>_

SpendSignoff documentation

The always-on operator for your ad accounts. Read and draft from your AI client — approve before anything goes live.

Guide

Automating a platform safely

A walkthrough for taking one ad account from read-only to drafting changes, without ever handing the AI the ability to spend on its own.

Your AI can read and draft — it can never spend without your approval.

Start read-only, on purpose

Every platform connection begins read-only. The first OAuth authorization grants SpendSignoff read access to Google Ads or Meta — spend, structure, budgets, bids, performance — and nothing else. The operator uses that read access to find money: a stalled budget, an overpaced campaign, a bid that is leaving conversions on the table.

You can stay read-only as long as you want. On Free, that is the whole product: see exactly what the operator would propose, on any account, without ever enabling a write path.

From link to live change

The path is the same on Google Ads and Meta. Each step is reversible up until the final confirm.

1

Link the account read-only

OAuth into the platform from Accounts. SpendSignoff reads the account; it cannot change anything yet. Linking grants read access, not spend — spend is gated behind your approval, not an OAuth scope.

2

Let the operator draft

The always-on operator scans the account and stages a draft — say, moving budget off an overpaced ad set onto one that is converting. The draft shows the before → after values and a projected impact.

3

Review the diff

Open the draft in the approval queue. You see exactly which fields change and by how much. If the underlying account moved since the draft was built, the draft is marked STALE and you re-draft rather than push a value that no longer holds.

4

Approve and push live

Run the two-step Approve & push live → Confirm control. Only on Confirm does SpendSignoff call the platform write API. The change lands with a signed audit entry and a one-click rollback.

A stale draft is not a stuck draft

If a draft flips to STALE, the values it captured no longer match the account. SpendSignoff will not let you push a stale draft — it asks the operator to re-draft against the current state first. This is by design.

What protects you the whole way

  • The 24h spend envelope caps how much approved change can flow to an account in a rolling day, so a bad week of approvals cannot run away.
  • The circuit breaker trips on anomalous platform responses or pacing and pauses further drafts from reaching the queue.
  • The audit log records every approval as a KMS-signed, append-only entry — what changed, who approved it, and the value to roll back to.

Next

Safety

Draft-before-live, propose-only, the daily envelope, and the circuit breaker.

    Automating a platform safely — SpendSignoff Docs