The Problem with Human-in-the-Loop Workflows

Picture a blogging platform. Users submit posts. Admins review them before they go live.

The tricky part: these happen at different times. A user submits at 9am. An admin reviews at 3pm. How do you connect these?

With Lambda alone, you'd need polling. Save state to a database. Run a CRON job. Check every few minutes if someone approved. It works, but it's ugly.

Step Functions handle this elegantly with the "Wait for Callback" pattern.

How It Works

1. User submits a blog post through API Gateway
2. Step Function starts and invokes a Lambda function
3. Lambda saves the content AND a task token to DynamoDB
4. Step Function pauses - it waits for that token to come back
5. Admin sees pending posts in a dashboard, clicks approve or reject
6. Another API call sends the task token back to Step Functions
7. Step Function resumes and handles the result

The key is that task token. It's like a parking ticket. The workflow hands it out, parks itself, and waits until someone brings the ticket back.

Things to Watch Out For

Token expiration: Tokens can be valid up to one year. We set ours to 7 days.

Token security: Anyone with the token can resume your workflow. Keep them private.

Standard only: This pattern only works with Standard Step Functions (billed per state transition), not Express.

Error handling: A rejected post isn't a failure - it's a valid outcome. Design your error handling accordingly.

Why Not Just Use Lambda?

You could. Save everything to DynamoDB. Poll with EventBridge. Check if approved.

But you lose visibility. Step Functions show you a visual graph of exactly what happened. When something goes wrong, you see the exact state. Non-technical people can look at the diagram and understand the flow.

For approval workflows, that visibility is worth it.

🎬 Watch the Full Tutorial →