Agentic SRE Advanced By Samson Tanimawo, PhD Published Mar 25, 2026 5 min read

Slack as the Front-End for Approve/Deny Decisions

Approval in Slack is convenient and risky. The interactive message format, the auth context, and the audit trail that makes it defensible.

Block Kit message format

Header: the proposed action and the affected resource.

Section: the agent's reasoning. One paragraph; not a wall of text.

Actions: two buttons, Approve and Deny. Each fires a webhook on click.

Optional fields: confidence, blast radius, reversibility. Helps the approver decide.

The approver's Slack identity is mapped to a service-side identity. The mapping is maintained; the agent does not trust the Slack click alone.

The approver must have permissions for the action. The agent service checks before applying. A click without permission is logged but does not act.

Multi-approver actions require two distinct identities. The first click changes the message to "awaiting second approval."

Every click is logged with: who clicked, when, on what proposal, with what decision.

The audit log is queryable. "Who approved the database failover last Tuesday?" is a one-line lookup.

Retention matches the audit-log retention policy: 1 year hot, 3 years archived.

Slack outage: approvals cannot reach the team. Have a fallback (email, PagerDuty) for high-urgency proposals.

Click hijacking: someone steals an approver's session. Tied to Slack's own auth; ensure SSO + 2FA.

Approval fatigue: too many proposals erode care. Throttle proposals; only the high-stakes ones go to Slack.

Auto-expire after 30 minutes. Stale proposals are not approved; they fail.

Show the time remaining. "15 minutes left to approve." Forces decisions.

Update the message on action: "Approved by Alice at 14:32. Action in flight." The team sees the state without scrolling.