> ## Documentation Index > Fetch the complete documentation index at: https://docs.chainloop.dev/llms.txt > Use this file to discover all available pages before exploring further. # Approve an assessment revision > Promote a pending assessment revision to APPROVED. The parent assessment's effective state is refreshed from this revision. ## OpenAPI ````yaml https://api.app.chainloop.dev/openapi.yaml post /v1/assessments/revisions/{revision_id}/approve openapi: 3.0.1 info: contact: email: support@chainloop.dev name: Chainloop Support url: https://chainloop.dev termsOfService: https://chainloop.dev/terms title: Chainloop Platform API version: '1.0' servers: - url: https://api.app.chainloop.dev/ security: - bearerToken: [] tags: - description: AI-powered agent operations name: AgentsService - name: ArtifactService - name: AssessmentService - description: Service for polling the status of asynchronous operations name: AsyncOperationsService - name: AttestationsService - name: PolicyService - name: ComplianceService - name: ComponentService - name: EnvironmentsService - name: EvidenceService - name: FindingService - name: LogicalEnvironmentsService - name: ProductsService - name: ProjectsService - name: UserService externalDocs: description: Chainloop Official Documentation url: https://docs.chainloop.dev paths: /v1/assessments/revisions/{revision_id}/approve: post: tags: - AssessmentService summary: Approve an assessment revision description: >- Promote a pending assessment revision to APPROVED. The parent assessment's effective state is refreshed from this revision. operationId: AssessmentService_ApproveAssessmentRevision parameters: - description: Revision ID to approve in: path name: revision_id required: true schema: type: string requestBody: content: application/json: schema: $ref: >- #/components/schemas/AssessmentServiceApproveAssessmentRevisionBody required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/v1ApproveAssessmentRevisionResponse' description: A successful response. '400': content: application/json: schema: $ref: '#/components/schemas/v1BadRequestResponse' description: Bad Request - The request was invalid or cannot be served. '401': content: application/json: schema: $ref: '#/components/schemas/v1UnauthorizedResponse' description: Unauthorized - Authentication is required. '403': content: application/json: schema: $ref: '#/components/schemas/v1PermissionDeniedResponse' description: Forbidden - You do not have permission to access this resource. '500': content: application/json: schema: $ref: '#/components/schemas/v1InternalServerErrorResponse' description: Internal Server Error - An unexpected error occurred on the server. default: content: application/json: schema: $ref: '#/components/schemas/rpcStatus' description: An unexpected error response. components: schemas: AssessmentServiceApproveAssessmentRevisionBody: description: Request to approve a pending assessment revision example: review_note: review_note properties: review_note: description: Optional reviewer note type: string title: ApproveAssessmentRevisionRequest type: object v1ApproveAssessmentRevisionResponse: description: Response for ApproveAssessmentRevision method example: result: justification_code: null note: note approval_status: ASSESSMENT_APPROVAL_STATUS_UNSPECIFIED reviewed_at: '2000-01-23T04:56:07.000Z' created_at: '2000-01-23T04:56:07.000Z' assessment_id: assessment_id project_version_id: project_version_id reviewer: intercom_hash: intercom_hash created_at: '2000-01-23T04:56:07.000Z' last_name: last_name id: id first_name: first_name email: email instance_admin: true confidence_breakdown: schema_version: schema_version scores: key: reason: reason abstained: true value: 5.637376656633329 derived: rollup_active_axes: 7 dominant_low_axis: reason: reason axis: axis value: 9.301444243932576 rollup: 2.3021358869347655 created_by: api_token: id: id type: ASSESSMENT_CREATOR_TYPE_UNSPECIFIED user: intercom_hash: intercom_hash created_at: '2000-01-23T04:56:07.000Z' last_name: last_name id: id first_name: first_name email: email instance_admin: true ai_agent: name: name revision: 1 products: - purl_glob: purl_glob - purl_glob: purl_glob review_note: review_note scope: null confidence_score: 5.962133916683182 id: id auto_remediable: true status: null properties: result: $ref: '#/components/schemas/v1AssessmentRevision' title: ApproveAssessmentRevisionResponse type: object v1BadRequestResponse: description: Response for bad request example: code: 0 details: - details - details message: message properties: code: default: 3 description: >- The error code indicating the type of error. It's fixed to 3, which is the code for INVALID_ARGUMENT. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: BadRequestResponse type: object v1UnauthorizedResponse: description: Response for unauthorized access example: code: 6 details: - details - details message: message properties: code: default: 16 description: >- The error code indicating the type of error. It's fixed to 16, which is the code for UNAUTHENTICATED. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: UnauthorizedResponse type: object v1PermissionDeniedResponse: description: Response for permission denied example: code: 1 details: - details - details message: message properties: code: default: 7 description: >- The error code indicating the type of error. It's fixed to 7, which is the code for PERMISSION_DENIED. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: PermissionDeniedResponse type: object v1InternalServerErrorResponse: description: Response for internal server error example: code: 5 details: - details - details message: message properties: code: default: 13 description: >- The error code indicating the type of error. It's fixed to 13, which is the code for INTERNAL_ERROR. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: InternalServerErrorResponse type: object rpcStatus: example: code: 5 details: - '@type': '@type' - '@type': '@type' message: message properties: code: format: int32 type: integer message: type: string details: items: $ref: '#/components/schemas/protobufAny' type: array type: object v1AssessmentRevision: description: >- Immutable snapshot of an assessment at a revision number, with authorship and review audit trails example: justification_code: null note: note approval_status: ASSESSMENT_APPROVAL_STATUS_UNSPECIFIED reviewed_at: '2000-01-23T04:56:07.000Z' created_at: '2000-01-23T04:56:07.000Z' assessment_id: assessment_id project_version_id: project_version_id reviewer: intercom_hash: intercom_hash created_at: '2000-01-23T04:56:07.000Z' last_name: last_name id: id first_name: first_name email: email instance_admin: true confidence_breakdown: schema_version: schema_version scores: key: reason: reason abstained: true value: 5.637376656633329 derived: rollup_active_axes: 7 dominant_low_axis: reason: reason axis: axis value: 9.301444243932576 rollup: 2.3021358869347655 created_by: api_token: id: id type: ASSESSMENT_CREATOR_TYPE_UNSPECIFIED user: intercom_hash: intercom_hash created_at: '2000-01-23T04:56:07.000Z' last_name: last_name id: id first_name: first_name email: email instance_admin: true ai_agent: name: name revision: 1 products: - purl_glob: purl_glob - purl_glob: purl_glob review_note: review_note scope: null confidence_score: 5.962133916683182 id: id auto_remediable: true status: null properties: id: description: Revision UUID type: string assessment_id: description: Parent assessment UUID type: string revision: description: Monotonic revision number (starts at 1) format: int32 type: integer scope: $ref: '#/components/schemas/v1AssessmentScope' project_version_id: description: Project version ID (set for PROJECT_VERSION scope) type: string status: $ref: '#/components/schemas/v1AssessmentStatus' justification_code: $ref: '#/components/schemas/v1AssessmentJustificationCode' note: description: Note recorded on this revision type: string products: description: PURL globs recorded on this revision items: $ref: '#/components/schemas/v1AssessmentProduct' type: array created_by: $ref: '#/components/schemas/v1AssessmentCreator' created_at: description: When this revision was created format: date-time type: string approval_status: $ref: '#/components/schemas/v1AssessmentApprovalStatus' reviewer: $ref: '#/components/schemas/v1User' reviewed_at: description: When the review action was taken format: date-time type: string review_note: description: Reviewer note. Required on reject; optional on approve. type: string auto_remediable: description: >- AI verdict on whether a mechanical fix is plausible. Set only on AI-authored revisions. type: boolean confidence_score: description: Headline confidence (0.0-1.0). Set only for AI-authored revisions. format: double type: number confidence_breakdown: $ref: '#/components/schemas/v1ConfidenceBreakdown' title: AssessmentRevision type: object protobufAny: additionalProperties: type: object example: '@type': '@type' properties: '@type': type: string type: object v1AssessmentScope: default: ASSESSMENT_SCOPE_UNSPECIFIED enum: - ASSESSMENT_SCOPE_UNSPECIFIED - ASSESSMENT_SCOPE_PROJECT - ASSESSMENT_SCOPE_PROJECT_VERSION title: AssessmentScope represents the scope level of an assessment type: string v1AssessmentStatus: default: ASSESSMENT_STATUS_UNSPECIFIED enum: - ASSESSMENT_STATUS_UNSPECIFIED - ASSESSMENT_STATUS_NOT_AFFECTED - ASSESSMENT_STATUS_AFFECTED - ASSESSMENT_STATUS_UNDER_INVESTIGATION - ASSESSMENT_STATUS_FIXED title: AssessmentStatus represents the OpenVEX-aligned status type: string v1AssessmentJustificationCode: default: ASSESSMENT_JUSTIFICATION_CODE_UNSPECIFIED enum: - ASSESSMENT_JUSTIFICATION_CODE_UNSPECIFIED - ASSESSMENT_JUSTIFICATION_CODE_COMPONENT_NOT_PRESENT - ASSESSMENT_JUSTIFICATION_CODE_VULNERABLE_CODE_NOT_PRESENT - >- ASSESSMENT_JUSTIFICATION_CODE_VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY - ASSESSMENT_JUSTIFICATION_CODE_VULNERABLE_CODE_NOT_IN_EXECUTE_PATH - ASSESSMENT_JUSTIFICATION_CODE_INLINE_MITIGATIONS_ALREADY_EXIST title: AssessmentJustificationCode represents OpenVEX justification codes type: string v1AssessmentProduct: example: purl_glob: purl_glob properties: purl_glob: description: Package URL glob pattern type: string title: AssessmentProduct represents a PURL glob entry in the products field type: object v1AssessmentCreator: description: >- AssessmentCreator identifies who or what created an assessment. Exactly one oneof variant is populated (matching the declared type). SYSTEM-minted rows (e.g. auto NOT_AFFECTED on component removal) leave created_by unset on AssessmentItem. example: api_token: id: id type: ASSESSMENT_CREATOR_TYPE_UNSPECIFIED user: intercom_hash: intercom_hash created_at: '2000-01-23T04:56:07.000Z' last_name: last_name id: id first_name: first_name email: email instance_admin: true ai_agent: name: name properties: type: $ref: '#/components/schemas/v1AssessmentCreatorType' user: $ref: '#/components/schemas/v1User' api_token: $ref: '#/components/schemas/v1AssessmentCreatorAPIToken' ai_agent: $ref: '#/components/schemas/v1AssessmentCreatorAIAgent' type: object v1AssessmentApprovalStatus: default: ASSESSMENT_APPROVAL_STATUS_UNSPECIFIED description: >- AssessmentApprovalStatus represents the approval lifecycle of an individual revision. Transitions are one-shot from PENDING to APPROVED or REJECTED. enum: - ASSESSMENT_APPROVAL_STATUS_UNSPECIFIED - ASSESSMENT_APPROVAL_STATUS_PENDING - ASSESSMENT_APPROVAL_STATUS_APPROVED - ASSESSMENT_APPROVAL_STATUS_REJECTED type: string v1User: description: Information about a user in the Chainloop platform. example: intercom_hash: intercom_hash created_at: '2000-01-23T04:56:07.000Z' last_name: last_name id: id first_name: first_name email: email instance_admin: true properties: id: description: Unique identifier of the user. title: The ID of the user type: string email: description: Email address of the user. title: The email of the user type: string intercom_hash: description: Computed hash of the user ID for use with Intercom. title: The computed hash of the user id to be used in intercom type: string created_at: description: Timestamp when the user account was created. format: date-time title: The time the user was created type: string first_name: description: First name of the user. title: The first name of the user type: string last_name: description: Last name of the user. title: The last name of the user type: string instance_admin: description: Whether the user is an instance admin. title: Whether the user is an instance admin type: boolean title: User type: object v1ConfidenceBreakdown: description: Per-axis confidence breakdown plus platform-derived block example: schema_version: schema_version scores: key: reason: reason abstained: true value: 5.637376656633329 derived: rollup_active_axes: 7 dominant_low_axis: reason: reason axis: axis value: 9.301444243932576 rollup: 2.3021358869347655 properties: scores: additionalProperties: $ref: '#/components/schemas/v1ConfidenceAxisScore' description: Per-axis scores keyed by axis identifier type: object derived: $ref: '#/components/schemas/v1ConfidenceDerived' schema_version: description: Agent output schema version that produced this breakdown (e.g. "2"). type: string title: ConfidenceBreakdown type: object v1AssessmentCreatorType: default: ASSESSMENT_CREATOR_TYPE_UNSPECIFIED description: >- AssessmentCreatorType is an explicit discriminator for AssessmentCreator, provided alongside the oneof so clients can branch without inspecting the oneof case directly (convenient for UI code). enum: - ASSESSMENT_CREATOR_TYPE_UNSPECIFIED - ASSESSMENT_CREATOR_TYPE_USER - ASSESSMENT_CREATOR_TYPE_AI_ASSISTED - ASSESSMENT_CREATOR_TYPE_API_TOKEN type: string v1AssessmentCreatorAPIToken: description: >- AssessmentCreatorAPIToken identifies an API token that created an assessment. example: id: id properties: id: description: API token UUID type: string type: object v1AssessmentCreatorAIAgent: description: >- AssessmentCreatorAIAgent identifies an AI agent that created an assessment. example: name: name properties: name: description: Human-readable agent name type: string type: object v1ConfidenceAxisScore: description: One axis from the agent's self-scored confidence breakdown example: reason: reason abstained: true value: 5.637376656633329 properties: value: description: Axis score in [0.0, 1.0]. Unset when abstained. format: double type: number reason: description: Agent's one-sentence justification for the axis score type: string abstained: description: True when the axis was not evaluable type: boolean title: ConfidenceAxisScore type: object v1ConfidenceDerived: description: Platform-computed rollup and dominant-axis surfacing example: rollup_active_axes: 7 dominant_low_axis: reason: reason axis: axis value: 9.301444243932576 rollup: 2.3021358869347655 properties: rollup: description: Geometric mean over non-abstained axes format: double type: number rollup_active_axes: description: Count of non-abstained axes contributing to the rollup format: int32 type: integer dominant_low_axis: $ref: '#/components/schemas/v1ConfidenceDominantLowAxis' title: ConfidenceDerived type: object v1ConfidenceDominantLowAxis: description: Lowest non-abstained axis driving a low-confidence verdict example: reason: reason axis: axis value: 9.301444243932576 properties: axis: description: Axis identifier type: string value: description: The axis's score format: double type: number reason: description: The agent's reason for the axis score type: string title: ConfidenceDominantLowAxis type: object securitySchemes: bearerToken: description: Bearer token for authentication type: http scheme: bearer bearerFormat: JWT ````