E1704. Approvals not configured
Severity: ERROR. Class:
HITLNotConfiguredError(subclass ofRuntimeError). Stable code:E1704.
What happened
POST /api/approval-requests returned a 404, meaning approvals are not
configured at any scope the request could address (API key, project, or org).
The SDK maps this 404 to HITLNotConfiguredError.
This is distinct from E1500: E1500 means approvals are configured at a scope but turned off; E1704 means approvals are not configured at all.
Why it matters
Approvals only run once an administrator opts in. With nothing configured at any scope, there is no toggle to evaluate and the SDK falls through to the original deny.
How to fix
Configure approvals at the scope you want to govern. In the dashboard, open Settings -> Approvals and turn the toggle on for the org, a project, or a specific API key. See Approval settings and cascade for how the cascade resolves the effective toggle.
Catching this error
Python
from controlzero import Client
from controlzero.errors import HITLNotConfiguredError
client = Client()
decision = client.guard("Bash:sudo apt-get install foo")
try:
pending = client.request_approval(decision)
except HITLNotConfiguredError:
print("Approvals are not configured. Turn the toggle on in the dashboard.")
Node
import { Client, HITLNotConfiguredError } from '@controlzero/sdk';
const client = new Client();
const decision = await client.guard('Bash:sudo apt-get install foo');
try {
const pending = await client.requestApproval(decision);
} catch (err) {
if (err instanceof HITLNotConfiguredError) {
console.log('Approvals are not configured. Turn the toggle on in the dashboard.');
}
}
See also
- Approval settings and cascade. Create the toggle row
- E1500 approvals disabled at scope. The toggle exists but is off
- Approval Workflow. The parent concept
- SDK: Approval callback. The
request_approval+waitAPI - Errors index