Introduction
One-click approval links and tokens enable approvers to take action: Approve, Reject, or Revert directly from an email without needing to visit the Workflow detail page.
These links can be embedded in assignee emails using merge tags and are valid for 48 hours by default. You can adjust the expiration time using the gravityflow_email_token_expiration_days filter.
Note: Approval links are only available in Approval Step assignee emails. They do not work in Gravity Forms notifications or other step types.
Usage
| Modifier | Description | Example |
|---|---|---|
{workflow_approve_link} | Generates an approval link. Requires page_id if using the inbox shortcode | {workflow_approve_link:page_id=5} |
{workflow_reject_link} | Generates a rejection link. Requires page_id if using the inbox shortcode | {workflow_reject_link:page_id=5} |
{workflow_revert_link} | Generates a revert/edit link. Requires page_id if using the inbox shortcode | {workflow_revert_link:page_id=5} |
:page_id | Specifies the page ID for the link. Found as the post parameter in the WordPress page editor URL | {workflow_reject_link:page_id=5} |
:text | Customizes the link text | {workflow_approve_link:text="Approve this selection"} |
{workflow_approve_url} | Generates the raw URL for an approval action (used in custom HTML links) | <a href="{workflow_approve_url:page_id=5}" class="major-cta">Your approval link message</a> |
{workflow_reject_url} | Generates the raw URL for a rejection action | <a href="{workflow_reject_url:page_id=5}" class="minor-cta">Your reject link message</a> |
{workflow_revert_url} | Generates the raw URL for a revert/edit action | <a href="{workflow_revert_url:page_id=5}" class="major-cta">Your revert/edit link message</a> |
Security
Admin UI Links
If the link points to the WordPress admin (back end), users must be authenticated. If the assignee is already logged in, the action will proceed seamlessly. Otherwise, a login prompt will appear.
Front-End Inbox Links
When using the [gravityflow_inbox] shortcode on the front end, approval links do not require authentication. Instead, a secure token embedded in the link authorizes the action.
Note: These tokens are valid for the action and can be used by anyone with access to the link. Assignees should avoid sharing or forwarding these emails.
Note
One-click Approve/Reject links bypass all validation checks during the approval process. For example, if your Approval Step includes required editable fields (available since Gravity Flow v2.9) or requires workflow notes, these requirements will be skipped when using one-click links.
If your workflow relies on such validations, it’s recommended to use the full workflow entry link {workflow_entry_url} instead, which ensures that all conditions are enforced before approval or rejection.