Authenticate with the Ironclad API using an API key in the Authorization header and call GET /workflows to list active workflows, filtering by workflowTemplateId and status to identify stalled records
For each stalled workflow, call GET /workflows/{workflowId} to inspect the current step and identify the approver whose action is pending beyond an SLA threshold
Call the workflow participants update endpoint (PATCH or PUT as documented for the API version in use) to reassign the pending step to an escalation approver by updating the participant's email or user ID
If the workflow supports programmatic step advancement, POST to the workflow actions endpoint with an action type of approve or reject on behalf of a service account user to unblock the workflow
Record the escalation event in an audit log with the original approver, new approver, timestamp, and workflow ID for compliance reporting
Known gotchas
Ironclad's API does not expose every workflow state transition as a programmatic action; some step types (e.g., those requiring a wet signature attachment) cannot be advanced via API and require UI intervention
Reassigning a participant via API sends an immediate notification email to the new approver; test escalation logic in a non-production Ironclad environment to avoid spamming users during development
Ironclad rate limits vary by plan; bulk escalation scripts that loop over many workflows without throttling will encounter 429 errors and may trigger temporary API key suspension
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp