Modes & Approvals
Modes control how actions execute. Town provides multiple layers of control — from workflow-level defaults to per-tool settings to session-level overrides.
Session permission settings
When chatting with your assistant, you can control how much autonomy it has for the current session.
| Setting | What it does |
|---|---|
| Ask before any changes | Default. Every action that makes a change requires your approval first. |
| Always allow safe actions | Automatically approve low-risk actions. Actions that communicate externally still require approval when sensitive conditions are present. |
| Allow all actions | Full autonomous mode for this session. No approvals required for any action. |
When you’re asked to approve
When your assistant wants to take an action, you have these options:
| Option | What it does |
|---|---|
| Allow once | Approve just this one action |
| Always allow [this action] | Automatically approve this type of action for the rest of the session |
| Allow all actions | Switch to full autonomous mode for the rest of the session |
Session permissions reset when you start a new chat. They don’t change the workflow’s permanent settings.
Workflow modes
Every workflow has a default mode that controls how it handles actions.
Autonomous mode
Actions execute immediately without asking for approval.
What happens:
- Reading actions run immediately
- Actions that make changes also run immediately
- No approval requests sent
- Fastest execution
Best for:
- Well-tested, trusted workflows
- Low-risk actions (labeling, archiving)
- High-frequency triggers (processing every incoming email)
- Workflows that only report information to you
Autonomous mode can affect many emails quickly. Use it for low-risk actions and well-tested workflows.
Approval-required mode
Actions that make changes wait for your approval before executing.
What happens:
- Reading actions run immediately
- Actions that make changes create approval requests
- You receive notifications with approve/reject options
- Actions only execute after you approve them
Best for:
- New or untested workflows
- Workflows that send emails or messages
- High-stakes automations
- Workflows that access external communication tools
How approvals flow:
Read-only mode
The workflow can only read and analyze — it cannot modify anything.
What happens:
- Reading actions run normally
- Actions that make changes are blocked
- Cannot label, archive, or send
- Can still send reports to you (since that only goes to your inbox)
Even in read-only mode, your assistant can still send you emails with results and summaries. It just can’t modify your inbox or message external parties.
Best for:
- Analytics and reporting workflows
- Research workflows
- Testing new configurations
- Workflows that only gather information
Per-tool permission levels
You can override the mode for individual tools within a workflow. This gives you fine-grained control.
Example: You want a workflow that automatically labels and archives emails, but always asks before sending an email. Set the workflow to autonomous mode, then override the email-sending tool to require approval.
This way, labeling and archiving happen instantly, while sending emails always waits for your OK.
Use per-tool settings to create nuanced permission models. For example, allow all reading and organizing actions but require approval for any external communication.
What counts as a “safe” action?
When you select “Always allow safe actions”, Town automatically approves actions that can’t send data outside your account. Actions that can communicate externally still require your approval.
Automatically approved:
- Reading and searching emails
- Adding and removing labels
- Archiving and moving emails
- Creating drafts
- Viewing calendar events
- Reading files
Still requires approval (external communication):
- Creating calendar events with attendees (sends invitations)
- Editing calendar events (can notify attendees)
- Sending Slack messages
- Creating GitHub commits or pull requests
- Updating shared Google Sheets or Docs
Sending an email to yourself (“send email to user”) is considered safe because it only goes to your inbox — not to anyone else.
Which actions require approval?
In approval-required mode, all actions that make changes require your approval:
| Action | Needs approval? |
|---|---|
| Reading an email | No |
| Searching emails | No |
| Viewing calendar events | No |
| Adding a label | Yes |
| Archiving an email | Yes |
| Creating a draft | Yes |
| Deleting or trashing | Yes |
| Sending email to you | Yes |
| Creating calendar events | Yes |
| Sending Slack messages | Yes |
Approval notifications
When a workflow needs your approval:
- In the web app — Visible in the chat and on the Approvals page
- Email notification — You receive an email with the proposed action
- Action options — Approve once, approve for the session, or switch to full autonomous
Each approval includes:
- Which workflow is requesting
- What action it wants to take
- The workflow’s reasoning
- Options to approve with different scopes
Progressive trust
A common pattern is to start restrictive and expand trust over time:
At the workflow level
- Start with Read-Only — See what the workflow would do without any risk
- Move to Approval-Required — Let it propose actions for your review
- Promote to Autonomous — When behavior is stable and low-risk
Within a session
You can progressively expand trust during a single session as you gain confidence in what the workflow is doing.
Choosing the right mode
| Situation | Recommended mode |
|---|---|
| Brand new workflow | Approval-required or Read-only |
| Workflow sends external messages | Approval-required (at least initially) |
| Simple labeling and archiving | Autonomous (once tested) |
| Research and analysis only | Read-only |
| Processing every incoming email | Autonomous (for speed) |
| Weekly summary workflow | Approval-required (review before sending) |
| Mission-critical automation | Approval-required (even when trusted) |
Best practices
Default to approval-required for new workflows. Move to autonomous only after reviewing several runs.
Keep outgoing messages on approval-required. Sent messages can’t be unsent. Review before sending.
Use read-only for experimentation. When testing new instructions or configurations, read-only mode prevents accidents.
Check your approvals regularly. Approval-required only works if you actually review the requests. Don’t let them pile up.
Use “Always allow [action]” to speed up repetitive tasks. If a workflow needs to archive 50 emails, approve the first one with “Always allow Archive Email” instead of clicking 50 times.