# Release post **User & Group Exception Capabilities** empower organizations to designate specific users, groups, and custom roles who can bypass merge request approval policies during critical situations. This feature provides the flexibility needed for emergency responses while maintaining comprehensive audit trails and governance controls. #### **Emergency Access with Accountability** * **Break-Glass Scenarios**: Designated users can bypass approval requirements during critical incidents, security hotfixes, or urgent production issues. When emergencies strike, authorized personnel can merge changes immediately while the system captures detailed justification and audit information for compliance review. * **Role-Based Flexibility**: Configure exceptions based on GitLab roles (Maintainer, Developer), custom roles, or specific user groups. This granular control ensures only appropriate personnel can invoke bypasses while supporting complex organizational structures and responsibility matrices. #### Key capabilities include: * **Documented Bypass Process**: When authorized users invoke a policy waiver, they must provide detailed reasoning through an intuitive modal interface. This ensures every exception is properly documented with context, creating a complete audit trail for security and compliance teams. * **Comprehensive Audit Integration**: Every bypass generates detailed audit events including user identity, policy context, reasoning, and timestamps. Organizations gain complete visibility into exception usage patterns while maintaining the governance controls required for enterprise compliance. * **Flexible Configuration**: Define exception permissions at the policy level using simple YAML or UI configuration, supporting individual users, GitLab groups, standard roles, and custom roles. This flexibility accommodates diverse organizational structures while maintaining centralized policy management. This feature eliminates the need for disabling security policies during emergencies, providing a controlled path for urgent changes while preserving organizational governance and audit requirements. # :tv: [Demo](https://www.youtube.com/watch?v=MLh_jO5B6n8)