Ammendments

How amendment workflows control changes to authorized records and how they connect to activity logs.

Last updated2026-05-25

What this page covers

Activity logging is documented in Activity Logs. This page focuses on amendments: how controlled changes are proposed, reviewed, and applied to already authorized records.

What an amendment is

An amendment is a proposed change to an existing record that is already active.

Instead of changing that record directly, the system creates a separate amendment record for review and approval.

Supported amendment intents are:

UPDATE to modify fields
DELETE to soft-delete after approval
RESTORE to restore a previously inactive record

Amendment lifecycle

An amendment moves through workflow statuses similar to maker-checker:

CAPTURED
PENDING_AUTH_L3
PENDING_AUTH_L2
PENDING_AUTH_L1
AUTHORIZED
REJECTED
DENIED

When final approval is reached, the amendment is applied to the target record.

Amendment-specific rules

This page keeps only the rules specific to amendments:

for UPDATE and DELETE, the target is expected to already be AUTHORIZED
only one pending amendment can exist for the same target at a time
if an amendment is REJECTED, only its creator can correct and resubmit it
the target record remains live while amendment approval is in progress
amendment apply happens at final authorization, not at initial capture

How amendments relate to activity logs

They work together:

amendment workflow controls whether a sensitive change is allowed
activity logs record each action in that lifecycle
together they provide both control and traceability