Skip to main content

Governance intelligence for access, cloud, and SaaS. Now in early access

Nuxari
Roles and Permissions

Approver

The Approver reviews, approves, or denies requests assigned to them. Approvers can only act on requests explicitly assigned to them and cannot approve their own requests.

Last updated: June 2026

Who this is for

Managers, team leads, or designated reviewers who are responsible for authorizing access requests, remediation plans, or governance actions on behalf of their team or organization.

Purpose

The Approver role is the authorization checkpoint in Nuxari's governance workflows. When a request or action requires authorization before it can proceed, an Approver is the designated person who reviews it and makes the decision. Approvers have enough visibility to make informed decisions on their assigned items without having broad administrative access to the platform.

What Approvers can do

  • Review and approve or deny requests that are explicitly assigned to them.
  • View the findings, evidence, and supporting context for requests they are assigned to review.
  • Add notes or comments to approval decisions for audit trail purposes.
  • View the audit log for approvals they have made.
  • Receive notifications for new approval requests assigned to them.

What Approvers cannot do

  • Approve requests that are not assigned to them — Approvers can only act on their designated queue.
  • Approve their own requests — this is enforced by the system and cannot be bypassed.
  • Submit access requests on behalf of others (beyond their own submissions).
  • Configure connectors, templates, or workflows.
  • Assign roles to users or change security policy.
  • View tenant-wide data beyond what is needed to make their assigned approval decisions.
Approvers cannot approve their own requests. This is a hard constraint enforced at the API level. If an Approver submits a request that requires approval, a different Approver or an Admin must be assigned to review it.

All approvals are audited

Every approval decision — whether approve or deny — generates an audit event. The event records the approver's identity, the request details, the decision, any notes, the timestamp, and the context of the request. This audit trail is tamper-evident and is retained as governance evidence.

Assignment guidance

  • Assign this role to people who are senior enough to make informed authorization decisions for the types of requests they will review.
  • Ensure every approval queue has a backup approver — if the primary approver is unavailable, requests should not be blocked indefinitely.
  • Review approver assignments when the organization changes, particularly when team leads or managers change.

Related docs

Roles and Permissions Overview

All eight client tenant roles and the two role families

Approvals

How the Nuxari approval queue works

Governance Operator

The role that submits requests and runs workflows

Audit Log

All approval decisions are recorded in the audit log

Was this page helpful?