This example shows how a CI workflow can request approval through Approva before a protected deployment step.
Files:
- machine-authenticated Approva CLI usage from a workflow runner
- high-risk deployment approval request creation
- request status polling
- conditional protected-action continuation after approval
APPROVA_BASE_URLAPPROVA_API_KEY- optionally
APPROVA_CAPABILITY_TOKENif you already obtained a raw token through a valid exchange flow
This workflow is intentionally minimal and poll-based.
- it shows the approval checkpoint pattern clearly
- it does not implement a signed webhook receiver inside the workflow
- for fully automated continuation after approval, use Approva's signed webhook plus
exchange_tokendelivery mode in a first-party service or runner
Canonical reference: