diff --git a/.vale/styles/Flipt/spelling-exceptions.txt b/.vale/styles/Flipt/spelling-exceptions.txt
index b10952f..53a9f96 100644
--- a/.vale/styles/Flipt/spelling-exceptions.txt
+++ b/.vale/styles/Flipt/spelling-exceptions.txt
@@ -1,5 +1,6 @@
affordance
APIs
+approvers
auditable
avro
azblob
diff --git a/cloud/features/approval-workflows.mdx b/cloud/features/approval-workflows.mdx
new file mode 100644
index 0000000..f454a28
--- /dev/null
+++ b/cloud/features/approval-workflows.mdx
@@ -0,0 +1,91 @@
+---
+title: Approval Workflows
+description: Learn about the built-in approval workflows available with Flipt Cloud
+mode: "wide"
+---
+
+Flipt Cloud provides a built-in approval workflow system that allows you to easily manage and track the proposal and approval process for your flags, ensuring that they are approved by the appropriate stakeholders before they are released to production.
+
+
+
+## Overview
+
+Flipt Cloud's approval workflow system is designed to be simple to use and understand. It is built on top of Flipt Cloud's [Git backed storage](/cloud/features/git-backed-storage) and integrates natively with your existing GitHub Pull Request (PR) process.
+
+Many teams have existing processes for managing PRs and ensuring code is reviewed by the appropriate stakeholders. We believe that feature flags should be no different and should follow the same process.
+
+Organizations may require that all flag changes are reviewed and approved by a specific set of approvers before they are released to production. This could be a team lead, tech lead, or even a cross functional team.
+
+The approval workflow system is designed to fit into this process, and to make it as easy as possible to configure and manage.
+
+
+ Proposals and approvals functionality is only available on our Team plan and
+ above. See our [pricing page](https://www.flipt.io/pricing) for more
+ information.
+
+
+## Protected Environments
+
+When you create an environment in Flipt Cloud, you can choose to protect the environment. This will require that all flag and other configuration changes go through a review and approval process before they are served from the environment.
+
+
+
+In our Git backed storage model, all environments have a default branch. If you chose an existing repository and branch when creating the environment and that branch is protected, the environment itself will be protected by default.
+
+
+ Many teams protect their `main` branch, but you can select a different branch
+ when creating the environment.
+
+
+Protected environments are read-only and can only be changed by going through the proposal/approval process. If you are in a protected environment, you will see the 'Protected' badge in the top right of the environment.
+
+
+
+## Approval Process
+
+To make a change for a protected environment, you will need to put the environment into 'editing mode' by clicking on the 'Protected' badge. This will prompt a confirmation dialog asking you to confirm that you want to create a proposal branch to make your changes.
+
+
+
+Once you click 'Create Branch', you will be redirected to a new environment that is no longer protected. This environment is a full read/write replica of the protected environment, but any changes you make will not be deployed to the protected environment until they are approved and merged.
+
+
+
+You can make changes to the unprotected environment, and they will be captured in the proposal branch. Once you are ready to deploy your changes, you can create a pull request into the protected environment.
+
+## Creating a Proposal
+
+After making the changes you want to propose, you can create a proposal by clicking on the 'Propose' button in the top right of the screen. This will again prompt a confirmation dialog asking you to confirm that you want to create a new pull request in your repository and add it to the approval workflow.
+
+
+
+Once you click 'Create Proposal', you will see a badge in the top right of the screen indicating that a proposal is pending, with a link to the proposal pull request.
+
+
+
+Clicking on the badge will take you to the proposal pull request.
+
+
+
+## Approve and Merge
+
+Your team can review the proposal and approve it by clicking on the 'Approve' button in the pull request. Once the proposal is approved, you will be able to merge the pull request into the protected environment.
+
+
+
+Once the pull request is merged, the changes will be deployed to the protected environment.
+
+
+
+
+ You can leverage GitHub's existing [Code
+ Owners](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners)
+ feature to automatically request reviews from specific teams or individuals
+ when a proposal is created. This is a great way to automate requesting the relevant teams and individuals for their approval input.
+
+
+## Evaluation
+
+Proposal environments are full-fledged environments and can be used for evaluation just like any other environment. This means that you can use the same SDKs, API keys, and other mechanisms to evaluate your flags in the proposal environment as you would in any other environment.
+
+You can simply change the URL of your evaluation requests to point to the proposal environment and you will be able to see the changes you made for evaluation.
diff --git a/cloud/features/authentication.mdx b/cloud/features/authentication.mdx
index 4680093..9bd2656 100644
--- a/cloud/features/authentication.mdx
+++ b/cloud/features/authentication.mdx
@@ -1,6 +1,7 @@
---
title: Authentication
description: Learn about the authentication options available with Flipt Cloud
+mode: "wide"
---
Flipt Cloud supports multiple authentication methods, including email/password, Google, and GitHub. You can also use [Single Sign-On (SSO)](#single-sign-on) with providers like Okta, Microsoft Active Directory, and Google Workspace.
diff --git a/cloud/features/rbac.mdx b/cloud/features/rbac.mdx
index dd00f81..fba9199 100644
--- a/cloud/features/rbac.mdx
+++ b/cloud/features/rbac.mdx
@@ -1,6 +1,7 @@
---
title: Role Based Access Control
description: Learn about the role-based access control options available with Flipt Cloud
+mode: "wide"
---
Role-based access control allows you to define custom roles and permissions for your team members.
@@ -9,6 +10,12 @@ Role-based access control allows you to define custom roles and permissions for
You can create roles with specific permissions, such as read-only access to feature flags or the ability to create new flags. This gives you fine-grained control over who can do what in Flipt Cloud and your Flipt instances.
+
+ Role-based access control functionality is only available on our Team plan and
+ above. See our [pricing page](https://www.flipt.io/pricing) for more
+ information.
+
+
## Built-in Roles
Flipt Cloud comes with several built-in roles that you can assign to your team members:
diff --git a/images/cloud/features/approval/approve-pull-request.png b/images/cloud/features/approval/approve-pull-request.png
new file mode 100644
index 0000000..2f5fb13
Binary files /dev/null and b/images/cloud/features/approval/approve-pull-request.png differ
diff --git a/images/cloud/features/approval/create-branch-dialog.png b/images/cloud/features/approval/create-branch-dialog.png
new file mode 100644
index 0000000..c80e356
Binary files /dev/null and b/images/cloud/features/approval/create-branch-dialog.png differ
diff --git a/images/cloud/features/approval/create-proposal-dialog.png b/images/cloud/features/approval/create-proposal-dialog.png
new file mode 100644
index 0000000..81d82a0
Binary files /dev/null and b/images/cloud/features/approval/create-proposal-dialog.png differ
diff --git a/images/cloud/features/approval/deployed-changes.png b/images/cloud/features/approval/deployed-changes.png
new file mode 100644
index 0000000..2de4c6c
Binary files /dev/null and b/images/cloud/features/approval/deployed-changes.png differ
diff --git a/images/cloud/features/approval/proposal-merged.png b/images/cloud/features/approval/proposal-merged.png
new file mode 100644
index 0000000..5cbf137
Binary files /dev/null and b/images/cloud/features/approval/proposal-merged.png differ
diff --git a/images/cloud/features/approval/proposal-pending.png b/images/cloud/features/approval/proposal-pending.png
new file mode 100644
index 0000000..dbf044a
Binary files /dev/null and b/images/cloud/features/approval/proposal-pending.png differ
diff --git a/images/cloud/features/approval/proposal-pull-request.png b/images/cloud/features/approval/proposal-pull-request.png
new file mode 100644
index 0000000..ad28f0e
Binary files /dev/null and b/images/cloud/features/approval/proposal-pull-request.png differ
diff --git a/images/cloud/features/approval/protected-badge.png b/images/cloud/features/approval/protected-badge.png
new file mode 100644
index 0000000..30188b1
Binary files /dev/null and b/images/cloud/features/approval/protected-badge.png differ
diff --git a/images/cloud/features/approval/protected-environment.png b/images/cloud/features/approval/protected-environment.png
new file mode 100644
index 0000000..bc44a05
Binary files /dev/null and b/images/cloud/features/approval/protected-environment.png differ
diff --git a/images/cloud/features/approval/unprotected-environment.png b/images/cloud/features/approval/unprotected-environment.png
new file mode 100644
index 0000000..55fa438
Binary files /dev/null and b/images/cloud/features/approval/unprotected-environment.png differ
diff --git a/mint.json b/mint.json
index a239f0b..c7247f7 100644
--- a/mint.json
+++ b/mint.json
@@ -264,6 +264,7 @@
"pages": [
"cloud/features/authentication",
"cloud/features/git-backed-storage",
+ "cloud/features/approval-workflows",
"cloud/features/rbac",
"cloud/features/user-management"
]