[FEATURE] External Approval Delegate (webhook-based approval for async workflows)

Resolved 💬 4 comments Opened Feb 16, 2026 by russu Closed Mar 20, 2026

Preflight Checklist

  • [x] I have searched existing requests and this feature hasn't been requested yet
  • [x] This is a single feature request (not multiple features)

Problem Statement

Claude Code's approval mechanism is synchronous and terminal-bound. The user must
be physically watching the terminal to approve or deny tool calls. This makes
Claude Code unsuitable for longer-running tasks where the user wants to submit
work, step away, and respond to approval requests asynchronously (e.g., from a
mobile device).

Proposed Solution

An Approval Delegate hook type (or --approval-webhook flag) that allows approval
requests to be routed to an external system instead of the terminal UI.

Flow:

  1. Claude Code encounters a tool call requiring approval
  2. Instead of prompting in the terminal, it POSTs to a configured webhook URL

with the tool name, arguments, and context

  1. The external system evaluates the request (auto-approve, escalate to user,

deny)

  1. The external system responds (sync HTTP response or async callback)
  2. Claude Code continues or aborts based on the response

Webhook payload example:
{
"event": "approval_requested",
"session_id": "...",
"tool": "Bash",
"arguments": {"command": "docker restart radarr"},
"context": "Restarting container after config update",
"risk_level": "medium",
"timestamp": "2026-02-15T22:00:00Z"
}

Response:
{
"decision": "approve",
"decided_by": "user_via_telegram",
"timestamp": "2026-02-15T22:01:30Z"
}

Alternative Solutions

  • --yes flag: Bypasses all approvals. Too dangerous for production use.
  • tmux send-keys: Monitor terminal output for approval prompts, send keystrokes

via tmux. Works but fragile, depends on terminal output format, breaks across
versions.

  • Hooks workaround: PreToolUse hooks can notify external systems, but cannot

receive responses or control the approval flow.

Priority

Critical - Blocking my work

Feature Category

CLI commands and flags

Use Case Example

  • Mobile approval: Route approvals to a Telegram/Slack/SMS bot; approve from your

phone while away from the terminal

  • Governance layer: An intermediary agent evaluates risk and auto-approves

low-risk actions, only escalating destructive operations to the user

  • Team workflows: Approval routing to the right person based on the action type

(infra changes to ops, code changes to dev lead)

  • Audit trail: External systems can log every approval decision with who

approved, when, and why

  • CI/CD integration: Long-running Claude Code tasks in CI with manual approval

gates (similar to GitHub Actions manual approvals)

Additional Context

This would complement the existing hooks system by adding a bidirectional hook
type. Current hooks are fire-and-forget (notify on event). An approval delegate
would be request-response (ask and wait for decision).

The trust gradient this enables — auto-approve safe actions, delegate routine
approvals to an intermediary, escalate dangerous actions to a human — maps
directly to how teams already think about deployment pipelines and change
management.

View original on GitHub ↗

This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗