Voting Operations

Introduction

Voting operations provide direct interaction with the voting system, enabling manual creation of polls and status checking. While most voting workflows are automatically triggered by policies, these operations allow for explicit voting control and monitoring.

What Are Voting Operations?

Voting operations allow you to:

Manually create polls for authorization workflows

Check the status of active or completed polls

Trigger voting outside of policy-driven workflows

Monitor voting progress and outcomes

These operations complement policy-based voting by providing explicit control when automated policy triggers are not suitable.

Voting Workflow

Policy-Driven Voting (Automatic)

Operation Occurs → Policy Matches → Poll Created Automatically
         ↓
Ballots Sent to Authenticators
         ↓
Votes Collected
         ↓
Poll Resolved

Manual Voting (Explicit)

Create Voting Request → Poll Created Manually
         ↓
Ballots Sent to Authenticators
         ↓
Check Pool Status → Monitor Progress
         ↓
Votes Collected
         ↓
Poll Resolved

Manual Voting Use Cases

Custom Authorization Workflows

Create polls for operations that don't fit standard policy templates or require ad-hoc authorization.

Example: One-time approval for exceptional access request outside normal policy scope.

Testing Voting Configurations

Test voting configurations and Authenticator responses before applying them to policies.

Example: Verify that all Authenticators receive ballots and can respond correctly before activating a policy.

Administrative Approvals

Trigger voting for administrative decisions that require consensus but don't map to system operations.

Example: Approval for adding a new team member, organizational policy changes, or budget decisions.

External System Integration

Create polls triggered by external systems or applications that need authorization through Privicore's voting mechanism.

Example: Third-party application requests approval before performing sensitive action on user's behalf.

Poll Status Monitoring

The check pool status operation enables:

Real-time Monitoring: Track voting progress as Authenticators respond

Outcome Verification: Confirm final poll resolution (approved/rejected)

Timeout Detection: Identify polls that expired before completion

Quorum Tracking: Monitor if sufficient Authenticators have responded

Poll States

Polls progress through several states:

Created: Poll created, ballots being distributed

Active: Ballots sent, waiting for Authenticator responses

Voting: Authenticators are responding with votes

Quorum Met: Minimum required responses received

Resolved: Poll completed with outcome (approved/rejected)

Expired: Time limit reached before resolution

Failed: Quorum not met or other failure condition

Manual vs. Policy-Driven Voting

Manual Voting

Advantages:

Explicit control over when voting occurs

Flexible authorization for non-standard scenarios

Testing and verification of voting configurations

Integration with external systems

Disadvantages:

Requires explicit API calls for each voting instance

No automatic triggering based on operations

Must manually track and manage poll lifecycle

Policy-Driven Voting

Advantages:

Automatic triggering based on operation events

Consistent enforcement of authorization rules

No manual intervention required

Integrated with system operations

Disadvantages:

Limited to scenarios covered by policy templates

Less flexible for ad-hoc authorization needs

Requires policy configuration before use

Integration with Voting Configurations

Both manual and policy-driven voting use voting configurations to determine:

Voting strategy (unanimous, consensus, affirmative, minimum_percentage)

Time limits

Quorum requirements

Authenticator selection

When creating a manual poll, reference a voting configuration to apply these parameters.

Create Voting

Manually create a poll for authorization, specifying the voting configuration and context for Authenticators to evaluate.

Check Pool Status

Query the status of a poll to monitor voting progress, verify completion, and retrieve the outcome.

Security Considerations

Manual voting requires valid authorization token
Polls created manually follow the same security model as policy-driven polls
Authenticators receive encrypted ballots via secure channels
Poll status can only be checked by the profile that created the poll
Time limits and quorum requirements prevent indefinite blocking
All voting operations are logged for audit purposes
Manual polls do not bypass voting configurations - same rules apply

Best Practices

Use Policies When Possible

Prefer policy-driven voting for recurring authorization patterns. Manual voting is best for exceptional or one-time scenarios.

Provide Clear Context

When creating manual polls, provide clear context in the poll description so Authenticators understand what they're approving.

Monitor Poll Status

Check poll status to ensure voting completes successfully and handle timeout or failure cases appropriately.

Test Configurations

Use manual voting to test voting configurations before applying them to policies that affect production operations.

Document Manual Polls

Maintain records of why manual polls were created, especially for audit and compliance purposes.

Handle All Outcomes

Implement logic to handle all poll outcomes: approved, rejected, expired, and failed states.

Voting Operations

Introduction#

What Are Voting Operations?#

Voting Workflow#

Policy-Driven Voting (Automatic)#

Manual Voting (Explicit)#

Manual Voting Use Cases#

Custom Authorization Workflows#

Testing Voting Configurations#

Administrative Approvals#

External System Integration#

Poll Status Monitoring#

Poll States#

Manual vs. Policy-Driven Voting#

Manual Voting#

Policy-Driven Voting#

Integration with Voting Configurations#