The server exposes an tools at /mcp that allow AI systems to request human approval for tasks/tool use.
It uses asymmetric cryptographic signatures for trustless verification to ensure certain tools are gated behind approval workflows.
Start the server
cargo runStart the test approval server / frontend Nuxt project.
cd app
pnpm run devCreate an approval request
// MCP Request
{
"method": "tools/call",
"params": {
"name": "request_tool_approval",
"arguments": {
"request_description": "asdfa",
"tool_args": "{\"alpha\": 2, \"test\": 1, \"zed\": \"c\"}",
"tool_name": "get_test"
}
},
"jsonrpc": "2.0",
"id": 5
}Approve the request through the approval server
<!-- Server log -->
INFO request{method=POST uri=/webhook version=HTTP/1.1}: approval_api: Received webhook approval response: WebhookApprovalRequest { id: "bf766194-ce7d-4a59-bb92-2b0ce8f4f110", approved: true }
Try to create the approval request again with MCP (to fetch the signature of the approved tool call)
// MCP Response
{
"content": [
{
"type": "text",
"text": "{\"id\":\"cached\",\"approval_state\":\"approved\",\"signature\":\"AuMXfgCBqFIWm1f9BZteJgnnibArPaFZk4iqBuFIoX/NdFN+fwSAwG40t6Q4c+/D58GYxmDBgOAK2WOGWGNuDA==\"}"
}
],
"isError": false
}Verify that the tool call was signed by the real server (using /verify)
In practice, this part is done at the beginning of a protect tool call to verify approval
// REST Request
{
"tool_request": {
"request_description": "asdfa",
"tool_args": "{\"alpha\": 2, \"test\": 1, \"zed\": \"c\"}",
"tool_name": "get_test"
},
"signature": "AuMXfgCBqFIWm1f9BZteJgnnibArPaFZk4iqBuFIoX/NdFN+fwSAwG40t6Q4c+/D58GYxmDBgOAK2WOGWGNuDA==\\"
}
// REST Response
{
"verified": true,
"message": "Tool approval signature verified successfully"
}