Enable approval on a DTP
- Go to Admin → Domain Trust Profiles
- Edit the profile
- Toggle Require approval on
- Save
The approval queue
Approvals in the navigation shows all pending, approved, and rejected requests. Each request shows a pipeline step visualization — a horizontal progress indicator that shows which stage the request is at: Submitted → Pending → Approved/Rejected → Certificate Issued. Escalated requests show an escalation badge next to the status.Taking action
Click Approve to issue the certificate, or Reject to decline. When rejecting, provide a reason — it is shown to the requester and recorded permanently in the audit trail. If Mandatory approval reason is enabled on the DTP (or by the active compliance framework), you must select a reason from the dropdown before the form can be submitted.AI risk assessment
When the AI engine is enabled by your platform administrator, each incoming request is scored automatically. The score (low / medium / high) and the reasoning behind it appear on the request detail panel. The AI score does not block approval — it is advisory information to help approvers prioritize the queue. To enable the AI engine, contact your platform administrator or see the AI Setup guide.Predefined approval reasons
Approval reasons give the approval and request workflows a controlled vocabulary. They are configured in Admin → Approval Reasons. There are two reason types:Configuring reasons
- Go to Admin → Approval Reasons → Add reason
- Set:
- Label — text shown in the dropdown, e.g.
Security incident response - Type —
approvalorrequested - Sort order — integer controlling display order; lower values appear first
- Active — inactive reasons are hidden from dropdowns but are not deleted
- Label — text shown in the dropdown, e.g.
Enabling mandatory approval reason
The requirement to select a reason can be enforced in two ways:- Per DTP: Edit the DTP → Access Control section → enable Mandatory approval reason. Applies only to requests matched to that DTP.
- Via compliance framework: Go to the Compliance page and assign a framework (SOC 2, ISO 27001, PCI-DSS, or HIPAA). All four frameworks set mandatory approval reason for every DTP in the org.