit trails, this makes bypassing detectable and preventable.
Yes. The client app is optional. You can build your own approval UI and use webhooks or polling to submit decisions to A3. The API is designed to work headlessly.
Both. A3 is an API-first product, but includes an optional mobile client app for approvers who need a fast, secure way to respond without logging into your admin dashboard.
All decisions are cryptographically signed and verified. Webhooks include signatures you can verify server-side. The client app uses device-bound keys for additional security.
We recommend passing references (IDs) rather than sensitive data. A3 stores minimal metadata needed for the approval flow and audit trail. You control what fields are visible to approvers.
We'll publish a public status page. Webhooks are retried with exponential backoff. You can also poll for decisions as a fallback. Enterprise plans include SLA commitments.

If approvals matter, don't bolt it on later.

Get it right from the start with an API designed for the job.