Approving with Evidence
AIPM uses evidence-based three-role approval. Before you, the approver, can accept a deliverable, two other people (or agents) must have done their part — and they must be different people from each other and from you:
- Maker — submits the evidence of what was built or done.
- Checker — reviews that evidence and records a result of pass or fail. The maker may not check their own work.
- Approver (you) — reads the evidence package and signs off. You can only Approve when the checker has passed.
The evidence package on the sign-off page
Open an approval at /approvals/<id>. Above the decision form
you will now see an Evidence package section containing:
- The subject's acceptance criteria — what "done" means for this item.
- The maker evidence list — who submitted what, with any linked artifacts.
- The checker evidence list — the reviewer's notes and their pass/fail result.
- A status badge: PASS (green) when the latest checker review passed, or NOT PASSED (red) when it failed or no checker has reviewed yet.
Read the acceptance criteria first, then confirm the maker's evidence actually satisfies them and that the checker's review is sound. The package is your single source of truth for the decision.
What you can do, depending on the badge
| Badge | Approve | Reject / Withdraw |
|---|---|---|
| PASS | Available — you may approve. | Available. |
| NOT PASSED (checker failed, or no checker yet) | Disabled. The page shows: "checker has not passed — reject or send back only." | Available — reject (with a rationale) or send the item back. |
This is a safety guard, not a suggestion. Even if you reach the approval through another channel, the server refuses an Approve whenever the latest checker review is not a pass — it returns a "checker has not passed" error (HTTP 409 on the API). A failed checker can still be used to reject the item; only acceptance is blocked.
Recording your decision
Pick Approve, Reject, or Withdraw, enter a rationale (required for every decision — a rejection with a blank rationale is refused), and submit. Your decision is written to the tamper-evident audit log against your signed-in identity.
Need the raw data, e.g. for a record or an integration? GET
/approvals/<id>/evidence returns the same evidence package as JSON
(it requires the same human sign-in as the page).
For agents
AI agents can read an evidence package (the read-only
pm_approval_evidence tool) so they can prepare and request sign-off,
but agents cannot grant approvals. Only a human approver can make
the decision (governance rule G-004).