# POST /api/v1/ap-approval/provision > Provision AP approval workflow for firm - **Tag:** ap-approval - **Operation ID:** `provision_ap_approval_workflow_api_v1_ap_approval_provision_post` ## Description Create or retrieve the AP approval workflow for the firm associated with this business. ## Authentication Bearer token in `Authorization` header. Required header: `x-business-id: `. ## Parameters - `auto_approve_max_cents` (query, integer, optional) — Max amount in cents for auto-approval (default: $500) - `ops_approve_max_cents` (query, integer, optional) — Max amount in cents for ops approval (default: $5,000) ## Responses ### 201 — Successful Response Schema: `ApApprovalProvisionResponse` - `workflow_id` (string · required) — Provisioned workflow UUID. - `name` (string · required) — Workflow name. - `is_published` (boolean · required) — Whether the workflow is published. - `version` (integer · required) — Workflow version. - `graph` (WorkflowGraphSchema-Output · required) → `WorkflowGraphSchema-Output` — Workflow graph. - `nodes` (array · object) - `edges` (array · object) - `auto_approve_max_cents` (integer · required) — Auto-approve threshold in cents. - `ops_approve_max_cents` (integer · required) — Ops approval threshold in cents. ### 401 — Unauthorized - Authentication required ### 403 — Forbidden - Insufficient permissions ### 422 — Validation Error Schema: `HTTPValidationError` - `detail` (array · ValidationError) → `ValidationError` - `loc` (array · string | integer · required) - `msg` (string · required) - `type` (string · required) - `input` (object) - `ctx` (object) ## Code samples ### cURL ```bash curl -X POST 'https://api.ondayzero.com/api/v1/ap-approval/provision' \ -H 'Authorization: Bearer dz_your_token' \ -H 'x-business-id: YOUR_BUSINESS_ID' ``` ### JavaScript ```javascript const response = await fetch('https://api.ondayzero.com/api/v1/ap-approval/provision', { method: 'POST', headers: { Authorization: 'Bearer dz_your_token', 'x-business-id': 'YOUR_BUSINESS_ID', }, }); const data = await response.json(); ``` ### Python ```python import httpx headers = { "Authorization": "Bearer dz_your_token", "x-business-id": "YOUR_BUSINESS_ID", } response = httpx.post("https://api.ondayzero.com/api/v1/ap-approval/provision", headers=headers) data = response.json() ``` ## See also - HTML version: https://www.ondayzero.com/docs/reference/ap-approval/provision-ap-approval-workflow - OpenAPI slice: https://www.ondayzero.com/docs/reference/ap-approval/provision-ap-approval-workflow/openapi.json - Other endpoints in **ap-approval**: https://www.ondayzero.com/docs/reference/ap-approval