{"artifact":{"apiPath":"/api/reports/agent-approvals-and-human-leashes-2026/evidence","byteLength":6211,"description":"Structured evidence ledger tying claims and chart provenance back to cited sources.","format":"evidence","label":"Evidence artifact","mimeType":"application/json; charset=utf-8","priceUsdc":0,"sha256":"a478dc1b7b089cbdbd9c069a65044c4b582fb72a98038732840f852712e8c75d","status":"live"},"document":{"chartProvenance":[{"chartTitle":"Which control surface should dominate each workflow stage","sourceLabels":["Microsoft Copilot multistage approvals","Cloudflare human-in-the-loop best practices","Passage step-up authentication","Oracle delegate versus reassign"],"sourceUrls":["https://learn.microsoft.com/en-us/microsoft-copilot-studio/flows-advanced-approvals","https://developers.cloudflare.com/agents/concepts/human-in-the-loop","https://docs.passage.id/flex/step-up","https://docs.oracle.com/en/cloud/saas/supply-chain-and-manufacturing/25c/faipr/what-s-the-difference-between-reassign-and-delegate.html"],"whyUseful":"Shows where the decision should live at each workflow stage instead of reducing governance to one generic approval switch."}],"claims":[{"chartTitles":["Which control surface should dominate each workflow stage"],"confidence":"high","id":"approval-versus-leash","kind":"comparison","section":"The stage model","sourceLabels":["Microsoft AG-UI human-in-the-loop","Oracle delegate versus reassign","Cerbos authorization in workflows"],"sourceUrls":["https://learn.microsoft.com/en-us/agent-framework/integrations/ag-ui/human-in-the-loop","https://docs.oracle.com/en/cloud/saas/supply-chain-and-manufacturing/25c/faipr/what-s-the-difference-between-reassign-and-delegate.html","https://www.cerbos.dev/blog/authorization-in-workflows"],"statement":"Approval and continuing delegated authority solve different problems, so serious agent systems should model them separately instead of treating them as one toggle."},{"chartTitles":["Which control surface should dominate each workflow stage"],"confidence":"high","id":"create-stage-explicit-approval","kind":"finding","section":"Create","sourceLabels":["Microsoft Copilot multistage approvals","Cloudflare human-in-the-loop best practices"],"sourceUrls":["https://learn.microsoft.com/en-us/microsoft-copilot-studio/flows-advanced-approvals","https://developers.cloudflare.com/agents/concepts/human-in-the-loop"],"statement":"Workflow creation is the right place to capture explicit intent around budget, capabilities, recurrence, and private-data scope."},{"chartTitles":[],"confidence":"high","id":"runtime-scope-enforcement","kind":"comparison","section":"Run","sourceLabels":["AI Runtime Security multi-agent controls","Customizable runtime enforcement for LLM agents","Cerbos authorization in workflows"],"sourceUrls":["https://airuntimesecurity.io/core/multi-agent-controls","https://arxiv.org/html/2503.18666v1","https://www.cerbos.dev/blog/authorization-in-workflows"],"statement":"Delegated runtime authority should stay time-bounded and scope-bounded, with explicit denials for expiration, out-of-scope behavior, and required renewal."},{"chartTitles":["Which control surface should dominate each workflow stage"],"confidence":"high","id":"resume-is-new-risk","kind":"finding","section":"Resume","sourceLabels":["Cloudflare human-in-the-loop best practices","Oracle delegate versus reassign","ServiceNow approvals and delegation"],"sourceUrls":["https://developers.cloudflare.com/agents/concepts/human-in-the-loop","https://docs.oracle.com/en/cloud/saas/supply-chain-and-manufacturing/25c/faipr/what-s-the-difference-between-reassign-and-delegate.html","https://www.servicenow.com/community/servicenow-ai-platform-blog/approvals-and-delegation/ba-p/2283510"],"statement":"Resume is a distinct governance edge because recovery can combine stale delegation, pending approvals, and changed operator context."},{"chartTitles":[],"confidence":"high","id":"renewal-is-first-class","kind":"comparison","section":"Renew","sourceLabels":["ServiceNow approvals and delegation","AI Runtime Security multi-agent controls","Cloudflare human-in-the-loop best practices"],"sourceUrls":["https://www.servicenow.com/community/servicenow-ai-platform-blog/approvals-and-delegation/ba-p/2283510","https://airuntimesecurity.io/core/multi-agent-controls","https://developers.cloudflare.com/agents/concepts/human-in-the-loop"],"statement":"Recurring unattended systems need a dedicated renewal ceremony with expiring-soon visibility, revocation, and explicit scope renewal rather than silent standing authority."},{"chartTitles":[],"confidence":"high","id":"publish-step-up","kind":"comparison","section":"Publish","sourceLabels":["Passage step-up authentication","F5 step-up authentication","LoginRadius separation of duties"],"sourceUrls":["https://docs.passage.id/flex/step-up","https://techdocs.f5.com/en-us/bigip-15-1-0/big-ip-access-policy-manager-authentication-methods/using-step-up-authentication/what-is-step-up-authentication.html","https://www.loginradius.com/blog/engineering/separation-of-duties-ai-agent-workflows"],"statement":"Publish or release actions should require fresh step-up presence and diff-aware review instead of relying on the same delegated authority used for routine runtime work."}],"generatedAt":"2026-03-23T00:00:00.000Z","slug":"agent-approvals-and-human-leashes-2026","summary":{"chartBackedClaimCount":3,"claimCount":6,"ecosystemSourceCount":5,"officialSourceCount":5,"totalSourceCount":10},"title":"Agent Approvals and Human Leashes, 2026"},"generatedAt":"2026-05-04T00:16:32.612Z","kind":"deep_report_evidence","operatorAccess":null,"payer":null}