Docs / Permissions and trust /
PermissionHistoryRow
Immutable row in a permission audit log: action, decision, actor, and timestamp.
Preview
Write to production databaseGranteddb:write
Approved for the migration run.
Joey van Sommerendataops-v2Today at 14:32
Send email to 2,400 usersDeniedemail:send
Wrong segment selected — denied until corrected.
Joey van Sommerencampaign-agentToday at 11:07
Read analytics dashboardAlways allowanalytics:read
Systemautoreporting-agentYesterday at 09:15
Push to main branchRevokedgit:push
Access revoked after failed deployment.
Joey van Sommerenci-agent3 days ago
Variants
Granted — with revoke
Push to staging branchGrantedgit:push
Joey van Sommerendeploy-agentToday at 16:45
Always allow — auto actor
Read S3 bucketAlways allows3:read
Matches the global S3 read allowlist.
Policy engineautodata-pipeline2 weeks ago
Props
| Prop | Type | Description |
|---|---|---|
| title* | string | Human-readable action label. |
| scope* | string | The scope string in mono — e.g. "db:write". |
| decision* | "granted" | "denied" | "always" | "revoked" | The permission outcome. |
| actor | { name: string; auto?: boolean } | Who made the decision. When auto is true, renders an Auto badge. |
| agent | string | The agent identifier in mono. |
| timestamp* | string | Human-readable timestamp — e.g. "Today at 14:32". |
| rationale | string | Optional explanation shown below the title row. |
| onRevoke | () => void | When provided and decision is not denied/revoked, renders a Revoke button. |
| onView | () => void | When provided, renders a View button. |
| className | string | Additional CSS classes for the row root. |
* required.
Usage
import { PermissionHistoryRow } from "@/components/agent/permission-history-row";
<PermissionHistoryRow
title="Write to production database"
scope="db:write"
decision="granted"
actor={{ name: "Joey van Sommeren" }}
agent="dataops-v2"
timestamp="Today at 14:32"
onView={() => {}}
onRevoke={() => {}}
/>