Authorization infrastructure for AI actions
One API call between your agent and sensitive systems—programmable authorization and receipts before operational changes run.
AI systems are moving from generating text to taking actions. AI actions require authorization.
Every AI action should return a verdict.
- Add approval checks to AI workflows in minutes
- Human review for risky actions
- Replayable approval receipts for clients
Add once. Reuse across every client workflow.
Partner intake — API key in minutes
BiDigest verify
Inline authorization check
Verify the proposed action before CRM, billing, or payments change—then branch on a single verdict.
Examples: AI actions → verdicts
Train clients to think in operational authorization—not chatbot moderation.
Monitoring is not authorization.
| AI action | Verdict |
|---|---|
| Approve $5,000 refund | REVIEW_REQUIRED |
| Delete CRM contact | REJECTED |
| Read FAQ / low-risk lookup | APPROVED |
| Trigger invoice payment | REVIEW_REQUIRED |
| Escalate support ticket with billing change | REVIEW_REQUIRED |
Why agencies are adding approval infrastructure
AI workflows are moving from generating text to changing records, approving payments, and triggering operational actions.
Clients increasingly ask: “What controls the action?” Agencies that ship authorization look responsible—not reckless.
- Monitoring after the fact is no longer enough for higher-trust client deals
- Shipping without approval infrastructure will eventually look negligent to procurement
What changes for your agency
Ship faster with reusable approval infrastructure—better client conversations, not another compliance workshop.
| Before | With BiDigest |
|---|---|
| “Trust us, the AI usually behaves.” | Every action returns a receipt and an approval verdict. |
| Clients fear autonomous workflows | Clients see approval controls and human review paths |
| Rebuild approval logic per client | Same verify call reused in every client template |
| Harder enterprise security conversations | Clearer security and operations story for procurement |
| Ambiguous blame after incidents | Replayable receipts with timestamps and receipt_id |
How it works
Your AI workflow proposes an action
Refund, CRM update, payment, claim, or copilot step—whatever you already automate.
BiDigest returns a verdict
APPROVED, REJECTED, or REVIEW_REQUIRED in one HTTP call—before money, records, or approvals change.
You store the approval receipt
Replayable proof for clients, disputes, and enterprise onboarding—show receipt_id in every run.
Works inside workflows built with
HTTP Request, webhook, or REST only—no native n8n/Make/Zapier marketplace apps yet. Open Integration recipes for copy-paste curl.
- n8n
- Make
- Zapier
- OpenAI Agents
- LangChain
- CrewAI
- Flowise
- Langflow
- Retool
- HubSpot
- Salesforce
Start lightweight
Pick a mode—no policy workshops on day one. Most agencies begin with Observe or Review; add Enforce when clients require hard stops.
| Mode | What happens |
|---|---|
| ObserveNow | Log receipts only |
| ReviewNow | Pause risky actions |
| EnforceOpt-in | Stop on REJECTED |
What happens on REVIEW_REQUIRED?
Your workflow pauses until a human decides—same pattern agencies already use for refunds and CRM writes.
- REVIEW_REQUIRED
Verify returns a verdict + receipt_id; downstream steps wait.
- Notify your team
Webhook, email, or agency console—wire the channel you already use.
- Human approves
Operator reviews context; approves or rejects in your tool of record.
- Workflow resumes
Continue the automation with the receipt on file for the client.
Real agency use cases
Refund approval bots
Auto-approve small refunds; REVIEW_REQUIRED above your threshold.
AI SDR workflows
Gate outbound sends and CRM writes before they hit production.
CRM enrichment agents
Block destructive updates; approve high-impact field changes.
Support escalation agents
Pause ticket actions that need a human sign-off.
Insurance claim review flows
Receipt every decision for regulated client accounts.
Invoice approval agents
Verify payment and billing actions before execution.
Protected by BiDigest
Trust signals agencies use in decks, workflows, and client QBRs—partner intake unlocks co-branding.
- Protected by BiDigestWorkflow trust mark
- Approval receipts enabledPer-run proof
- Human review enforcedREVIEW_REQUIRED path
- Show badges on client-facing flows and SOW appendices
- Differentiate retainers with verifiable authorization—not policy slides
- Certification-style partner marks via onboarding (not self-serve marketplace yet)
5-minute integration
Copy, paste, verify—then reuse the same verify call in every client template. Not per-client consulting—reusable infrastructure.
[COMING SOON] Typed npm SDK for agencies. Today: copy fetch or curl below (works with any stack).
const res = await fetch('https://bidigest.com/api/v1/admissibility/verify', {
method: 'POST',
headers: {
Authorization: `Bearer ${process.env.BIDIGEST_API_KEY}`,
'Content-Type': 'application/json',
},
body: JSON.stringify({
jurisdiction: { regionCode: 'us-fed', industrySector: 'financial' },
intent: {
agentId: 'agency-agent:client-acme',
actionType: 'refund_approval',
proposedPayload: { action: 'refund_approval', amount: 500, clientId: 'client-acme' },
},
sessionContext: {
sessionId: 'session-acme-refund-001',
userId: 'support_agent',
sessionStartTime: new Date().toISOString(),
},
groundTruthBinding: {
domain: 'agency-automation-demo.bidigest.com',
regulatoryId: 'AGENCY_AUTOMATION_DEMO_V0',
},
}),
});
const data = await res.json();
// Map API response → agency verdict (see /partners/ai-automation/recipes)Partner onboarding
Get started in under 5 minutes
Connect, pick a workflow type, copy a recipe, run a live verify—no policy mapping on day one.
- 1. Protect your first workflow — Partner intake provisions your org and API key. Protect your first workflow
- 2. Pick a workflow type — Refunds, CRM, claims, payments, or internal ops.
- 3. Copy an integration — curl, n8n, Make, or TypeScript. Open HTTP recipes
- 4. Run a live verify — Simulator or your stack—every run returns a verdict + receipt_id. Try a live verify
- 5. Ship to every client — Add the same verify call to every client template; console shows REVIEW_REQUIRED queue. Agency console
Protected workflow templates (roadmap)
[PROPOSAL] Deployable assets agencies can clone—thresholds, starter rules, and sample receipts when packs ship.
- Protected AI Refund Agent
- Protected CRM Update Agent
- Protected SDR Agent
- Protected Invoice Approval Flow
- Protected Claims Review Flow
Integration recipes
No marketplace download—use HTTP Request (n8n), Webhook (Make), or POST (Zapier) with the curl body below.
Open full HTTP recipes (curl, n8n, Make)
Starter rules (included)
Defaults ship in code—customize via verifyIntent thresholdRules. No framework workshop required.
| Workflow | Default | Outcome |
|---|---|---|
| Refund over $500 | Human review before bind | REVIEW_REQUIRED |
| refund_approval / wire_transfer / coverage_change | Always review | REVIEW_REQUIRED |
| CRM contact delete | Deny in examples | REJECTED |
| Policy / FAQ lookup | Auto-approve when API allows | APPROVED |
Developer docs
Developer docs
n8n · Make · Zapier · LangChain · OpenAI Agents SDK · CrewAI · Flowise · custom backends
Architecture (one call)
AI agent / workflow
→ BiDigest verify API
→ APPROVED | REJECTED | REVIEW_REQUIRED
→ CRM · ERP · payments · claimsCopy-paste examples
Verify from your backend—map to APPROVED, REJECTED, or REVIEW_REQUIRED.
{
"admissibility_status": "APPROVED",
"reason_code": "200_ADMITTED",
"decision_receipt": { "receipt_id": "rcpt_84721…" }
}Verify action API: POST /api/v1/admissibility/verify
[COMING SOON] Typed npm SDK for agencies. Today: copy fetch or curl below (works with any stack).
curl -sS -X POST "https://bidigest.com/api/v1/admissibility/verify" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"jurisdiction": { "regionCode": "us-fed", "industrySector": "financial" },
"intent": {
"agentId": "agency-agent:client-acme",
"actionType": "refund_approval",
"proposedPayload": { "action": "refund_approval", "amount": 500, "clientId": "client-acme" }
},
"sessionContext": {
"sessionId": "session-acme-refund-001",
"userId": "support_agent",
"sessionStartTime": "2026-05-17T12:00:00.000Z"
},
"groundTruthBinding": {
"domain": "agency-automation-demo.bidigest.com",
"regulatoryId": "AGENCY_AUTOMATION_DEMO_V0"
}
}'Demo policy defaults (integrators): agency-automation-demo.bidigest.com · AGENCY_AUTOMATION_DEMO_V0
When the verdict is REVIEW_REQUIRED
- Branch on REVIEW_REQUIRED—not only HTTP 403.
- Notify a human (Slack, email) with receipt_id.
- Continue or stop after human decision.
What BiDigest is not
- — Not an LLM vendor or chatbot platform
- — Not observability-only or a blended AI safety score
- — Not native n8n, Make, or Zapier marketplace connectors (HTTP only today)
- — Not day-one governance transformation or policy workshops
- — Not kernel or network severance on this page—API verdict branching in your workflow
Enterprise deployments
Enterprise deployments
Same verify API for higher-trust programs—separate enterprise hub for audits and trustee paths (not required for agency HTTP integrations).
Enterprise governance hub · Legacy visibility agency program