# Pre-approving Access

Approvers can pre-approve access before the requestor creates an access request.

For instance, the approver may want to allow certain users to elevate their permissions automatically for the duration of a project, without having to wait for the approver to approve manually every time.

## 🕒 Allowing access ahead of time

To allow access requests for the future, use the `/p0 allow` slash command in Slack.

The arguments for this command are similar to `/p0 request` (see [#using-slack-slash-commands](https://docs.p0.dev/orchestration/requesting-access#using-slack-slash-commands "mention")), with a few additional required options:

* `--to <email>`\
  Use the email identifier of the principal to which you want to grant access
* `--length <duration>`\
  Duration for auto-approved access. The requestor will be automatically approved between the `start` time of the `allow` command up to this duration. Format like `'10 minutes'`, `'2 hours'`, `'5 days'`, or `'1 week'`.
* `--request-duration <duration>`\
  Access duration for individual requests. Once the requestor submits an access request, it will be automatically approved for this duration. Format like the `--length` option.

Optionally you can specify the `--start` option, which is the start time for auto-approved access. Defaults to now if not specified. Use ISO 8601 format, like `'2021-01-01T00:00:00Z'` or `2021-01-01`.

The principal issuing the `allow` command must be a valid approver for the principal in the `--to` argument, and for the resources specified, based on [routing rules](https://docs.p0.dev/orchestration/just-in-time-access/request-routing).