External Participants
External Participants enable customer stakeholders to participate in AI-driven processes without requiring full platform accounts, using secure magic link authentication.
Why External Participants?
Enterprise deployments involve people outside your organization:
- Customer IT Admins -- Approve SSO configurations
- Customer CISOs -- Sign off on security reviews
- Customer HR Managers -- Validate SCIM user mappings
- Partners -- Review integration configurations
These stakeholders need secure access without creating accounts, limited and scoped permissions, a clear audit trail, and easy approval workflows.
How It Works
- An agent reaches an approval gate in a process
- The system generates a magic link for the external participant
- An email is sent with the magic link and context
- The participant clicks the link and lands on a secure approval portal
- They review context, artifacts, and make their decision
- The decision is recorded and the process continues
The Participant Portal
External participants access a secure, limited portal that shows:
- Current phase and progress
- Pending approvals requiring their action
- Artifacts and documentation to review
- Comment threads for discussion
- Decision history
Portal Permissions
| Permission | Description |
|---|---|
| View | See process status and artifacts |
| Approve | Approve pending requests |
| Reject | Reject and provide feedback |
| Comment | Add comments to the process |
| Upload | Upload additional documents |
Approval States
An approval request moves through these states:
Pending --> Approved (process continues)
Pending --> Changes Requested --> Pending (after changes are made)
Pending --> Rejected (process handles rejection)
Notification Types
| Type | Trigger |
|---|---|
| Approval required | New approval request created |
| Reminder | Configurable intervals (e.g., 24h, 48h) |
| Escalation | Timeout reached, escalated to backup |
| Status update | Phase completed |
| Completion | Entire process completed |
Security
Token Security
Magic link tokens are single-use per session, time-limited with configurable expiration, scoped to a specific process and participant, and revocable at any time.
Audit Trail
Every action by an external participant is logged for compliance review, including when they accessed the portal, what they viewed, and what decisions they made.
Best Practices
Define specific responsibilities for each participant. IT admins approve technical configurations. CISOs approve security reviews. HR managers receive informational notifications.
Technical review: 48 hours with a 24-hour reminder. Security review: 5 days with reminders at 24, 72, and 96 hours. Set realistic deadlines based on stakeholder availability.
Include all artifacts, test results, and context needed for a decision. The easier you make it for the reviewer, the faster you get a response.
Always configure a backup contact. If the primary reviewer does not respond within the timeout, escalate automatically to their backup.
Next: Learn about Audit Logs for tracking all process activities.