diff --git a/src/pages/manage/access-control/endpoint-detection-and-response/force-approval.mdx b/src/pages/manage/access-control/endpoint-detection-and-response/force-approval.mdx
new file mode 100644
index 00000000..6ac5184e
--- /dev/null
+++ b/src/pages/manage/access-control/endpoint-detection-and-response/force-approval.mdx
@@ -0,0 +1,117 @@
+# Force Approve EDR-Rejected Peers
+
+In some situations, you may need to grant network access to a peer that fails EDR or MDM compliance checks. NetBird provides a **force approval** mechanism that allows administrators to override EDR rejections on a per-peer basis.
+
+## When to Use Force Approval
+
+Force approval is useful in scenarios such as:
+
+- **Temporary exceptions**: A device needs immediate network access while compliance issues are being resolved.
+- **Testing and development**: Test devices that may not have EDR agents installed.
+- **Legacy devices**: Older devices that cannot run the required EDR agent but still need limited network access.
+- **False positives**: When the EDR platform incorrectly flags a compliant device.
+
+<Note>
+    Force approval should be used sparingly and only when necessary. It bypasses security controls designed to protect your network.
+</Note>
+
+## How Force Approval Works
+
+When you force approve a peer:
+
+1. The peer immediately gains network access, regardless of its EDR compliance status.
+2. The force approval remains active until:
+   - An administrator manually revokes it, OR
+   - The device becomes naturally compliant in the EDR system (force approval is automatically removed)
+3. All force approval actions are logged in the [Activity Events](/manage/activity-events) for audit purposes.
+
+## Force Approve a Peer
+
+To force approve an EDR-rejected peer:
+
+1. Navigate to the [Peers](https://app.netbird.io/peers) page in the NetBird dashboard
+2. Locate the peer showing `Approval required` status
+3. Click on the peer to open its details
+4. Click the **Force Approve** button
+5. Confirm the action in the dialog
+
+<p>
+    <img src="/docs-static/img/manage/access-control/endpoint-detection-and-response/force-approval/force-approve-button.png" alt="Force approve button" className="imagewrapper-big"/>
+</p>
+
+The peer will immediately gain network access and the `Approval required` status will be replaced with a `Force Approved` indicator.
+
+## View Force-Approved Peers
+
+To see all peers that have been force approved:
+
+1. Navigate to the [Peers](https://app.netbird.io/peers) page
+2. Use the filter to show only force-approved peers
+
+Force-approved peers are visually distinguished from naturally compliant peers, making it easy to track which devices have administrative overrides in place.
+
+## Revoke Force Approval
+
+To revoke a force approval and return a peer to normal EDR validation:
+
+1. Navigate to the [Peers](https://app.netbird.io/peers) page
+2. Click on the force-approved peer
+3. Click the **Revoke Force Approval** button
+4. Confirm the action
+
+<p>
+    <img src="/docs-static/img/manage/access-control/endpoint-detection-and-response/force-approval/revoke-force-approval.png" alt="Revoke force approval" className="imagewrapper-big"/>
+</p>
+
+Once revoked, the peer will be subject to normal EDR compliance checks. If the device is still non-compliant, it will lose network access and show `Approval required` status again.
+
+## Automatic Removal of Force Approval
+
+Force approval is automatically removed when a device becomes naturally compliant in your EDR platform. This ensures that:
+
+- Devices don't retain unnecessary administrative overrides
+- Your security posture improves as devices become compliant
+- You don't need to manually clean up force approvals
+
+For example, if you force approve a peer because its EDR agent was temporarily offline, the force approval will be automatically removed once the agent reconnects and the device passes compliance checks.
+
+## Activity Logging
+
+All force approval actions are recorded in the activity log:
+
+| Event | Description |
+|-------|-------------|
+| `Peer force approved by admin` | An administrator granted force approval to a peer |
+| `Peer force approval revoked` | An administrator or the system removed force approval |
+
+You can view these events in the [Activity Events](/manage/activity-events) page, including details about which administrator performed the action and the original rejection reason.
+
+## API Access
+
+Force approval can also be managed via the NetBird API:
+
+```bash
+# Force approve a peer
+curl -X POST "https://api.netbird.io/api/integrations/edr/peers/{peerId}/force-approve" \
+  -H "Authorization: Token <your-api-token>"
+
+# Revoke force approval
+curl -X DELETE "https://api.netbird.io/api/integrations/edr/peers/{peerId}/force-approve" \
+  -H "Authorization: Token <your-api-token>"
+
+# List all force-approved peers
+curl -X GET "https://api.netbird.io/api/integrations/edr/peers/force-approved" \
+  -H "Authorization: Token <your-api-token>"
+```
+
+## Best Practices
+
+- **Document exceptions**: Keep a record of why each force approval was granted.
+- **Review regularly**: Periodically review force-approved peers and revoke approvals that are no longer needed.
+- **Use time-limited access**: Consider revoking force approvals after a defined period.
+- **Monitor activity**: Watch for unusual patterns in force approval usage.
+- **Prefer compliance**: Always aim to bring devices into compliance rather than relying on force approvals.
+
+<Note>
+    Force approval requires the `EDR Update` permission. Only users with appropriate roles can force approve or revoke approvals.
+</Note>