Skip to main content
POST
/
api
/
admin
/
operations
/
actions
/
approve
curl --request POST \
  --url https://mcp.echozero.app/api/admin/operations/actions/approve \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "actionId": "64f0f0000000000000000003"
}
'
{
  "success": true,
  "data": {
    "actionId": "<string>",
    "status": "<string>"
  }
}

Authorizations

Authorization
string
header
required

User JWT access token issued by POST /api/auth/verify or POST /api/auth/social/verify. Routes that accept both auth modes declare api-key and bearer-jwt security schemes.

Headers

x-signature
string

HMAC-SHA256 signature: HMAC-SHA256(secretKey, timestamp + METHOD + path + body). Optional -- when omitted, HMAC verification is skipped.

x-timestamp
string

Request timestamp in epoch milliseconds. Required when x-signature is provided. Rejected if drift exceeds 5 minutes.

Body

application/json
actionId
string
required

Response

201 - application/json

Action approved.

success
boolean
required
Example:

true

data
object
required

Endpoint-specific payload