Improve human-in-the-loop with one-click email approval#416
Merged
julianwood merged 2 commits intoJun 2, 2026
Merged
Conversation
Replace the direct SNS waitForTaskToken integration with a Lambda-based approach that URL-encodes the task token and sends clickable approve/reject links via email. This eliminates the need for reviewers to manually copy task tokens and use the AWS CLI. Changes: - Add SendApprovalEmailFunction (Python) that URL-encodes the task token and publishes an email with approve/reject links via SNS - Add HandleApprovalFunction (Python) that decodes the token and calls SendTaskSuccess to resume the workflow - Add API Gateway endpoint to handle the approval callback - Update state machine to use lambda:invoke.waitForTaskToken - Add architecture diagram (SVG) with official AWS icons - Update README and example-workflow.json From aws-samples#401
bfreiberg
suggested changes
Jun 1, 2026
| # Human in the Loop | ||
|
|
||
| This pattern allows you to integrate an human review or approval process into your workflows. Each task sends a message to a SNS topic which sends a notification to a human reviewer or approver by email for example. The workflow then waits until the approver completes their review. Depending on the review outcome a different Lambda function can be invoked. | ||
| This pattern allows you to integrate a human review or approval process into your workflows with **one-click email approval**. A Lambda function sends an approval request via SNS email containing clickable approve/reject links. The task token is URL-encoded to ensure special characters don't break the API Gateway callback URL. The workflow pauses until the reviewer clicks a link, which triggers an API Gateway endpoint to resume the Step Functions execution. |
Contributor
There was a problem hiding this comment.
Suggested change
| This pattern allows you to integrate a human review or approval process into your workflows with **one-click email approval**. A Lambda function sends an approval request via SNS email containing clickable approve/reject links. The task token is URL-encoded to ensure special characters don't break the API Gateway callback URL. The workflow pauses until the reviewer clicks a link, which triggers an API Gateway endpoint to resume the Step Functions execution. | |
| This pattern allows you to integrate a human review or approval process into your workflows with **one-click email approval**. An AWS Lambda function sends an approval request via Amazon SNS email containing clickable approve/reject links. The task token is URL-encoded to ensure special characters don't break the Amazon API Gateway callback URL. The workflow pauses until the reviewer clicks a link, which triggers an API Gateway endpoint to resume the AWS Step Functions execution. |
| CodeUri: lambda/ | ||
| Handler: app.handler | ||
| Runtime: nodejs24.x | ||
| Runtime: nodejs20.x |
Contributor
There was a problem hiding this comment.
Why did you downgrade the Node version?
Author
There was a problem hiding this comment.
was doing little test... forgot to change it so reverted it back to 24....
- Keep nodejs24.x runtime for ProcessingLambda (SAM CLI upgrade resolved the build issue)
bfreiberg
approved these changes
Jun 2, 2026
bfreiberg
left a comment
bfreiberg
left a comment
Contributor
There was a problem hiding this comment.
Looks good, thanks for your contribution. Your changes will be merged soon
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR improves the existing human-in-the-loop workflow by replacing the direct SNS
waitForTaskTokenintegration with a Lambda-based approach that enables one-click email approval.Problem with the current approach
aws stepfunctions send-task-successvia CLI+,/,=) that break when used in URLsArchitecture
User → Step Functions → Lambda (URL-encodes token) → SNS (email with links) → Reviewer clicks link → API Gateway → Lambda (decodes token, calls SendTaskSuccess) → Step Functions resumes
Related
Issue #, if available:
Description of changes:
urllib.parse.quoteand sends an email via SNS with clickable approve/reject links pointing to an API Gateway endpointSendTaskSuccessto resume the workflowGET /respondendpoint to handle the email link callbackslambda:invoke.waitForTaskTokeninstead ofsns:publish.waitForTaskTokenBy submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.