AI Action Approval Copilot

The AI Action Approval Copilot is a highly secure, developer-focused AI assistant that brings your external developer workflows (like GitHub and Slack) directly into a unified chat interface. It acts as an autonomous agent that can fetch PRs, summarize issues, and perform complex development workflows, all while adhering to a strict Human-in-the-Loop security model to ensure an LLM never performs unauthorized destructive actions.

Motto and Vision “Automate the tedious. Secure the critical.”

The goal of this project is to eliminate context switching. Developers spend too much time navigating between chat apps, project management boards, and Git UI consoles. This copilot aims to act as a senior developer peer that can both provide architectural advice and instantly execute grunt work (like creating repositories, cutting releases, and notifying Slack channels) upon your explicit approval.

Tech Stack This application is built with modern, cutting-edge web and AI technologies:

Frontend: Next.js 14 (App Router), React, Tailwind CSS, Lucide Icons, React Joyride (Onboarding). AI & Agent Logic: LangGraph, LangChain, OpenAI (gpt-4o-mini). Authentication & Identity: Auth0 Identity Provider, Auth0 Token Vault (for managing multi-OAuth access tokens). Database & Persistence: Neon Serverless PostgreSQL, LangGraph Postgres Checkpointer. Integrations Native: GitHub API (Octokit), Slack API.

How does the Flow work? Authentication: Users securely log into the application using Auth0. Integration Linking: Users navigate to the "Integrations" dashboard and explicitly OAuth connect their Slack or GitHub accounts. These identities are securely merged into their main Auth0 profile via the Auth0 Management API. Agentic Invocation: A user prompts the AI (e.g., "Create a fast API repo"). The prompt is sent to the backend LangGraph agent. Tool Selection: The LLM figures out that create_github_repo is the perfect tool for the job. Human-in-the-Loop Interruption: Instead of blindly executing, LangGraph pauses execution (interruptBefore). The frontend detects a pending action and renders a clean Approval Card. Execution: Once the user explicitly clicks "Approve", the server resumes the LangGraph execution, pulls the user's secret GitHub token securely from Auth0, performs the action, and logs it in the database.
Why this Architecture? LangGraph + Postgres: Because the agent relies on LangGraph, making complex API chains (e.g., getting the diff of a PR, feeding it to an LLM for review, then adding a comment) is easy. Using a Postgres Checkpointer means that complex agent logic and chat history are suspended securely in the cloud. You can start a conversation on your laptop, and resume it whenever you log in. Auth0 Token Vault: Managing rolling external OAuth access tokens (like Slack or GitHub) is notoriously dangerous to build from scratch. Using Auth0's native identity linking mechanism, we keep API keys completely out of local storage and safely manage refreshes. Four-Tier Risk Model: Rather than treating every action the same, actions are assigned risk levels. Viewing a repo is low risk, while deleting a repository triggers a Critical flag, seamlessly forcing Auth0 Step-up Authentication (Re-login) before execution.
Features You Can Use Right Now Developer Mentorship & Chat: The Copilot isn't just an API runner, you can chat natively with the AI for architectural advice, debugging, and general software engineering inquiries. GitHub Operations: List repos, list issues, pull request summaries, create repos, open PRs, cut releases, create branches, review PRs, and delete repositories. Slack Integration: Send channel broadcasts on behalf of the developer. Persistent Sessions: Infinite memory across active chat threads. Security Guardrails: Visually distinct approval interfaces, ensuring what you prompt is what you get.

Tenant Id: dev-ggh0aqmfn0s4kupb Blog: https://dev.to/nick3948/building-secure-ai-agents-with-auth0-token-vault-a-human-in-the-loop-approach-37he