Approval Workflows
Configure approval requirements for sensitive operations in Kuviq.
Overview
Approval workflows add oversight to critical operations by requiring authorization before actions are executed. This is useful for:
- Preventing accidental deletions
- Ensuring high-value changes are reviewed
- Meeting compliance requirements
- Maintaining audit trails for sensitive operations
How It Works
- An admin creates an approval workflow (e.g., "Require approval for item deletion")
- When a user attempts the action, they submit an approval request
- Designated approvers are notified
- An approver reviews and approves or rejects the request
- If approved, the action is executed automatically
Creating a Workflow
Navigate to Workflows
- Go to Admin > Approval Workflows
- Click Create Workflow
Configure the Trigger
| Field | Description |
|---|---|
| Name | Descriptive name (e.g., "High-value item deletion") |
| Description | Explain when and why this workflow applies |
| Resource | The type of resource (Items, Users, Templates, etc.) |
| Action | The operation requiring approval (Delete, Update, etc.) |
Set Conditions (Optional)
Add conditions to limit when approval is required:
| Condition Type | Example |
|---|---|
| Greater than | Value > 1000 (for high-value items) |
| Less than | Quantity < 10 |
| Equals | Status = "Active" |
| Contains | Name contains "Critical" |
Without conditions, approval is required for all matching actions.
Configure Approvers
Choose who can approve requests:
| Approver Type | Description |
|---|---|
| Any Admin | Any user with Admin or Super Admin role |
| Manager | The user's direct manager |
| Specific User | A designated individual |
| Role | Users with a specific role |
Additional Settings
| Setting | Description |
|---|---|
| Required Approvals | Number of approvals needed (default: 1) |
| Expiration | Hours until request expires (default: 48) |
| Notify on Request | Email approvers when request is submitted |
| Notify on Decision | Email requester when decided |
Managing Requests
For Requesters
When you attempt an action that requires approval:
- You'll see a dialog explaining approval is required
- Enter a reason for your request
- Submit the request
- Wait for approval notification
Track your requests:
- Go to Admin > Approval Requests
- Filter by "My Requests"
- View status: Pending, Approved, Rejected, Expired
For Approvers
When a request needs your approval:
- You'll receive an email notification (if enabled)
- Go to Admin > Approval Requests
- Click on the pending request
- Review the details and requester's reason
- Add an optional comment
- Click Approve or Reject
Workflow Templates
Kuviq provides templates for common scenarios:
Delete High-Value Items
Trigger: Delete Items where value > 1000
Approvers: Any Admin
Required: 1 approval
Expires: 48 hours
User Deletion
Trigger: Delete Users
Approvers: Super Admin
Required: 1 approval
Expires: 24 hours
Configuration Changes
Trigger: Update Templates
Approvers: Any Admin
Required: 1 approval
Expires: 72 hours
Best Practices
When to Use Approval Workflows
| Scenario | Recommended |
|---|---|
| Deleting items | Yes, especially high-value |
| Deleting users | Yes |
| Changing templates | Optional |
| Creating items | Usually not needed |
| Performing inspections | No |
Setting Appropriate Timeouts
| Urgency | Expiration |
|---|---|
| Urgent operations | 24 hours |
| Normal operations | 48 hours |
| Low-priority changes | 72+ hours |
Avoiding Bottlenecks
- Use "Any Admin" for flexibility
- Don't require too many approvals
- Keep expiration times reasonable
- Have backup approvers available
Audit Trail
All approval decisions are logged:
- Who requested the action
- When it was requested
- Who approved/rejected
- Their comments
- When the decision was made
- Whether the action was executed
View the audit log in Admin > Security > Audit Logs.
Troubleshooting
Request Expired
- The request wasn't addressed in time
- Submit a new request
- Consider longer expiration times
No One Can Approve
- Check the approver configuration
- Ensure designated approvers have access
- Consider using "Any Admin" instead of specific users
Action Not Executing After Approval
- Check the item still exists
- Verify the approver has permission
- Review audit logs for errors
Next Steps
- Permissions - Understanding user permissions
- Audit Logs - Viewing security logs
- Roles - Role-based access control