# Human-in-the-loop *Human in the Loop* adds a mandatory human approval step to an automated workflow. Before an agent or orchestrator executes a sensitive action, a person can **approve**, **decline**, or **comment** on that action. *** ### Why Add a Human Step? * **Security & Compliance** – stop unauthorized or risky actions. * **Error Prevention** – catch mistakes that automated logic might miss. * **Accountability** – every approved action has a human decision-maker. *** ### Where HITL Fits in Buildspace | Layer | Typical Use | How HITL Works | | ----------------- | ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------ | | **Agents** | Calling external APIs, sending emails, writing to databases | Enable approval on individual *tools* (nodes) inside the agent. Each time that tool is invoked, execution pauses and waits for a human decision. | | **Orchestrators** | Coordinating multiple agents or long chains | Add approval to a *workflow step* so the entire branch pauses until it is reviewed. | *** ### Configuring HITL on an Agent Node 1. Open the agent in **Workflows → Editor**. 2. Select the node (e.g., *ReAct* agent, API call, DB write). 3. Select the tool which you would like the agent to use and ensure the tool is selected. 4. In the **Configuration** panel, check **Enable execution approval**. 5. (Optional) Edit the **Approval message**—this is what the reviewer will see. 6. Save and redeploy your workflow.

*** ### Runtime Experience To view the functionality of HITL: * Go to the **chat** tab in the header navigation bar. * Open the workflow where you enabled HITL and shubmit a prompt to your agent.

* When the agent reaches the guarded step, the chat displays: ``` Node : Approve or cancel execution. Send nothing for approval; provide feedback to cancel. ``` * The reviewer clicks **Approve** or **Reject**.

* Execution continues (or stops) based on that choice. *** ### Common Use Cases

Scenario	Reason to Use HITL
Querying internal databases	Prevent data leaks or large accidental extractions
Sending outbound emails	Double-check message content and recipients
Triggering payments	Verify amount, payee, and authorization
Posting public updates	Ensure brand voice and accuracy before publishing

*** ### Best Practices * **Limit scope**: Enable HITL only on actions that truly need it to avoid approval fatigue. * **Keep messages clear**: The approval prompt should state *what* will run and *why* it needs review. * **Audit everything**: Store timestamps, approver IDs, and decisions for compliance. *** ### Benefits Recap * Security guardrail for critical operations. * Human oversight without fully blocking automation benefits. * Immediate feedback loop to improve future agent behavior. ***