What happens if a spend request is rejected?

The wallet.pay() call returns status: rejected with a reasons array. The workflow stops before the paid step executes — no money moves and the decision is recorded in the audit trail.

What is the difference between queued and rejected?

Queued means the spend intent exceeded the approval threshold and is waiting for human review in the NORNR control room. Rejected means policy blocked it outright — counterparty not allowed, daily limit exceeded, or mandate not matched.

How is this different from API rate limiting?

Rate limiting caps request volume after the fact. NORNR governs spend intent before money moves — checking amount, counterparty and mandate in real time so blocked or queued requests never reach the paid API.

Do I need to rewrite my existing agent code?

No. Add one wallet.pay() call before the paid step and branch on the returned status. Your existing workflow logic stays unchanged.

How to add a budget and approval gate to a Dify AI agent

1. Why Dify agents need spend controls

Dify is a fast path to building LLM-powered apps and agents. But when those agents start calling paid models, data APIs or external services, Dify itself has no native gate between intent and settlement.

NORNR fills that gap. Add a Code node to your Dify workflow that calls the NORNR policy engine before the expensive step. Low-risk calls pass immediately. Larger ones queue for human review. Out-of-policy ones are blocked with a clear reason recorded in the audit trail.

2. Install the SDK

bash

pip install agentpay

3. Create the governed wallet in a Code node

python

from agentpay import Wallet

wallet = Wallet.create(
    owner="dify-research-agent",
    daily_limit=40,
    require_approval_above=10,
    base_url="https://nornr.com",
)

4. Gate the paid step

python

decision = wallet.pay(
    amount=6.00,
    to="anthropic",
    purpose="long-form summarisation",
)

if decision.get("status") == "approved":
    pass  # continue to LLM node
elif decision.get("status") == "queued":
    raise Exception(f"Spend queued for review: {decision}")
else:
    raise Exception(f"Spend blocked by policy: {decision}")

Route the raised exception to a Dify error branch that notifies the operator and halts the workflow cleanly.

5. Decision output

output

{"status": "approved", "requiresApproval": false}
{"status": "queued",   "requiresApproval": true}
{"status": "rejected", "reasons": ["daily_limit_exceeded"]}

6. Common mistakes

Placing the NORNR call inside the LLM tool rather than before the tool node.
Treating queued as a generic error — it is a pause state, not a failure.
Using one wallet for all Dify apps without separate owner identifiers.