PATCH /v1/projects/:projectId/approval-policy

PATCH/v1/projects/:projectId/approval-policy

Phase 1stable

Auth: Bearer
Scope: content:approve

Flip the approval gate on or off, change how many warmup posts a project must land before the gate opens, or set an auto-approval timeout. This is the same policy you read via GET /v1/projects/:projectId/approval-policy — this endpoint writes the settings a partner owns.

Typical shape: you turn requiresApproval on for a newly-onboarded brand, set firstNPostsBlocked to 5, optionally set autoApproveAfter to PT24H, and leave it alone.

Path parameters

projectId
string (uuid)required
Project to update.

Body

Body (at least one field)

requiresApproval
booleanoptional
Turn the gate on or off.
firstNPostsBlocked
integeroptional
How many approvals before the gate opens. Non-negative integer in the range 0–50. Values above 50 return 400 VALIDATION. Pass `null` to unset.
autoApproveAfter
string (ISO-8601 duration)optional
Auto-approve pending containers after this duration. Examples: `PT24H`, `P7D`, `PT30M`. Pass `null` to disable.

Request

terminal

curl -X PATCH https://api.layers.com/v1/projects/{projectId}/approval-policy \
  -H "Authorization: Bearer $LAYERS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{ "requiresApproval": true, "firstNPostsBlocked": 5, "autoApproveAfter": "PT24H" }'

patch-approval-policy.ts

const res = await fetch(
  `https://api.layers.com/v1/projects/${projectId}/approval-policy`,
  {
    method: 'PATCH',
    headers: {
      Authorization: `Bearer ${process.env.LAYERS_API_KEY!}`,
      'Content-Type': 'application/json',
    },
    body: JSON.stringify({
      requiresApproval: true,
      firstNPostsBlocked: 5,
      autoApproveAfter: 'PT24H',
    }),
  },
);
const policy = await res.json();

patch_approval_policy.py

import os, httpx

r = httpx.patch(
    f"https://api.layers.com/v1/projects/{project_id}/approval-policy",
    headers={
        "Authorization": f"Bearer {os.environ['LAYERS_API_KEY']}",
        "Content-Type": "application/json",
    },
    json={"requiresApproval": False},
)
policy = r.json()

Responses

200Updated. Returns the same shape as GET.

{
  "projectId": "01HX9Y7K8M2P4RSTUV56789AB",
  "requiresApproval": true,
  "firstNPostsBlocked": 5,
  "autoApproveAfter": "PT24H",
  "updatedAt": "2026-04-18T09:50:12Z"
}

400Validation failed — bad ISO-8601 duration, firstNPostsBlocked out of [0,50], or empty body.

{
  "error": {
    "code": "VALIDATION",
    "message": "autoApproveAfter must be ISO-8601 duration (e.g. PT24H, P7D).",
    "requestId": "req_..."
  }
}

Notes

Existing containers don't retro-change. Turning the gate off doesn't auto-approve containers currently in pending. They stay pending until someone calls approve, or the autoApproveAfter window elapses.

autoApproveAfter is ISO-8601 duration syntax. PT24H = 24 hours, P7D = 7 days, PT30M = 30 minutes. Pass null to remove the auto-approval window entirely.
Audit. Every change writes to the project audit log with the resolved API-key identity.

Errors

Code	When
`VALIDATION`	`firstNPostsBlocked` outside `[0, 50]`, `autoApproveAfter` not ISO-8601, or empty body.
`NOT_FOUND`	Project id not in this org.
`FORBIDDEN_SCOPE`	Key lacks `content:approve`.