Guide
Setting up agent spend controls
ACTEX mandates define what an agent is allowed to spend, where it can buy, and when a human must approve. This guide walks through configuring approval gates, spend limits, and escalation triggers.
Prerequisites: a running ACTEX instance and a registered agent. See the getting started guide if you haven't set those up yet.
1. Choose an autonomy mode Approval gates
Every mandate has an autonomy mode that controls how much independence the agent has:
SUGGEST- The agent proposes purchases but cannot execute. A human must approve every action.
DELEGATE- The agent acts within policy bounds. Transactions that exceed step-up thresholds are paused for human approval.
AUTOPILOT- Full autonomy inside the mandate's policy rails. No human approval required for in-policy transactions.
Set the autonomy mode when creating or updating a mandate:
curl -s -X PUT "$ACTEX_BASE_URL/v1/mandates/$MANDATE_ID/autonomy" \
-H "Authorization: Bearer $OPERATOR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"mode":"DELEGATE"}'2. Set spend policy bounds Per-transaction limits
Mandate budgets define hard limits that the agent cannot exceed. These are compiled into enforceable rail policies before any purchase.
Per-authorization limit
The maximum amount for a single transaction. Any purchase above this amount is blocked.
Recurring cycle caps
Set a spending ceiling over a time window — DAY,
WEEK, or MONTH. Once the cap is hit,
further transactions are held until the cycle resets.
curl -s -X POST "$ACTEX_BASE_URL/v1/mandates" \
-H "Authorization: Bearer $OPERATOR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"signer_agent_id": "AGENT_ID",
"mandate": {
"schema_id": "actex.mandate.v1",
"budgets": {
"currency": "USD",
"per_authorization_limit": "500.00",
"recurring": {
"cycle": "MONTH",
"cycle_limit": "5000.00"
}
},
"constraints": {
"merchant_allowlist": ["aws.amazon.com", "cloud.google.com"],
"category_allowlist": ["cloud_infrastructure", "saas"],
"geo_allowlist": ["US", "EU"]
}
}
}'Category and merchant restrictions
Constrain where the agent can purchase. At least one of
merchant_allowlist, category_allowlist, or
geo_allowlist is required. Purchases outside the allowlist
are blocked automatically.
3. Configure escalation rules Step-up thresholds
Step-up thresholds add a human approval gate for transactions above a
configured amount — even when the agent is in DELEGATE or
AUTOPILOT mode.
curl -s -X PUT "$ACTEX_BASE_URL/v1/mandates/$MANDATE_ID/autonomy" \
-H "Authorization: Bearer $OPERATOR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"mode": "DELEGATE",
"step_up_required_above": {
"amount": "250.00",
"currency": "USD"
}
}'With this configuration, transactions under $250 proceed automatically. Transactions above $250 pause and require human approval before execution.
Additional automatic holds trigger when:
- A merchant is not on the allowlist
- A purchase category is unrecognized
- The transaction originates from a restricted geography
- Policy drift is detected between desired and applied controls
4. Use human override points Cancel & modify
At any stage of a transaction, a human operator can:
- Cancel — stop the transaction and record the reason
- Modify — adjust autonomy settings, spend limits, or allowlists in real time
- Dispute — open a post-purchase dispute with full audit context attached
- Override autonomy — switch the mandate from
AUTOPILOTtoSUGGESTat any time
Every override is captured in the mandate event log and included in Casefile exports, so the audit trail shows both the original policy and any human interventions.
5. Verify policy enforcement Reconciliation
ACTEX continuously reconciles the desired policy with what the issuing provider has actually applied. If drift is detected — a limit changed, a merchant was added outside ACTEX — the system fails closed and flags the discrepancy.
Check the current autonomy settings for any mandate:
curl -s "$ACTEX_BASE_URL/v1/mandates/$MANDATE_ID/autonomy"Expected response
{
"mode": "DELEGATE",
"step_up_required_above": {
"amount": "250.00",
"currency": "USD"
}
}