Add a PagerDuty notification channel from Settings → Notification Channels. You will need three things from your PagerDuty account:
- API Key: a General Access API Key (not Read-Only). Find it in PagerDuty → Integrations → API Access Keys, then copy the API Key value (not the ID column).
- PagerDuty User Email: the email of an actual user in your PagerDuty account. This is the requester recorded against incidents Oakallow creates.
- Service ID: open Services → Service Directory, click your service, and copy the ID from the URL (it appears as /service-directory/<ID>). This is NOT the integration ID and NOT the API Key ID — those look identical but are different things.
When an approval event fires, Oakallow creates an incident on your PagerDuty service. The Service's Escalation Policy decides who gets paged. Each incident shows the tool name, the oakallow reference id, and a short PII-scrubbed reason. We never send tool parameters, customer data, or end-user identities to PagerDuty.
- Approval requested creates an incident at your default urgency.
- Approval granted or denied resolves the matching incident.
- Approval expired creates an incident at high urgency regardless of the default — this is the case where someone needs to look at a request that timed out.
This is alerting only. Approvals are still decided exclusively in the Oakallow mobile app with enforced multi-factor authentication. PagerDuty pages the right human; the mobile app is where the decision is made and signed.
The API Key is stored encrypted at rest and is write-only after creation — we never display it back to you. To rotate, edit the channel in Settings, paste the new key, save, and click Test to confirm delivery.