Why Use Approval?
Tool Permissions
Claude Code-style approval system for sensitive tool execution
Multiple Scopes
Session, user, time-limited, and context-specific approvals
PKCE Security
RFC 7636 PKCE webhooks for secure external approval systems
Audit Trail
Full audit log with grantor/revoker tracking
Installation
How It Works
Quick Start
Basic Setup
Require Approval on Tools
Using the Approval Service
The plugin extends all execution contexts withthis.approval:
Approval Scopes
| Scope | Description | Use Case |
|---|---|---|
session | Valid only for current session | Default, most restrictive |
user | Persists across sessions for user | Trusted tools |
time_limited | Expires after specified TTL | Temporary elevated access |
tool_specific | Tied to specific tool instance | Fine-grained control |
context_specific | Tied to context (e.g., specific repo) | Context-aware approvals |
Plugin Options
Basic Configuration
Recheck Mode (Default)
In recheck mode, the plugin polls an external API for approval status:Webhook Mode with PKCE
For secure external approval systems using PKCE (RFC 7636):Tool Approval Options
Whether this tool requires approval before execution
Default scope for approvals:
session, user, time_limited, tool_specific, context_specificRestrict which scopes are allowed for this tool
Maximum TTL for time-limited approvals (milliseconds)
Category for grouping:
read, write, delete, execute, adminRisk level hint:
low, medium, high, criticalMessage shown to user when prompting for approval
Prompt every time, even if previously approved (for highly sensitive operations)
Skip approval entirely (for safe, read-only operations)
Contexts that are pre-approved (bypass approval check)
API Reference
ApprovalService Methods
Check if a tool is approved for execution
Grant session-scoped approval
Grant user-scoped approval (persists across sessions)
Grant time-limited approval
Revoke an existing approval
Get the current approval record for a tool
Approval Audit Trail
Every approval records who granted it and how:Grantor Factory Functions
Create typed grantors for audit trails:PKCE Webhook Flow
For external approval systems, the plugin implements RFC 7636 PKCE:Webhook Request
The plugin sends to your webhook URL:Callback Response
Your approval system responds to the callback URL:Storage Options
Thestorage option uses the StorageConfig type from @frontmcp/utils and supports memory, redis, vercel-kv, upstash, and auto.
Auto-Detect (Default)
Memory Storage
Redis Storage
Use Existing Storage Instance
Best Practices
1. Use Appropriate Scopes
1. Use Appropriate Scopes
- Session: Default, most restrictive - good for sensitive operations
- User: For tools the user has explicitly trusted
- Time-limited: For temporary elevated access
- Context-specific: For repository/project-specific permissions
2. Configure Risk Levels
2. Configure Risk Levels
Mark tools with appropriate risk levels to help users make informed decisions:
3. Use PKCE for External Approvals
3. Use PKCE for External Approvals
When integrating with external approval systems, always use webhook mode with PKCE to prevent session hijacking.
4. Track Audit Trails
4. Track Audit Trails
Always provide meaningful
reason and grantedBy information for compliance and debugging:Complete Example
Links & Resources
Source Code
View the approval plugin source code
Remember Plugin
For session memory storage
Plugin Guide
Learn more about FrontMCP plugins
PKCE RFC 7636
PKCE specification