Under the proposed setup, IBM's AI agents manage the workflow and Auth0 handles the approval request through backchannel authentication. The human approver then uses a YubiKey for physical authentication before the action can proceed. According to Yubico, this creates cryptographic proof tied to a verified identity and physical presence. The process is intended to show that the correct individual approved the action, that the approval cannot be replayed or intercepted, and that the decision is linked to that user.