> ## Documentation Index
> Fetch the complete documentation index at: https://docs.rallied.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Policies

> Controlling which actions your agent can take and which need approval.

Tool policies are per-tool rules that control how your agent behaves when it wants to take an action. Every tool the agent has access to has a policy, and the policy is enforced server-side—the agent cannot bypass it.

## The four policy values

<AccordionGroup>
  <Accordion title="auto — executes immediately">
    The agent runs the tool without asking anyone first. Use this for safe, read-only operations where you're comfortable with the agent acting autonomously—for example, looking up a user's profile or listing group memberships.
  </Accordion>

  <Accordion title="approval_needed — requires technician approval">
    The agent proposes the action and waits for a technician to approve or deny it before proceeding. The approval request is sent through your connected ticketing or messaging integration (Jira comment, ConnectWise ticket note, Slack DM, etc.). Use this for write operations like adding a user to a group, creating an account, or sending an email.
  </Accordion>

  <Accordion title="disabled — hidden from the agent">
    The tool is completely unavailable to the agent. It won't appear in the agent's skill set, and any attempt to call it is rejected. Use this for tools you never want the agent to use, such as destructive operations like deleting users or accounts.
  </Accordion>
</AccordionGroup>

## How to set policies

Policies are configured on each integration's detail page — there is no separate Policies tab. Open **MSP Settings → Integrations** and click into a connected integration. The detail page lists every tool the integration provides with a policy selector next to each one.

For each tool, select the policy you want from the dropdown. Changes are saved when you click **Save** and are pushed to the agent's configuration automatically.

<Tip>
  Start conservative: review the defaults after connecting a new integration, and set any unfamiliar write operations to `approval_needed` until you're confident in the agent's behavior.
</Tip>

## Manager approval

For tools set to `approval_needed`, you can optionally also require manager approval. When **Manager Approval** is enabled on a specific tool:

1. A technician approval request is created (as always for `approval_needed` tools).
2. A linked manager approval request is also created.
3. Both the technician **and** the requester's manager must approve before the agent executes the action.

This is useful for high-impact operations like provisioning admin accounts or granting access to sensitive systems. Enable it per-tool on the integration's detail page by toggling the **Manager Approval** switch alongside the policy dropdown.

## Default policies

When you first connect an integration, policies are seeded automatically for every tool that integration provides. The seeding logic uses a combination of explicit annotations and verb analysis to classify each tool:

| Tool type                                                               | Default policy    |
| ----------------------------------------------------------------------- | ----------------- |
| Read operations (`get`, `list`, `search`, `fetch`)                      | `auto`            |
| Write operations (`create`, `update`, `delete`, `add`, `send`, `reset`) | `approval_needed` |

These are starting points. You should review them and adjust based on your clients' requirements and risk tolerance.

<Info>
  Policy enforcement is hard—it happens in the backend before any API call is made. The agent cannot work around a policy by rephrasing a request or calling a tool indirectly.
</Info>