# Pack approvals notifications

Purpose
- Ingest pack approval events from Task Runner.
- Persist approval state and notify approvers.
- Provide acknowledgement and resume hooks.

Event contract
- approval requested and approval updated events.
- Fields include runId, approvalId, plan hash, tenant, required grants,
  step identifiers, and resume callback metadata.

Ingestion and persistence
- Secure endpoint validates scopes and tenant header.
- Approval records stored with idempotent keys (runId + approvalId).
- Audit records capture delivery attempts and correlation ids.

Routing and templates
- Rules match event.kind = pack.approval.
- Templates include plan metadata and approval links.
- Policy hold notifications are surfaced as incidents.

Ack and resume
- Ack endpoint records decision metadata and forwards resume callback.
- Idempotent updates based on decision hash.

Security and observability
- HMAC or mTLS between Task Runner and Notify.
- Metrics for queued, sent, and pending approvals.

Related references
- docs/notifications/pack-approvals-integration.md
- docs/notifications/pack-approvals-contract.md