OutflowGuard prevents the same person from being both first and second approver in dual approval workflows.
The two-person rule requires segregation of duties:
Reduces fraud risk
Ensures independent verification
Meets compliance requirements
If you verified an incident and try to approve it yourself:
You'll see "Waiting for a second pair of eyes"
The approve button is disabled for you
You must wait for a colleague
If attempted via API, you'll receive a 403 error:
Self-approval is not permitted. A different team member must provide the second approval.
Notify a team member that approval is needed
They can access the incident and approve
Once approved, anyone (including you) can unlock
Dual approval requires at least 2 team members. If you're the only user, disable dual approval or invite another team member.
