# PATCH /v1/projects/:projectId/approval-policy (/docs/api/reference/approval/patch-approval-policy)



<Endpoint method="PATCH" path="/v1/projects/:projectId/approval-policy" scope="content:approve" phase="1" />

Flip the approval gate on or off, change how many warmup posts a project must land before the gate opens, or set an auto-approval timeout. This is the same policy you read via [`GET /v1/projects/:projectId/approval-policy`](/docs/api/reference/approval/get-approval-policy) — this endpoint writes the settings a partner owns.

Typical shape: you turn `requiresApproval` on for a newly-onboarded brand, set `firstNPostsBlocked` to 5, optionally set `autoApproveAfter` to `PT24H`, and leave it alone.

## Path parameters [#path-parameters]

<Parameters
  rows="[
  { name: 'projectId', type: 'string (uuid)', required: true, description: 'Project to update.' },
]"
/>

## Body [#body]

<Parameters
  title="Body (at least one field)"
  rows="[
  { name: 'requiresApproval', type: 'boolean', description: 'Turn the gate on or off.' },
  { name: 'firstNPostsBlocked', type: 'integer', description: 'How many approvals before the gate opens. Non-negative integer in the range 0–50. Values above 50 return 400 VALIDATION. Pass `null` to unset.' },
  { name: 'autoApproveAfter', type: 'string (ISO-8601 duration)', description: 'Auto-approve pending containers after this duration. Examples: `PT24H`, `P7D`, `PT30M`. Pass `null` to disable.' },
]"
/>

## Request [#request]

<Tabs items="['curl', 'TypeScript', 'Python']">
  <Tab value="curl">
    ```sh title="terminal"
    curl -X PATCH https://api.layers.com/v1/projects/{projectId}/approval-policy \
      -H "Authorization: Bearer $LAYERS_API_KEY" \
      -H "Content-Type: application/json" \
      -d '{ "requiresApproval": true, "firstNPostsBlocked": 5, "autoApproveAfter": "PT24H" }'
    ```
  </Tab>

  <Tab value="TypeScript">
    ```ts title="patch-approval-policy.ts"
    const res = await fetch(
      `https://api.layers.com/v1/projects/${projectId}/approval-policy`,
      {
        method: 'PATCH',
        headers: {
          Authorization: `Bearer ${process.env.LAYERS_API_KEY!}`,
          'Content-Type': 'application/json',
        },
        body: JSON.stringify({
          requiresApproval: true,
          firstNPostsBlocked: 5,
          autoApproveAfter: 'PT24H',
        }),
      },
    );
    const policy = await res.json();
    ```
  </Tab>

  <Tab value="Python">
    ```py title="patch_approval_policy.py"
    import os, httpx

    r = httpx.patch(
        f"https://api.layers.com/v1/projects/{project_id}/approval-policy",
        headers={
            "Authorization": f"Bearer {os.environ['LAYERS_API_KEY']}",
            "Content-Type": "application/json",
        },
        json={"requiresApproval": False},
    )
    policy = r.json()
    ```
  </Tab>
</Tabs>

## Responses [#responses]

<Response status="200" description="Updated. Returns the same shape as GET.">
  ```json
  {
    "projectId": "01HX9Y7K8M2P4RSTUV56789AB",
    "requiresApproval": true,
    "firstNPostsBlocked": 5,
    "autoApproveAfter": "PT24H",
    "updatedAt": "2026-04-18T09:50:12Z"
  }
  ```
</Response>

<Response status="400" description="Validation failed — bad ISO-8601 duration, firstNPostsBlocked out of [0,50], or empty body.">
  ```json
  {
    "error": {
      "code": "VALIDATION",
      "message": "autoApproveAfter must be ISO-8601 duration (e.g. PT24H, P7D).",
      "requestId": "req_..."
    }
  }
  ```
</Response>

## Notes [#notes]

<Callout type="info">
  Existing containers don't retro-change. Turning the gate off doesn't auto-approve
  containers currently in `pending`. They stay `pending` until someone calls
  approve, or the `autoApproveAfter` window elapses.
</Callout>

* **`autoApproveAfter` is ISO-8601 duration syntax.** `PT24H` = 24 hours, `P7D` = 7 days, `PT30M` = 30 minutes. Pass `null` to remove the auto-approval window entirely.
* **Audit.** Every change writes to the project audit log with the resolved API-key identity.

## Errors [#errors]

| Code              | When                                                                                    |
| ----------------- | --------------------------------------------------------------------------------------- |
| `VALIDATION`      | `firstNPostsBlocked` outside `[0, 50]`, `autoApproveAfter` not ISO-8601, or empty body. |
| `NOT_FOUND`       | Project id not in this org.                                                             |
| `FORBIDDEN_SCOPE` | Key lacks `content:approve`.                                                            |

## See also [#see-also]

* [Read the policy](/docs/api/reference/approval/get-approval-policy)
* [Approve a container](/docs/api/reference/approval/approve-content)
* [Reject a container](/docs/api/reference/approval/reject-content)