Public approval links

When the approver isn't (and shouldn't become) a Flero user. A public approval link is a tokenised URL you can email or paste anywhere; opening it shows a one-page approval UI with no login required.

📸 Screenshot needed: approvals__public-link.png, public approval page (/approvals/public/<token>) shown in a browser tab: workspace logo at top, approval title and message, the data table, Approve / Reject buttons, optional comment field, no Flero sidebar.

When to use

• A customer needs to sign off on a quote.
• A vendor must confirm a delivery date.
• An external auditor reviews specific transactions.
• Anyone who shouldn't have a full Flero seat.

If the approver already has a workspace account, use a normal approver, they get the same workflow but inside the app with their identity.

Enabling public links

In the Approval node inspector:

1. Toggle Public link on.
2. Optional: set Allowed identities, restrict approval to a specific email by validating it on the public page.
3. Optional: set Require identity verification, sends a one-time code to the email before allowing approval.
4. Save.

When the workflow hits the Approval node, Flero generates a unique URL of the form:

https://app.flero.ai/approvals/public/<token>

The token is single-use (consumed on response) and tied to this one approval instance.

How the approver experiences it

1. They receive an email (or Slack DM, or your custom notification) with the link.
2. They click it. The browser loads a clean approval page, no Flero login.
3. If identity verification is on, they enter their email; Flero emails a 6-digit code; they confirm.
4. They see the approval title, message, data table, and Approve / Reject buttons.
5. They click one, optionally leave a comment.
6. The page shows "Thanks, recorded as <approve|reject>". The workflow resumes.

Sending the link

By default, Flero doesn't send the link automatically for public approvers (since they may not have a Flero notification preference). You'll typically wire an Email node before the Approval node:

[Build approval]
   ↓
[Approval: public link enabled, save token in $node["Approval"].json.publicUrl]
   ↓ ... actually the token is generated mid-flight

Easier pattern: use the pre-approval Email node approach. In your workflow:

[Trigger]
   ↓
[Email: To = <approver email>, subject = "Action needed", body = "Please review: {{ $node["Approval"].publicUrl }}"]
   ↓
[Approval: public link on]
   ↓
[approved branch] ...

Flero injects the token URL into the pre-execution placeholder so you can reference it. (In practice: enable Pre-issue link in the Approval node's Advanced settings, Flero will generate the link before the pause and put it in $node["Approval"].json.publicUrl for the upstream Email to use.)

Security considerations

• Tokens are long random strings, practically unguessable.
• Single-use, once acted upon, the link returns "already resolved".
• Time-bounded, token expires at the approval's timeout (or 30 days, whichever is sooner).
• No login = no audit trail of who clicked unless you require identity verification. Always enable it for non-trivial approvals.
• The page contains only the data you put in "Data to show", Flero doesn't leak other workspace content. Be deliberate about what you display.

Custom branding

The public page uses your workspace's logo and primary colour automatically. Enterprise plans can apply a fuller theme (custom CSS, custom favicon, custom subdomain).

Revoking a link

To kill an outstanding link before the approver responds:

• Open the approval in /approvals → Cancel approval. The workflow goes through the Rejected path (with a reason of cancelled) and the URL becomes invalid.

You can't partially revoke, e.g. invalidate the link but leave the approval pending. Cancel and re-issue.

Tips & gotchas

• Email deliverability matters. A public approval that gets caught in a spam filter is a failure mode. Use a transactional email service with proper DKIM/SPF.
• Identity verification adds friction. It also adds substantial security, required for anything you wouldn't want a random recipient of the email to approve.
• Don't put sensitive data in the message that you wouldn't want forwarded, the email recipient might forward the email to a colleague along with the link.
• Mobile-friendly. The public page is responsive. Approvers will often respond from their phone, test on a small viewport.

Related

• Approval basics
• Multi-party approvals
• Recipe 04: Approval-routed purchase

Found something out of date? This page lives in the Flero docs content set.