Operation Approval Element

The Operation Approval Element is a frontend component that enables users to request approval for specific actions in your application.
When a request is made, it will display in the "Approval Management" Element, where users with the appropriate permissions can view all pending requests and approve or deny them.
Once the request is approved or denied, the user will receive approval for the requested action. Additionally, a webhook will be triggered to notify your application about the approval or denial of the request.

Overview

The Operation Approval Element enables users to submit operation approvals using a dedicated user interface embedded in your application. This allows you, as the administrator, to restrict end-users from taking specific actions on objects and resources, and require an approval process before these actions are executed. After a user submits a request, it is sent for approval by an admin, who can either approve or deny it.

This element is especially useful for critical actions in your system that require approval by a higher authority before execution.

Using the "Operation Approval" Element is simple – just embed it into your Frontend application. Once embedded, users can request approval for restricted resources by clicking the "Request Approval" button. Later, users with the relevant permissions can view a list of all pending operation approvals in the "Approval Management" Element, where they can approve or deny them.

Example:

Let's take the example of a bank where users can transfer funds to other users. We want to ensure that all transfers above a certain amount are approved by a manager before they are executed. In this case, we can use the "Operation Approval" Element to allow users to request approval for large transfers.

Upon receiving the operational approval, the manager reviews it to decide whether to approve this transfer request or not.

Creating and Connecting the Element

1. In the Elements Screen, under "Operation Approval", click on "Create Element".

2. Select Resource from the dropdown menu, which will be the resource that connects to this element.

note

When the "Operation Approval" Element is created, it will create by default two roles: " _reviewer_ " with the permission to review, approve and deny requests, and "_requester_" with the "operate" permission.

3. Give the element a name, and click on "Create".

Element Customization

With every new element, you will be able to adjust it to ensure the look and feel of it fits your application.

• You can change the background color and the color of the button
• You can change the title, message and button text to make it more user friendly

Creating an iFrame

In your newly created element, click the "Generate Code" button on the top of the screen

A code snippet for the element will be generated for you. This will be an <iframe> that you can insert anywhere into your application. It will look like the code snippet below:

note

Note that it is crutial to select the Tennant relevant for this element for it to fuction properly.

The dynamic values in src are:

• <ELEMENT_NAME> - The name of the element you have created.
• <SOME_UNIQUE_ID> - The unique id of the environment you are using.
• <TENANT_KEY> - The tenant key you are using.
• <RESOURCE_INSTANCE_KEY> - The resource instance key you are using or new resource instance key.

Replace them with your values.

<iframe
    title="Permit Element Name"
    src="https://embed.permit.io/<ELEMENT_NAME>?envId=<SOME_UNIQUE_ID>&darkMode=false&resourceInstanceKey=<RESOURCE_INSTANCE_KEY>&tenantKey=<TENANT_KEY>"
    width="100%"
    height="100%"
    style="border: none;"
/>

Once the iframe is ready, we need to embed it. To do that, you'll need to create a login. In the next section, we'll walk you through logging in. Choose a way to log in that's convenient for you:

IMPORTANT

You need to generate resource instance key for each request, and assign a reviewer to this request. you will pass the resource instance key in the url of the iframe, for example:

<iframe
    title="Permit Element Name"
    src="https://embed.permit.io/<ELEMENT_NAME>?envId=<SOME_UNIQUE_ID>&darkMode=false&tenantKey=<TENANT_KEY>&resourceInstanceKey=<RESOURCE_INSTANCE_KEY>"
    width="100%"
    height="100%"
    style="border: none;"
/>

New Operation Approval

When a user needs to request approval for a specific action, they should provide a reason for the request and then click the "Request Approval" button to submit it. Once the request is submitted, the user should obtain the key of the resource instance from the new request and assign a reviewer to it.

For example, if a user wants to seek approval for a $1000 transfer to another user and the key of the resource instance is "transfer-1", they should assign a relevant user with ReBAC permissions in the following format: transfer:transfer-1#_reviewer_.

You can find all pending requests on the "Approval Page." There, you can view all pending requests (based on your permissions) and take action by clicking the "Approve" or "Deny" buttons.

Embedding the Element

Please check the Embedding Elements documentation for more information on how to embed the element into your application.