> ## Documentation Index
> Fetch the complete documentation index at: https://docs.agno.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Approval Post Hook

> Demonstrates the post-hook reading the resolved approval record from run_output.metadata["approval"] after a paused run resumes via DB resolution.

```python approval_post_hook.py theme={null}
"""
Approval Post Hook
=============================

Demonstrates the post-hook reading the resolved approval record from
run_output.metadata["approval"] after a paused run resumes via DB resolution.

Use case: audit/observability hooks that need to know WHO resolved the
approval and WHEN, not just whether the tool was allowed to run.
"""

import os
import time

from agno.agent import Agent
from agno.approval import approval
from agno.db.sqlite import SqliteDb
from agno.models.openai import OpenAIResponses
from agno.run.agent import RunOutput
from agno.tools import tool

DB_FILE = "tmp/approval_post_hook.db"


@approval
@tool(requires_confirmation=True)
def delete_user_data(user_id: str) -> str:
    """Permanently delete all data for a user. This is irreversible.

    Args:
        user_id (str): The user ID whose data should be deleted.
    """
    return f"All data for user {user_id} has been permanently deleted."


def audit_resolved_approval(run_output: RunOutput) -> None:
    """Post-hook: log audit trail using the resolved approval record."""
    if not run_output.metadata:
        return

    approval_record = run_output.metadata.get("approval")
    if approval_record is None:
        return

    print("[audit-hook] tool gated by approval:")
    print(f"  approval_id: {approval_record['id']}")
    print(f"  status:      {approval_record['status']}")
    print(f"  resolved_by: {approval_record.get('resolved_by')}")
    print(f"  resolved_at: {approval_record.get('resolved_at')}")


if __name__ == "__main__":
    if os.path.exists(DB_FILE):
        os.remove(DB_FILE)
    os.makedirs("tmp", exist_ok=True)

    db = SqliteDb(
        db_file=DB_FILE, session_table="agent_sessions", approvals_table="approvals"
    )
    agent = Agent(
        name="Admin Agent",
        model=OpenAIResponses(id="gpt-5-mini"),
        tools=[delete_user_data],
        post_hooks=[audit_resolved_approval],
        db=db,
    )

    print("--- Step 1: Running agent (expects pause) ---")
    run = agent.run("Delete all data for user U-12345")
    assert run.is_paused, f"Expected paused, got {run.status}"
    print(f"Paused. Run ID: {run.run_id}")

    print("\n--- Step 2: Resolving approval in DB (admin/API path) ---")
    pending, _ = db.get_approvals(run_id=run.run_id, status="pending")
    assert len(pending) == 1
    approval_id = pending[0]["id"]
    resolved = db.update_approval(
        approval_id,
        expected_status="pending",
        status="approved",
        resolved_by="admin@example.com",
        resolved_at=int(time.time()),
    )
    assert resolved is not None
    print(f"  Resolved by: {resolved['resolved_by']}")

    print("\n--- Step 3: Continuing run (post-hook should see resolution) ---")
    # Calling continue_run with run_id and NO requirements triggers the admin/API
    # resolution path: check_and_apply_approval_resolution reads the resolved
    # record from the DB and attaches it to run_response.metadata["approval"].
    run = agent.continue_run(run_id=run.run_id)
    assert not run.is_paused, f"Expected run to complete, got {run.status}"

    print("\n--- Step 4: Verifying metadata exposed on RunOutput ---")
    assert run.metadata is not None, "Expected metadata to be populated"
    assert "approval" in run.metadata, "Expected metadata['approval'] to be set"
    assert run.metadata["approval"]["resolved_by"] == "admin@example.com"
    print(f"  metadata['approval'] status: {run.metadata['approval']['status']}")
    print(
        f"  metadata['approval'] resolved_by: {run.metadata['approval']['resolved_by']}"
    )

    print("\n--- All checks passed! ---")
```

## Run the Example

<Steps>
  <Snippet file="create-venv-step.mdx" />

  <Step title="Install dependencies">
    ```bash theme={null}
    uv pip install -U agno openai sqlalchemy
    ```
  </Step>

  <Step title="Export your OpenAI API key">
    <CodeGroup>
      ```bash Mac/Linux theme={null}
      export OPENAI_API_KEY="your_openai_api_key_here"
      ```

      ```bash Windows theme={null}
      $Env:OPENAI_API_KEY="your_openai_api_key_here"
      ```
    </CodeGroup>
  </Step>

  <Step title="Run the example">
    Save the code above as `approval_post_hook.py`, then run:

    ```bash theme={null}
    python approval_post_hook.py
    ```
  </Step>
</Steps>

Full source: [cookbook/02\_agents/11\_approvals/approval\_post\_hook.py](https://github.com/agno-agi/agno/blob/main/cookbook/02_agents/11_approvals/approval_post_hook.py)
