diff --git a/.gitignore b/.gitignore
index 1d2863ba..efa7d011 100644
--- a/.gitignore
+++ b/.gitignore
@@ -83,4 +83,5 @@ celerybeat-schedule.db
 node_modules
 
 # local tmp folder
-tmp
\ No newline at end of file
+tmp
+scripts
\ No newline at end of file
diff --git a/assets/js/components/record_details/CreatePublicRecordModal.js b/assets/js/components/record_details/CreatePublicRecordModal.js
new file mode 100644
index 00000000..d12293c3
--- /dev/null
+++ b/assets/js/components/record_details/CreatePublicRecordModal.js
@@ -0,0 +1,248 @@
+// This file is part of CDS RDM
+// Copyright (C) 2025 CERN.
+//
+// CDS RDM is free software; you can redistribute it and/or modify it
+// under the terms of the GPL-2.0 License; see LICENSE file for more details.
+
+import React, { Component } from "react";
+import PropTypes from "prop-types";
+import {
+  Button,
+  Checkbox,
+  Header,
+  Icon,
+  Message,
+  Modal,
+} from "semantic-ui-react";
+import { http } from "react-invenio-forms";
+import { i18next } from "@translations/invenio_rdm_records/i18next";
+
+export class CreatePublicRecordModal extends Component {
+  constructor(props) {
+    super(props);
+    this.state = {
+      submitting: false,
+      error: null,
+      publicRecord: null,
+      alreadyExists: false,
+      agreedToTerms: false,
+      agreedToCommunity: false,
+    };
+  }
+
+  handleCreate = async () => {
+    const { record, onSuccess } = this.props;
+    this.setState({ submitting: true, error: null, alreadyExists: false });
+    try {
+      const response = await http.post(
+        `/api/records/${record.id}/ep-approval/publish-public`,
+        {},
+        { headers: { "Content-Type": "application/json" } }
+      );
+      this.setState({ publicRecord: response.data });
+      onSuccess(response.data);
+    } catch (err) {
+      if (err?.response?.status === 409 && err?.response?.data?.id) {
+        // A public record already exists — show a warning and surface the link.
+        const existingRecord = err.response.data;
+        this.setState({ publicRecord: existingRecord, alreadyExists: true });
+        onSuccess(existingRecord);
+      } else {
+        const msg =
+          err?.response?.data?.message ||
+          i18next.t("An error occurred. Please try again.");
+        this.setState({ error: msg });
+      }
+    } finally {
+      this.setState({ submitting: false });
+    }
+  };
+
+  handleClose = () => {
+    const { onClose } = this.props;
+    this.setState({
+      error: null,
+      publicRecord: null,
+      agreedToTerms: false,
+      agreedToCommunity: false,
+    });
+    onClose();
+  };
+
+  render() {
+    const { open, record } = this.props;
+    const {
+      submitting,
+      error,
+      publicRecord,
+      alreadyExists,
+      agreedToTerms,
+      agreedToCommunity,
+    } = this.state;
+
+    const versionIndex = record?.versions?.index;
+    const canPublish = agreedToTerms && agreedToCommunity;
+
+    const epApprovalEl = document.getElementById("recordManagement");
+    const epApproval = epApprovalEl
+      ? JSON.parse(epApprovalEl.dataset.epApproval || "null")
+      : null;
+    const communityId = epApproval?.cern_scientific_community_id;
+
+    return (
+      <Modal open={open} onClose={this.handleClose} size="small" closeIcon>
+        <Header
+          content={i18next.t(
+            "Are you sure you want to create a public record of the approved document?"
+          )}
+        />
+        <Modal.Content>
+          {error && <Message negative content={error} />}
+
+          {publicRecord && alreadyExists ? (
+            <Message warning>
+              <Message.Header>
+                {i18next.t("A public record already exists")}
+              </Message.Header>
+              <Message.Content>
+                {i18next.t(
+                  "A public record for this approval has already been created."
+                )}{" "}
+                <a
+                  href={publicRecord.links?.self_html}
+                  target="_blank"
+                  rel="noreferrer"
+                >
+                  {i18next.t("View public record")}
+                  <Icon name="external alternate" className="ml-5" />
+                </a>
+              </Message.Content>
+            </Message>
+          ) : publicRecord ? (
+            <Message positive>
+              <Message.Header>
+                {i18next.t("Public record created")}
+              </Message.Header>
+              <Message.Content>
+                {i18next.t("The public record has been created successfully.")}{" "}
+                <a
+                  href={publicRecord.links?.self_html}
+                  target="_blank"
+                  rel="noreferrer"
+                >
+                  {i18next.t("View public record")}
+                  <Icon name="external alternate" className="ml-5" />
+                </a>
+              </Message.Content>
+            </Message>
+          ) : (
+            <>
+              <Message visible warning>
+                <p>
+                  <Icon name="warning sign" />{" "}
+                  {i18next.t(
+                    "The metadata and files of Version v{{v}} will be copied to the new public record. Once published, the files can no longer be changed.",
+                    { v: versionIndex ?? "?" }
+                  )}
+                </p>
+              </Message>
+
+              <Checkbox
+                checked={agreedToTerms}
+                onChange={(_, { checked }) =>
+                  this.setState({ agreedToTerms: checked })
+                }
+                label={
+                  <label>
+                    {i18next.t(
+                      "By publishing, you agree that the record complies with"
+                    )}{" "}
+                    <a
+                      href="https://repository.cern/records/53y0h-6ad63"
+                      target="_blank"
+                      rel="noopener noreferrer"
+                    >
+                      {i18next.t("CDS Terms of Service")}
+                    </a>
+                    ,{" "}
+                    <a
+                      href="https://repository.cern/records/dd19c-hwf65"
+                      target="_blank"
+                      rel="noopener noreferrer"
+                    >
+                      {i18next.t("CDS Content Policy")}
+                    </a>{" "}
+                    {i18next.t("and")}{" "}
+                    <a
+                      href="https://cds.cern.ch/record/45085"
+                      target="_blank"
+                      rel="noopener noreferrer"
+                    >
+                      {i18next.t("OC6")}
+                    </a>
+                    .
+                  </label>
+                }
+              />
+              <div className="mt-10">
+                <Checkbox
+                  checked={agreedToCommunity}
+                  onChange={(_, { checked }) =>
+                    this.setState({ agreedToCommunity: checked })
+                  }
+                  label={
+                    <label>
+                      {i18next.t(
+                        "Once created, the record will be automatically added to the"
+                      )}{" "}
+                      <a
+                        href={`/communities/${communityId || "cern-research"}`}
+                        target="_blank"
+                        rel="noopener noreferrer"
+                      >
+                        {i18next.t("CERN Research")}
+                      </a>{" "}
+                      {i18next.t(
+                        "community. The curators of the community will be able to curate both the metadata and files of the published record."
+                      )}
+                    </label>
+                  }
+                />
+              </div>
+            </>
+          )}
+        </Modal.Content>
+        <Modal.Actions>
+          <Button
+            floated="left"
+            onClick={this.handleClose}
+            disabled={submitting}
+          >
+            {publicRecord ? i18next.t("Close") : i18next.t("Cancel")}
+          </Button>
+          {!publicRecord && (
+            <Button
+              positive
+              content={i18next.t("Publish")}
+              onClick={this.handleCreate}
+              loading={submitting}
+              disabled={submitting || !canPublish}
+            />
+          )}
+        </Modal.Actions>
+      </Modal>
+    );
+  }
+}
+
+CreatePublicRecordModal.propTypes = {
+  open: PropTypes.bool.isRequired,
+  record: PropTypes.object.isRequired,
+  approvedReportNumber: PropTypes.string,
+  onClose: PropTypes.func.isRequired,
+  onSuccess: PropTypes.func.isRequired,
+};
+
+CreatePublicRecordModal.defaultProps = {
+  approvedReportNumber: null,
+};
diff --git a/assets/js/components/record_details/EPApproval.js b/assets/js/components/record_details/EPApproval.js
new file mode 100644
index 00000000..4bca4e95
--- /dev/null
+++ b/assets/js/components/record_details/EPApproval.js
@@ -0,0 +1,430 @@
+// This file is part of CDS RDM
+// Copyright (C) 2025 CERN.
+//
+// CDS RDM is free software; you can redistribute it and/or modify it
+// under the terms of the GPL-2.0 License; see LICENSE file for more details.
+
+import React, { Component } from "react";
+import {
+  Button,
+  Divider,
+  Grid,
+  Header,
+  Icon,
+  Message,
+  Modal,
+  Step,
+} from "semantic-ui-react";
+import { i18next } from "@translations/invenio_app_rdm/i18next";
+import { EPApprovalSubmitModal } from "./EPApprovalSubmitModal";
+import { CreatePublicRecordModal } from "./CreatePublicRecordModal";
+import PropTypes from "prop-types";
+
+export class EPApprovalManageSection extends Component {
+  constructor(props) {
+    super(props);
+    const recordManagementDiv = document.getElementById("recordManagement");
+    const epApprovalData = recordManagementDiv
+      ? JSON.parse(recordManagementDiv.dataset.epApproval || "null")
+      : null;
+
+    this.state = {
+      epApproval: epApprovalData,
+      submitModalOpen: false,
+      createPublicModalOpen: false,
+      newVersionModalOpen: false,
+      // Tracks the public record id/url after creation (optimistic UI update).
+      // can_create_public from backend already handles the case where one exists.
+      publicRecordId: null,
+      publicRecordUrl: null,
+    };
+
+    this._newVersionClickHandler = null;
+  }
+
+  componentDidMount() {
+    this._attachNewVersionInterceptor();
+  }
+
+  componentDidUpdate(_prevProps, prevState) {
+    const { epApproval } = this.state;
+    const prevEpApproval = prevState.epApproval;
+    if (
+      epApproval?.open_request?.status !== prevEpApproval?.open_request?.status
+    ) {
+      this._detachNewVersionInterceptor();
+      this._attachNewVersionInterceptor();
+    }
+  }
+
+  componentWillUnmount() {
+    this._detachNewVersionInterceptor();
+  }
+
+  _attachNewVersionInterceptor() {
+    const { epApproval } = this.state;
+    if (epApproval?.open_request?.status !== "submitted") return;
+
+    // Find the "New version" button rendered by InvenioRDM's RecordManagement.
+    const btn = Array.from(document.querySelectorAll("button")).find(
+      (b) => b.textContent.trim() === i18next.t("New version")
+    );
+    if (!btn) return;
+
+    this._newVersionClickHandler = (e) => {
+      e.stopImmediatePropagation();
+      e.preventDefault();
+      this.setState({ newVersionModalOpen: true });
+    };
+    btn.addEventListener("click", this._newVersionClickHandler, true);
+    this._newVersionBtn = btn;
+  }
+
+  _detachNewVersionInterceptor() {
+    if (this._newVersionBtn && this._newVersionClickHandler) {
+      this._newVersionBtn.removeEventListener(
+        "click",
+        this._newVersionClickHandler,
+        true
+      );
+    }
+    this._newVersionBtn = null;
+    this._newVersionClickHandler = null;
+  }
+
+  get shouldRender() {
+    const { epApproval } = this.state;
+    return (
+      epApproval &&
+      (epApproval.community_enrolled || epApproval.is_public_approved_record)
+    );
+  }
+
+  handleSubmitSuccess = (request) => {
+    this.setState((prev) => ({
+      submitModalOpen: false,
+      epApproval: {
+        ...prev.epApproval,
+        open_request: {
+          id: request.id,
+          status: "submitted",
+          links: request.links,
+        },
+      },
+    }));
+  };
+
+  handlePublicRecordCreated = (publicRecord) => {
+    this.setState({
+      publicRecordId: publicRecord.id,
+      publicRecordUrl: publicRecord.links?.self_html || null,
+    });
+  };
+
+  render() {
+    const {
+      epApproval,
+      submitModalOpen,
+      createPublicModalOpen,
+      newVersionModalOpen,
+      publicRecordId,
+      publicRecordUrl,
+    } = this.state;
+    const { record } = this.props;
+
+    if (!this.shouldRender) {
+      return null;
+    }
+
+    // Public EP-approved record — show a compact provenance note.
+    if (epApproval.is_public_approved_record) {
+      const {
+        approved_report_number: pubRn,
+        draft_record_id,
+        can_view_reviewed_version,
+      } = epApproval;
+      return (
+        <Grid.Column className="pb-20 pt-0">
+          <Message size="small" positive>
+            <Icon name="check circle" />
+            {pubRn
+              ? i18next.t("EP-approved as {{rn}}", { rn: pubRn })
+              : i18next.t("EP-approved record")}
+            {can_view_reviewed_version && draft_record_id && (
+              <>
+                {" · "}
+                <a
+                  href={`/records/${draft_record_id}`}
+                  target="_blank"
+                  rel="noreferrer"
+                >
+                  {i18next.t("Review history")}
+                  <Icon name="external alternate" className="ml-5" />
+                </a>
+              </>
+            )}
+          </Message>
+        </Grid.Column>
+      );
+    }
+
+    const {
+      can_submit,
+      can_create_public,
+      open_request,
+      approved_report_number,
+      receiver_group,
+      ep_approval,
+    } = epApproval;
+
+    // Public record URL: prefer the URL captured at creation time; fall back to
+    // the recid stored on the parent (approved_public_version) for page-load case.
+    const resolvedPublicRecordUrl =
+      publicRecordUrl ||
+      (ep_approval?.approved_public_version
+        ? `/records/${ep_approval.approved_public_version}`
+        : null);
+
+    const isPending = open_request?.status === "submitted";
+    const isDeclined = open_request?.status === "declined";
+    const isAccepted = open_request?.status === "accepted";
+    // approved_report_number is always populated by the backend (scans the full
+    // parent if the current version doesn't carry the CF itself).
+    const canResubmit =
+      can_submit && !isPending && !approved_report_number && !isAccepted;
+    // can_create_public comes from the backend and already encodes version-order
+    // eligibility (only versions >= the approved version may create a public record).
+    const canCreatePublic = can_create_public && !publicRecordId;
+
+    const requestLink =
+      open_request?.links?.self_html ||
+      (open_request?.id ? `/requests/${open_request.id}` : null);
+
+    // Timeline step states
+    // Step 1 — Request for approval
+    const step1Completed = !!approved_report_number;
+    const step1Active = !step1Completed && !isPending;
+
+    // Step 2 — EP Board review
+    const step2Completed = !!approved_report_number;
+    const step2Active = isPending;
+    const step2Disabled = !isPending && !step2Completed;
+
+    // Step 3 — Create final public version
+    const step3Completed = step2Completed && !canCreatePublic;
+    const step3Active = step2Completed && canCreatePublic;
+    const step3Disabled = !step2Completed;
+
+    return (
+      <Grid.Column className="pb-20 pt-0">
+        <Divider horizontal>
+          <Header as="h4">{i18next.t("Approval request workflow")}</Header>
+        </Divider>
+
+        <Step.Group
+          ordered
+          vertical
+          fluid
+          size="mini"
+          className="ep-step-group"
+        >
+          {/* Step 1 — Request for approval */}
+          <Step completed={step1Completed} active={step1Active}>
+            <Step.Content>
+              <div className="ep-action-step">
+                <div>
+                  <Step.Title>{i18next.t("Request for approval")}</Step.Title>
+                  <Step.Description>
+                    {isDeclined ? (
+                      <>
+                        {i18next.t("Request was declined.")}
+                        {requestLink && (
+                          <>
+                            {" "}
+                            <a
+                              href={requestLink}
+                              target="_blank"
+                              rel="noreferrer"
+                            >
+                              {i18next.t("View")}
+                              <Icon
+                                name="external alternate"
+                                className="ml-5"
+                              />
+                            </a>
+                          </>
+                        )}
+                      </>
+                    ) : step1Completed ? (
+                      i18next.t("Request submitted.")
+                    ) : (
+                      i18next.t("Submit the document for EP committee review.")
+                    )}
+                  </Step.Description>
+                </div>
+                {canResubmit && (
+                  <Button
+                    positive
+                    size="mini"
+                    onClick={() => this.setState({ submitModalOpen: true })}
+                  >
+                    {isDeclined
+                      ? i18next.t("Request again")
+                      : i18next.t("Request approval")}
+                  </Button>
+                )}
+              </div>
+            </Step.Content>
+
+            {canResubmit && (
+              <EPApprovalSubmitModal
+                open={submitModalOpen}
+                record={record}
+                receiverGroup={receiver_group}
+                onClose={() => this.setState({ submitModalOpen: false })}
+                onSuccess={this.handleSubmitSuccess}
+              />
+            )}
+          </Step>
+
+          {/* Step 2 — EP Board review */}
+          <Step
+            completed={step2Completed}
+            active={step2Active}
+            disabled={step2Disabled}
+          >
+            <Step.Content>
+              <div className="ep-action-step">
+                <div>
+                  <Step.Title>{i18next.t("EP Board review")}</Step.Title>
+                  <Step.Description>
+                    {step2Completed ? (
+                      requestLink ? (
+                        <a href={requestLink} target="_blank" rel="noreferrer">
+                          {i18next.t("Approved as {{rn}}", {
+                            rn: approved_report_number,
+                          })}
+                          <Icon name="external alternate" className="ml-5" />
+                        </a>
+                      ) : (
+                        i18next.t("Approved as {{rn}}", {
+                          rn: approved_report_number,
+                        })
+                      )
+                    ) : (
+                      i18next.t(
+                        "The EP secretariat will review the submission."
+                      )
+                    )}
+                  </Step.Description>
+                </div>
+                {step2Active && requestLink && (
+                  <Button
+                    as="a"
+                    size="mini"
+                    href={requestLink}
+                    target="_blank"
+                    rel="noreferrer"
+                  >
+                    {i18next.t("View request")}
+                    <Icon name="external alternate" className="ml-5" />
+                  </Button>
+                )}
+              </div>
+            </Step.Content>
+          </Step>
+
+          {/* Step 3 — Create final public version */}
+          <Step
+            completed={step3Completed}
+            active={step3Active}
+            disabled={step3Disabled}
+          >
+            <Step.Content>
+              <div className="ep-action-step">
+                <div>
+                  <Step.Title>
+                    {i18next.t("Create final public version")}
+                  </Step.Title>
+                  <Step.Description>
+                    {step3Completed ? (
+                      resolvedPublicRecordUrl ? (
+                        <a
+                          href={resolvedPublicRecordUrl}
+                          target="_blank"
+                          rel="noreferrer"
+                        >
+                          {i18next.t("View public record")}
+                          <Icon name="external alternate" className="ml-5" />
+                        </a>
+                      ) : (
+                        i18next.t("Public record created.")
+                      )
+                    ) : (
+                      i18next.t(
+                        "Publish the EP-approved record publicly on CDS."
+                      )
+                    )}
+                  </Step.Description>
+                </div>
+                {step3Active && (
+                  <Button
+                    primary
+                    size="mini"
+                    onClick={() =>
+                      this.setState({ createPublicModalOpen: true })
+                    }
+                  >
+                    {i18next.t("Publish")}
+                  </Button>
+                )}
+              </div>
+            </Step.Content>
+            {step3Active && (
+              <CreatePublicRecordModal
+                open={createPublicModalOpen}
+                record={record}
+                approvedReportNumber={approved_report_number}
+                onClose={() => this.setState({ createPublicModalOpen: false })}
+                onSuccess={this.handlePublicRecordCreated}
+              />
+            )}
+          </Step>
+        </Step.Group>
+
+        {/* New-version warning modal — shown when user clicks "New version" while a request is pending */}
+        <Modal
+          open={newVersionModalOpen}
+          onClose={() => this.setState({ newVersionModalOpen: false })}
+          size="small"
+        >
+          <Modal.Header>
+            <Icon name="warning sign" color="yellow" />
+            {i18next.t("EP approval request pending")}
+          </Modal.Header>
+          <Modal.Content>
+            <p>
+              {i18next.t(
+                "An EP approval request is currently pending for this record. " +
+                  "Creating a new version is not recommended while the request is open. " +
+                  "If you need to create a new version, please cancel the approval request first."
+              )}
+            </p>
+          </Modal.Content>
+          <Modal.Actions>
+            <Button
+              primary
+              onClick={() => this.setState({ newVersionModalOpen: false })}
+            >
+              {i18next.t("OK")}
+            </Button>
+          </Modal.Actions>
+        </Modal>
+      </Grid.Column>
+    );
+  }
+}
+
+EPApprovalManageSection.propTypes = {
+  record: PropTypes.object.isRequired,
+};
diff --git a/assets/js/components/record_details/EPApprovalSubmitModal.js b/assets/js/components/record_details/EPApprovalSubmitModal.js
new file mode 100644
index 00000000..5a98a9e5
--- /dev/null
+++ b/assets/js/components/record_details/EPApprovalSubmitModal.js
@@ -0,0 +1,242 @@
+// This file is part of CDS RDM
+// Copyright (C) 2025 CERN.
+//
+// CDS RDM is free software; you can redistribute it and/or modify it
+// under the terms of the GPL-2.0 License; see LICENSE file for more details.
+
+import React, { Component } from "react";
+import PropTypes from "prop-types";
+import {
+  Button,
+  Checkbox,
+  Form,
+  Header,
+  Message,
+  Modal,
+} from "semantic-ui-react";
+import { http } from "react-invenio-forms";
+import { i18next } from "@translations/invenio_app_rdm/i18next";
+
+const buildInitialForm = (record) => ({
+  experiment: "",
+  submitted_by: "",
+  role: "",
+  publication_title: record?.metadata?.title || "",
+  latest_version_url: record?.links?.self_html || "",
+  rapid_approval: false,
+  cb_review_completed: false,
+  cb_process_type: "",
+  paper_signed: true,
+  num_non_signers: 0,
+  controversy: false,
+  additional_communication: "",
+});
+
+export class EPApprovalSubmitModal extends Component {
+  constructor(props) {
+    super(props);
+    this.state = {
+      form: buildInitialForm(props.record),
+      submitting: false,
+      error: null,
+    };
+  }
+
+  handleChange = (e, { name, value, checked, type }) => {
+    this.setState((prev) => ({
+      form: {
+        ...prev.form,
+        [name]: type === "checkbox" ? checked : value,
+      },
+    }));
+  };
+
+  handleSubmit = async () => {
+    const { record, receiverGroup, onSuccess } = this.props;
+    const { form } = this.state;
+
+    this.setState({ submitting: true, error: null });
+    try {
+      const payload = {
+        title: `Request approval for ${record["title"]}`,
+        receiver_group: receiverGroup,
+        payload: { ...form },
+      };
+      const response = await http.post(
+        `/api/records/${record.id}/ep-approval`,
+        payload,
+        { headers: { "Content-Type": "application/json" } }
+      );
+      onSuccess(response.data);
+    } catch (err) {
+      const msg =
+        err?.response?.data?.message ||
+        i18next.t("An error occurred. Please try again.");
+      this.setState({ error: msg });
+    } finally {
+      this.setState({ submitting: false });
+    }
+  };
+
+  handleClose = () => {
+    const { onClose, record } = this.props;
+    this.setState({ form: buildInitialForm(record), error: null });
+    onClose();
+  };
+
+  render() {
+    const { open } = this.props;
+    const { form, submitting, error } = this.state;
+
+    return (
+      <Modal open={open} onClose={this.handleClose} size="small" closeIcon>
+        <Header content={i18next.t("Request for approval")} />
+        <Modal.Content>
+          {error && <Message negative content={error} />}
+          <Form>
+            <Form.Input
+              label={i18next.t("Experiment")}
+              name="experiment"
+              value={form.experiment}
+              onChange={this.handleChange}
+              required
+            />
+            <Form.Input
+              label={i18next.t("Paper submitted by")}
+              name="submitted_by"
+              value={form.submitted_by}
+              onChange={this.handleChange}
+              required
+            />
+            <Form.Input
+              label={i18next.t("Role")}
+              name="role"
+              value={form.role}
+              onChange={this.handleChange}
+              required
+            />
+            <Form.Input
+              label={i18next.t("Publication Title")}
+              name="publication_title"
+              value={form.publication_title}
+              onChange={this.handleChange}
+              required
+            />
+            <Form.Input
+              label={i18next.t("Latest version at")}
+              name="latest_version_url"
+              value={form.latest_version_url}
+              onChange={this.handleChange}
+              placeholder="http://"
+            />
+            <Form.Field>
+              <Checkbox
+                label={i18next.t("Is rapid approval (i.e. 2 days) requested?")}
+                name="rapid_approval"
+                checked={form.rapid_approval}
+                onChange={this.handleChange}
+              />
+            </Form.Field>
+            <Form.Field>
+              <Checkbox
+                label={i18next.t(
+                  "Has the review process of the Collaboration Editorial Board been completed?"
+                )}
+                name="cb_review_completed"
+                checked={form.cb_review_completed}
+                onChange={this.handleChange}
+              />
+            </Form.Field>
+            {form.cb_review_completed && (
+              <Form.Group inline>
+                <label>
+                  {i18next.t("If so, was the process standard or accelerated?")}
+                </label>
+                <Form.Radio
+                  label={i18next.t("Standard")}
+                  name="cb_process_type"
+                  value="standard"
+                  checked={form.cb_process_type === "standard"}
+                  onChange={this.handleChange}
+                />
+                <Form.Radio
+                  label={i18next.t("Accelerated")}
+                  name="cb_process_type"
+                  value="accelerated"
+                  checked={form.cb_process_type === "accelerated"}
+                  onChange={this.handleChange}
+                />
+              </Form.Group>
+            )}
+            <Form.Field>
+              <Checkbox
+                label={i18next.t(
+                  "Is the paper signed by the whole Collaboration?"
+                )}
+                name="paper_signed"
+                checked={form.paper_signed}
+                onChange={this.handleChange}
+              />
+            </Form.Field>
+            {!form.paper_signed && (
+              <Form.Input
+                label={i18next.t(
+                  "If not, indicate the number of people who did not sign:"
+                )}
+                name="num_non_signers"
+                type="number"
+                min={0}
+                value={form.num_non_signers}
+                onChange={this.handleChange}
+              />
+            )}
+            {!form.paper_signed && (
+              <Form.Field>
+                <Checkbox
+                  label={i18next.t(
+                    "Does the non-signature reflect controversy about the paper within the Collaboration?"
+                  )}
+                  name="controversy"
+                  checked={form.controversy}
+                  onChange={this.handleChange}
+                />
+              </Form.Field>
+            )}
+            <Form.TextArea
+              label={i18next.t("Additional communication")}
+              name="additional_communication"
+              value={form.additional_communication}
+              onChange={this.handleChange}
+            />
+          </Form>
+        </Modal.Content>
+        <Modal.Actions>
+          <Button onClick={this.handleClose} disabled={submitting}>
+            {i18next.t("Close")}
+          </Button>
+          <Button
+            positive
+            icon="check"
+            labelPosition="left"
+            content={i18next.t("Request for approval")}
+            onClick={this.handleSubmit}
+            loading={submitting}
+            disabled={submitting}
+          />
+        </Modal.Actions>
+      </Modal>
+    );
+  }
+}
+
+EPApprovalSubmitModal.propTypes = {
+  open: PropTypes.bool.isRequired,
+  record: PropTypes.object.isRequired,
+  receiverGroup: PropTypes.string,
+  onClose: PropTypes.func.isRequired,
+  onSuccess: PropTypes.func.isRequired,
+};
+
+EPApprovalSubmitModal.defaultProps = {
+  receiverGroup: null,
+};
diff --git a/assets/js/components/record_details/RecordVersionItem.js b/assets/js/components/record_details/RecordVersionItem.js
index 5d5bb861..67d11a79 100644
--- a/assets/js/components/record_details/RecordVersionItem.js
+++ b/assets/js/components/record_details/RecordVersionItem.js
@@ -1,10 +1,39 @@
-import React from "react";
-import { List } from "semantic-ui-react";
+import React, { useMemo } from "react";
+import { Icon, List } from "semantic-ui-react";
 import { i18next } from "@translations/invenio_app_rdm/i18next";
 import PropTypes from "prop-types";
 import { CopyButton } from "@js/invenio_app_rdm/components/CopyButton";
 
+function readEpApprovalData() {
+  const el = document.getElementById("recordManagement");
+  if (!el) return null;
+  try {
+    return JSON.parse(el.dataset.epApproval || "null");
+  } catch (_) {
+    return null;
+  }
+}
+
 export const RecordVersionItemContent = ({ item, activeVersion, doi }) => {
+  const epApproval = useMemo(readEpApprovalData, []);
+
+  // --- Internal draft side ---
+  // ep_approval is the parent record's approval dict, shared by all versions.
+  // Keys: reportnumber, approved_internal_version, approved_public_version,
+  //       source_public_version (internal parent); source_internal_version (public parent).
+  const ea = epApproval?.ep_approval || {};
+  const approvedReportNumber = ea.reportnumber;
+  // approved_internal_version: recid of the version that was submitted and approved.
+  const isApprovedVersion =
+    !!approvedReportNumber && ea.approved_internal_version === item.id;
+  // source_public_version: recid of the internal version used to create the public record.
+  const publicRecordId = ea.approved_public_version;
+
+  const isPublicSourceVersion =
+    !!publicRecordId && ea.source_public_version === item.id;
+  // If approved and public-source are the same version, show only the public record link.
+  const sameVersion = isApprovedVersion && isPublicSourceVersion;
+
   return (
     <List.Item
       key={item.id}
@@ -21,6 +50,35 @@ export const RecordVersionItemContent = ({ item, activeVersion, doi }) => {
           </a>
         )}
 
+        {/* Approved version: show report number. If this is also the source for
+            the public record (same version), replace with the public record link.
+            If public record was created from a different version, show label only. */}
+        {isApprovedVersion && !sameVersion && (
+          <>
+            {" "}
+            <span className="text-muted-darken">
+              <Icon name="check circle" size="small" />
+              {approvedReportNumber}
+            </span>
+          </>
+        )}
+
+        {/* Public source version: link to public record with report number. */}
+        {isPublicSourceVersion && (
+          <>
+            {" "}
+            <a
+              href={`/records/${publicRecordId}`}
+              target="_blank"
+              rel="noreferrer"
+              className="text-muted-darken"
+            >
+              <Icon name="external alternate" size="small" />
+              {approvedReportNumber}
+            </a>
+          </>
+        )}
+
         {doi && (
           <a
             href={`https://doi.org/${doi}`}
diff --git a/assets/js/components/requests/EPApprovalRequestDetails.js b/assets/js/components/requests/EPApprovalRequestDetails.js
new file mode 100644
index 00000000..1b997337
--- /dev/null
+++ b/assets/js/components/requests/EPApprovalRequestDetails.js
@@ -0,0 +1,156 @@
+// This file is part of CDS RDM
+// Copyright (C) 2025 CERN.
+//
+// CDS RDM is free software; you can redistribute it and/or modify it
+// under the terms of the GPL-2.0 License; see LICENSE file for more details.
+
+import React from "react";
+import PropTypes from "prop-types";
+import { Grid, Table } from "semantic-ui-react";
+import { i18next } from "@translations/invenio_app_rdm/i18next";
+import { Timeline } from "@js/invenio_requests/timelineParent";
+import RequestMetadata from "@js/invenio_requests/request/RequestMetadata";
+
+const BoolCell = ({ value }) => (
+  <>{value ? i18next.t("Yes") : i18next.t("No")}</>
+);
+
+BoolCell.propTypes = { value: PropTypes.bool.isRequired };
+
+const EPApprovalPayloadCard = ({ request }) => {
+  const payload = request.payload || {};
+  const topicLinks = request.topic?.links || {};
+
+  return (
+    <Table definition celled compact className="mb-15">
+      <Table.Body>
+        {topicLinks.self_html && (
+          <Table.Row>
+            <Table.Cell>{i18next.t("Record")}</Table.Cell>
+            <Table.Cell>
+              <a href={topicLinks.self_html} target="_blank" rel="noreferrer">
+                {topicLinks.self_html}
+              </a>
+            </Table.Cell>
+          </Table.Row>
+        )}
+        <Table.Row>
+          <Table.Cell>{i18next.t("Experiment")}</Table.Cell>
+          <Table.Cell>{payload.experiment || "—"}</Table.Cell>
+        </Table.Row>
+        <Table.Row>
+          <Table.Cell>{i18next.t("Submitted by")}</Table.Cell>
+          <Table.Cell>{payload.submitted_by || "—"}</Table.Cell>
+        </Table.Row>
+        <Table.Row>
+          <Table.Cell>{i18next.t("Role")}</Table.Cell>
+          <Table.Cell>{payload.role || "—"}</Table.Cell>
+        </Table.Row>
+        {payload.latest_version_url && (
+          <Table.Row>
+            <Table.Cell>{i18next.t("Latest version at")}</Table.Cell>
+            <Table.Cell>
+              <a
+                href={payload.latest_version_url}
+                target="_blank"
+                rel="noreferrer"
+              >
+                {payload.latest_version_url}
+              </a>
+            </Table.Cell>
+          </Table.Row>
+        )}
+        <Table.Row>
+          <Table.Cell>{i18next.t("Rapid approval")}</Table.Cell>
+          <Table.Cell>
+            <BoolCell value={!!payload.rapid_approval} />
+          </Table.Cell>
+        </Table.Row>
+        <Table.Row>
+          <Table.Cell>{i18next.t("CB review completed")}</Table.Cell>
+          <Table.Cell>
+            <BoolCell value={!!payload.cb_review_completed} />
+            {payload.cb_review_completed && payload.cb_process_type && (
+              <> ({payload.cb_process_type})</>
+            )}
+          </Table.Cell>
+        </Table.Row>
+        <Table.Row>
+          <Table.Cell>{i18next.t("Paper signed by whole collaboration")}</Table.Cell>
+          <Table.Cell>
+            <BoolCell value={!!payload.paper_signed} />
+            {!payload.paper_signed && payload.num_non_signers > 0 && (
+              <> — {i18next.t("{{n}} non-signer(s)", { n: payload.num_non_signers })}</>
+            )}
+          </Table.Cell>
+        </Table.Row>
+        {payload.controversy && (
+          <Table.Row>
+            <Table.Cell>{i18next.t("Controversy")}</Table.Cell>
+            <Table.Cell>{i18next.t("Yes")}</Table.Cell>
+          </Table.Row>
+        )}
+        {payload.additional_communication && (
+          <Table.Row>
+            <Table.Cell>{i18next.t("Additional communication")}</Table.Cell>
+            <Table.Cell style={{ whiteSpace: "pre-wrap" }}>
+              {payload.additional_communication}
+            </Table.Cell>
+          </Table.Row>
+        )}
+        {payload.approved_report_number && (
+          <Table.Row positive>
+            <Table.Cell>{i18next.t("Approved report number")}</Table.Cell>
+            <Table.Cell>
+              <strong>{payload.approved_report_number}</strong>
+            </Table.Cell>
+          </Table.Row>
+        )}
+      </Table.Body>
+    </Table>
+  );
+};
+
+EPApprovalPayloadCard.propTypes = {
+  request: PropTypes.object.isRequired,
+};
+
+export const EPApprovalAwareRequestDetails = ({
+  request,
+  userAvatar,
+  permissions,
+  config,
+}) => {
+  const isEPApproval = request.type === "ep-approval";
+
+  return (
+    <Grid stackable reversed="mobile">
+      <Grid.Column mobile={16} tablet={12} computer={13}>
+        {isEPApproval && <EPApprovalPayloadCard request={request} />}
+        <Timeline
+          userAvatar={userAvatar}
+          request={request}
+          permissions={permissions}
+        />
+      </Grid.Column>
+      <Grid.Column mobile={16} tablet={4} computer={3}>
+        <RequestMetadata
+          request={request}
+          permissions={permissions}
+          config={config}
+        />
+      </Grid.Column>
+    </Grid>
+  );
+};
+
+EPApprovalAwareRequestDetails.propTypes = {
+  request: PropTypes.object.isRequired,
+  userAvatar: PropTypes.string,
+  permissions: PropTypes.object.isRequired,
+  config: PropTypes.object.isRequired,
+};
+
+EPApprovalAwareRequestDetails.defaultProps = {
+  userAvatar: "",
+};
diff --git a/assets/js/invenio_app_rdm/overridableRegistry/mapping.js b/assets/js/invenio_app_rdm/overridableRegistry/mapping.js
index fbe4f283..872e7515 100644
--- a/assets/js/invenio_app_rdm/overridableRegistry/mapping.js
+++ b/assets/js/invenio_app_rdm/overridableRegistry/mapping.js
@@ -4,6 +4,7 @@
 // CDS RDM is free software; you can redistribute it and/or modify it
 // under the terms of the GPL-2.0 License; see LICENSE file for more details.
 
+import React from "react";
 import { BasicCERNInformation } from "../../components/deposit/BasicInformation";
 import { CDSCarouselItem } from "../../components/communities_carousel/overrides/CarouselItem";
 import { CDSRecordsList } from "../../components/frontpage/overrides/RecordsList";
@@ -11,6 +12,7 @@ import { CDSRecordsResultsListItem } from "../../components/frontpage/overrides/
 import { CDSRecordsResultsListItemDescription } from "../../components/search/overrides/CDSRecordsResultsListItemDescription";
 import { CDSAffiliationsSuggestions } from "../../components/deposit/overrides/CDSAffiliationsSuggestions";
 import { CLCSync } from "../../components/record_details/clc_sync";
+import { EPApprovalManageSection } from "../../components/record_details/EPApproval";
 import {
   PublishModalComponent,
   SubmitReviewModalComponent,
@@ -19,6 +21,13 @@ import { LockRequestComponent } from "../../components/requests/overrides/LockRe
 import { TimelineEventBodyComponent } from "../../components/requests/overrides/TimelineEventBody";
 import { RecordVersionItemContent } from "../../components/record_details/RecordVersionItem";
 
+const RecordManagementContainer = (props) => (
+  <>
+    <CLCSync {...props} />
+    <EPApprovalManageSection {...props} />
+  </>
+);
+
 export const overriddenComponents = {
   "InvenioAppRdm.RecordsList.layout": CDSRecordsList,
   "InvenioAppRdm.RecordsResultsListItem.layout": CDSRecordsResultsListItem,
@@ -31,7 +40,8 @@ export const overriddenComponents = {
     CDSAffiliationsSuggestions,
   "InvenioAppRdm.Search.RecordsResultsListItem.description":
     CDSRecordsResultsListItemDescription,
-  "InvenioAppRdm.RecordLandingPage.RecordManagement.container": CLCSync,
+  "InvenioAppRdm.RecordLandingPage.RecordManagement.container":
+    RecordManagementContainer,
   "InvenioRdmRecords.SubmitReviewModal.container": SubmitReviewModalComponent,
   "InvenioRdmRecords.PublishModal.container": PublishModalComponent,
   "InvenioRequests.LockRequest": LockRequestComponent,
diff --git a/assets/less/cds-rdm/ep_approval/ep-workflow.less b/assets/less/cds-rdm/ep_approval/ep-workflow.less
new file mode 100644
index 00000000..5caeb911
--- /dev/null
+++ b/assets/less/cds-rdm/ep_approval/ep-workflow.less
@@ -0,0 +1,23 @@
+.ep-step-group .step .content {
+  flex: 1;
+}
+
+.ep-step-group .step::after {
+  display: none !important;
+}
+
+.ep-step-group .step::before {
+  width: 30px;
+}
+
+.ep-action-step {
+  display: flex;
+  justify-content: space-between;
+  align-items: center;
+  width: 100%;
+  column-gap: 5px;
+}
+
+.ep-action-step .description {
+  font-size: 1em !important;
+}
diff --git a/assets/less/cds-rdm/globals/site.overrides b/assets/less/cds-rdm/globals/site.overrides
index ab529674..9a05372b 100644
--- a/assets/less/cds-rdm/globals/site.overrides
+++ b/assets/less/cds-rdm/globals/site.overrides
@@ -1,6 +1,7 @@
 @import "../mixins.less";
 @import "./hero.less";
 @import "../administration/harvester-reports.less";
+@import "../ep_approval/ep-workflow.less";
 
 .rdm-logo {
   padding: 1em 1em 1em 0;
@@ -11,7 +12,7 @@
   z-index: 1;
   background-color: transparent !important;
 
-  & > * {
+  &>* {
     z-index: 3;
     position: relative;
   }
@@ -111,6 +112,7 @@
   transform: rotate(-180deg);
   font-size: 1em;
   padding: 4px;
+
   .env-icon {
     transform: rotate(90deg) !important;
     writing-mode: horizontal-tb;
@@ -128,4 +130,4 @@
   &.sandbox {
     background-color: goldenrod;
   }
-}
\ No newline at end of file
+}
diff --git a/invenio.cfg b/invenio.cfg
index 31ed0417..a20f9c23 100644
--- a/invenio.cfg
+++ b/invenio.cfg
@@ -31,6 +31,15 @@ from invenio_app_rdm.config import \
     STATS_AGGREGATIONS as _APP_RDM_STATS_AGGREGATIONS
 from invenio_app_rdm.config import STATS_EVENTS as _APP_RDM_STATS_EVENTS
 from invenio_app_rdm.config import NOTIFICATIONS_BUILDERS
+from cds_rdm.notifications.ep_approval import (
+    EPApprovalAcceptNotificationBuilder,
+    EPApprovalDeclineNotificationBuilder,
+    EPApprovalSubmitNotificationBuilder,
+)
+from invenio_cern_sync.sso import cern_keycloak, cern_remote_app_name
+from invenio_cern_sync.users.profile import CERNUserProfileSchema
+from invenio_oauthclient.views.client import auto_redirect_login
+from invenio_preservation_sync.utils import preservation_info_render
 from invenio_previewer.config import \
     PREVIEWER_PREFERENCE as DEFAULT_PREVIEWER_PREFERENCE
 from invenio_rdm_records.checks import requests as checks_requests
@@ -70,6 +79,7 @@ from invenio_app_rdm.config import \
     VOCABULARIES_DATASTREAM_WRITERS as DEFAULT_VOCABULARIES_DATASTREAM_WRITERS
 from cds_rdm.clc_sync.services.components import ClcSyncComponent
 from cds_rdm.components import CDSResourcePublication
+from cds_rdm.components import CommitteeApprovalComponent
 from cds_rdm.components import SubjectsValidationComponent
 from cds_rdm.components import MintAlternateIdentifierComponent
 from cds_rdm.pids import validate_optional_doi_transitions
@@ -207,9 +217,9 @@ COMMUNITIES_COLLECTIONS_ENABLED = True
 # See https://github.com/inveniosoftware/invenio-records-resources/blob/master/invenio_records_resources/config.py
 
 # TODO: Set with your own hostname when deploying to production
-SITE_UI_URL = "https://127.0.0.1"
+SITE_UI_URL = "https://127.0.0.1:5000"
 
-SITE_API_URL = "https://127.0.0.1/api"
+SITE_API_URL = "https://127.0.0.1:5000/api"
 
 APP_RDM_DEPOSIT_FORM_DEFAULTS = {
     "publication_date": lambda: datetime.now().strftime("%Y-%m-%d"),
@@ -436,9 +446,35 @@ CDS_EOS_OFFLOAD_X509_KEY_PATH = ""
 # check nginx config for more details
 CDS_EOS_OFFLOAD_REDIRECT_BASE_PATH = ""
 
-CDS_CERN_SCIENTIFIC_COMMUNITY_ID = "c2c46ab3-5fb4-4d86-83c6-5d9dc8392d6f"
+CDS_CERN_SCIENTIFIC_COMMUNITY_ID = "7b7828aa-a3e0-4da0-b78c-7995cf20e542"
 """The id of the CERN Scientific community."""
 
+# ---------------------------------------------------------------------------
+# EP / Publication Approval Workflow
+# ---------------------------------------------------------------------------
+
+CDS_EP_APPROVAL_COMMUNITIES = {
+    # Map community UUID → workflow config.
+    # UUIDs are used (not slugs) because slugs can be renamed.
+    #
+    "9646dd3f-55b4-4132-9060-afe76cd724d0": {
+        "label": "EP approval",           # shown in UI buttons/headings
+        "referee_group": "cds-ph-ep-publication",  # CERN e-group slug
+        "report_number_pattern": "CERN-EP-{year}-{seq:03d}",
+    },
+}
+"""Communities enrolled in the Publication Approval Workflow.
+
+Keyed by community UUID.  Each entry must have:
+  - ``label``: human-readable name shown in the UI (e.g. "EP approval")
+  - ``referee_group``: CERN e-group whose members act as referees
+  - ``report_number_pattern``: Python format string with ``{year}`` and
+    ``{seq:03d}`` placeholders (e.g. ``"CERN-EP-{year}-{seq:03d}"``).
+
+All generated numbers share the ``apprn`` PID type, so uniqueness is
+enforced across all enrolled communities.
+"""
+
 CHECKS_ENABLED = True
 """Enable metadata checks."""
 
@@ -545,6 +581,9 @@ RDM_RECORDS_IDENTIFIERS_SCHEMES = {
     "cdsrn": {"label": _("CDS Report Number"),
               "validator": always_valid,
               "datacite": "CDS"},
+    "apprn": {"label": _("Approval Report Number"),
+                   "validator": schemes.is_approval_report_number,
+                   "datacite": "CERN"},
     "aleph": {"label": _("Aleph number"),
               "validator": schemes.is_aleph,
               "datacite": "ALEPH"},
@@ -606,6 +645,7 @@ RDM_RECORDS_PERSONORG_SCHEMES = {
 
 RDM_RECORDS_SERVICE_COMPONENTS = [
     SubjectsValidationComponent,
+    CommitteeApprovalComponent,
     *DefaultRecordsComponents,
     CDSResourcePublication,
     ClcSyncComponent,
@@ -737,6 +777,9 @@ NOTIFICATIONS_BUILDERS = {
     RepositoryReleaseFailureNotificationBuilder.type: RepositoryReleaseFailureNotificationBuilder,
     RepositoryReleaseCommunityRequiredNotificationBuilder.type: RepositoryReleaseCommunityRequiredNotificationBuilder,
     RepositoryReleaseCommunitySubmittedNotificationBuilder.type: RepositoryReleaseCommunitySubmittedNotificationBuilder,
+    EPApprovalSubmitNotificationBuilder.type: EPApprovalSubmitNotificationBuilder,
+    EPApprovalAcceptNotificationBuilder.type: EPApprovalAcceptNotificationBuilder,
+    EPApprovalDeclineNotificationBuilder.type: EPApprovalDeclineNotificationBuilder,
 }
 NOTIFICATIONS_GROUP_EMAIL_DOMAIN = "cern.ch"
 
diff --git a/pyproject.toml b/pyproject.toml
index c98fd8bc..e40ca809 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -24,7 +24,9 @@ cds-rdm = { workspace = true }
 invenio-cern-sync = { git = "https://github.com/cerndocumentserver/invenio-cern-sync", rev = "v0.7.0" }
 
 [tool.uv]
-override-dependencies = []
+override-dependencies = [
+    "invenio-requests @ git+https://github.com/inveniosoftware/invenio-requests.git@feature/ep-approval"
+]
 
 [tool.uv.workspace]
 members = [
diff --git a/scripts/metadata_checks.py b/scripts/metadata_checks.py
index 236514c0..58c36402 100644
--- a/scripts/metadata_checks.py
+++ b/scripts/metadata_checks.py
@@ -14,8 +14,6 @@
     invenio shell scripts/metadata_checks.py
 """
 
-from copy import deepcopy
-
 from flask import current_app
 from invenio_checks.models import CheckConfig, Severity
 from invenio_communities.proxies import current_communities
diff --git a/site/cds_rdm/components.py b/site/cds_rdm/components.py
index 6a117603..32302920 100644
--- a/site/cds_rdm/components.py
+++ b/site/cds_rdm/components.py
@@ -8,7 +8,11 @@
 
 """CDS RDM service components."""
 
+import re
+
 from flask import current_app
+from flask_principal import ActionNeed
+from invenio_access import Permission
 from invenio_communities.proxies import current_communities
 from invenio_drafts_resources.services.records.components import ServiceComponent
 from invenio_i18n import gettext as _
@@ -134,6 +138,151 @@ def publish(self, identity, draft=None, record=None, **kwargs):
         )
 
 
+class CommitteeApprovalComponent(ServiceComponent):
+    """Guard and sync EP approval identifiers.
+
+    1. Blocks non-privileged users from adding/modifying/deleting ``apprn``
+       scheme identifiers — these are system-managed only.
+    2. Blocks non-privileged users from adding a ``cdsrn`` identifier whose
+       value matches any configured EP approval report-number pattern
+       (e.g. CERN-EP-*).
+    3. Regenerates the ``apprn`` metadata identifier from parent ep_approval
+       on every save — only the public approved record carries it (detected by
+       ``source_internal_version`` on the parent).
+    """
+
+    def _is_privileged(self, identity):
+        """Return True if the identity is system or has superuser access."""
+        return identity.id == "system" or Permission(
+            ActionNeed("superuser-access")
+        ).allows(identity)
+
+    def _ep_approval_prefixes(self):
+        """Return the set of fixed prefixes from all configured EP patterns.
+
+        E.g. pattern "CERN-EP-{year}-{seq:03d}" → prefix "CERN-EP-".
+        Used to detect cdsrn values that collide with EP report numbers.
+        """
+        communities = current_app.config.get("CDS_EP_APPROVAL_COMMUNITIES", {})
+        prefixes = set()
+        for cfg in communities.values():
+            pattern = cfg.get("report_number_pattern", "")
+            # Extract the literal part before the first placeholder.
+            prefix = re.split(r"\{", pattern)[0]
+            if prefix:
+                prefixes.add(prefix)
+        return prefixes
+
+    def _validate_identifier_changes(self, identity, data, record):
+        """Raise ValidationError if the user is modifying protected identifiers."""
+        if self._is_privileged(identity):
+            return
+
+        incoming_identifiers = (data.get("metadata") or {}).get("identifiers", [])
+        stored_identifiers = (record.get("metadata") or {}).get("identifiers", [])
+
+        # Index stored apprn values for comparison.
+        stored_apprn = {
+            i["identifier"] for i in stored_identifiers if i.get("scheme") == "apprn"
+        }
+        incoming_apprn = {
+            i["identifier"] for i in incoming_identifiers if i.get("scheme") == "apprn"
+        }
+        if incoming_apprn != stored_apprn:
+            error_msg = _(
+                "The 'apprn' identifier is system-managed and cannot be "
+                "added, modified, or removed manually."
+            )
+
+            errors = [
+                {
+                    "field": f"metadata.identifiers.{index}.identifier",
+                    "messages": [error_msg],
+                }
+                for index, i in enumerate(incoming_identifiers)
+                if i.get("scheme") == "apprn"
+            ]
+
+            if not errors:
+                # apprn was removed — point to the field without a specific index
+                errors = [
+                    {
+                        "field": "metadata.identifiers",
+                        "messages": [error_msg],
+                    }
+                ]
+
+            raise ValidationErrorWithMessageAsList(errors)
+
+        # Block cdsrn values that look like EP report numbers.
+        ep_prefixes = self._ep_approval_prefixes()
+        if ep_prefixes:
+            errors = []
+            for index, ident in enumerate(incoming_identifiers):
+                if ident.get("scheme") == "cdsrn":
+                    val = ident.get("identifier", "")
+                    if any(val.startswith(p) for p in ep_prefixes):
+                        errors.append(
+                            {
+                                "field": f"metadata.identifiers.{index}.identifier",
+                                "messages": [
+                                    _(
+                                        f"The value '{val}' matches an EP approval "
+                                        "report number pattern and cannot be used as "
+                                        "a CDS report number."
+                                    )
+                                ],
+                            }
+                        )
+            if errors:
+                raise ValidationErrorWithMessageAsList(errors)
+
+    def _regenerate_apprn_identifier(self, record, data):
+        """Keep apprn in metadata.identifiers in sync with parent ep_approval.
+
+        The apprn identifier is only added when ``source_internal_version`` is present
+        on the parent — that key is set exclusively on the public approved record's
+        parent by the ``publish_public_record`` view.
+        """
+        ea = (
+            (record.parent.get("permission_flags") if record.parent else None) or {}
+        ).get("ep_approval") or {}
+        reportnumber = ea.get("reportnumber")
+        source_internal = ea.get("source_internal_version")
+        identifiers = [
+            i
+            for i in (data.get("metadata") or {}).get("identifiers", [])
+            if i.get("scheme") != "apprn"
+        ]
+        if reportnumber and source_internal:
+            identifiers = [
+                {"scheme": "apprn", "identifier": reportnumber}
+            ] + identifiers
+        data.setdefault("metadata", {})["identifiers"] = identifiers
+
+    def create(self, identity, data=None, record=None, errors=None, **kwargs):
+        """Validate apprn identifier on draft creation."""
+        self._validate_identifier_changes(identity, data, record)
+
+    def update_draft(self, identity, data=None, record=None, errors=None, **kwargs):
+        """Validate and regenerate apprn identifier on draft update."""
+        self._validate_identifier_changes(identity, data, record)
+        self._regenerate_apprn_identifier(record, data)
+
+    def publish(self, identity, draft=None, record=None, **kwargs):
+        """Regenerate apprn identifier on publish.
+
+        Validation is intentionally skipped here — publish does not accept
+        user-supplied data, and create/update_draft already guard all entry
+        points. The ``record`` argument at publish time is a newly created
+        empty object (populated by later components), so comparing against it
+        would produce false positives.
+        """
+        # draft is the RDMDraft API object (extends dict); pass it directly
+        # so that modifications to metadata.identifiers are persisted.
+        self._regenerate_apprn_identifier(draft, draft)
+
+
 class MintAlternateIdentifierComponent(ServiceComponent):
     """Service component for minting alternative identifier `CDS Report Number`."""
 
diff --git a/site/cds_rdm/ext.py b/site/cds_rdm/ext.py
index 17d9dcd7..fa4c2619 100644
--- a/site/cds_rdm/ext.py
+++ b/site/cds_rdm/ext.py
@@ -6,9 +6,11 @@
 # the terms of the GPL-2.0 License; see LICENSE file for more details.
 
 """CDS-RDM module."""
+
 from cds_rdm.clc_sync.resources.config import CLCSyncResourceConfig
 from cds_rdm.clc_sync.resources.resource import CLCSyncResource
 from cds_rdm.clc_sync.resources.utils import get_clc_sync_entry
+from cds_rdm.requests.ep_approval_state import get_ep_approval_state
 from cds_rdm.clc_sync.services.config import CLCSyncServiceConfig
 from cds_rdm.clc_sync.services.service import CLCSyncService
 from cds_rdm.harvester_download.resources import (
@@ -40,6 +42,7 @@ def init_app(self, app):
         self.init_services(app)
         self.init_resources(app)
         app.jinja_env.globals["get_clc_sync_entry"] = get_clc_sync_entry
+        app.jinja_env.globals["get_ep_approval_state"] = get_ep_approval_state
         app.jinja_env.globals["evaluate_permissions"] = evaluate_permissions
         # Register filter for building linked records search query
         app.jinja_env.filters["get_linked_records_search_query"] = (
diff --git a/site/cds_rdm/generators.py b/site/cds_rdm/generators.py
index 813b521a..e39da0b7 100644
--- a/site/cds_rdm/generators.py
+++ b/site/cds_rdm/generators.py
@@ -143,3 +143,70 @@ class AllowMetadataOnlyForCurators(Generator):
     def needs(self, **kwargs):
         """Enabling Needs."""
         return [allow_metadata_only_action]
+
+
+class EPWorkflowCommunityManager(Generator):
+    """Allows community managers of EP-workflow-enrolled communities.
+
+    A community is enrolled by having its UUID listed as a key in the
+    ``CDS_EP_APPROVAL_COMMUNITIES`` config dict.
+    """
+
+    def needs(self, record=None, **kwargs):
+        """Return needs for all enrolled communities' manager roles.
+
+        The record's parent communities are intersected with the config to find
+        the relevant community, then we require the community-manager role need.
+        """
+        from invenio_communities.generators import CommunityRoleNeed
+
+        ep_communities = current_app.config.get("CDS_EP_APPROVAL_COMMUNITIES", {})
+        if record is None:
+            return []
+
+        default_community_id = record.parent.get("communities", {}).get("default")
+        needs = []
+        if default_community_id in ep_communities:
+            needs.append(CommunityRoleNeed(default_community_id, "curator"))
+            needs.append(CommunityRoleNeed(default_community_id, "manager"))
+            needs.append(CommunityRoleNeed(default_community_id, "owner"))
+        return needs
+
+    def query_filter(self, **kwargs):
+        """Not used for search filters."""
+        return []
+
+
+class EPCommitteeReferee(Generator):
+    """Allows members of the EP referee group configured for a community.
+
+    Reads ``referee_group`` from the community's entry in
+    ``CDS_EP_APPROVAL_COMMUNITIES`` and returns the corresponding RoleNeed.
+    """
+
+    def needs(self, record=None, request=None, **kwargs):
+        """Return the RoleNeed for the EP referee group."""
+        ep_communities = current_app.config.get("CDS_EP_APPROVAL_COMMUNITIES", {})
+
+        # Try to resolve community from the request topic or from the record.
+        obj = record
+        if obj is None and request is not None:
+            try:
+                obj = request.topic.resolve()
+            except Exception:
+                return []
+
+        if obj is None:
+            return []
+
+        community_ids = list(obj.parent.get("communities", {}).get("ids", []))
+        needs = []
+        for community_id in community_ids:
+            cfg = ep_communities.get(community_id)
+            if cfg:
+                needs.append(RoleNeed(cfg["referee_group"]))
+        return needs
+
+    def query_filter(self, **kwargs):
+        """Not used for search filters."""
+        return []
diff --git a/site/cds_rdm/notifications/__init__.py b/site/cds_rdm/notifications/__init__.py
new file mode 100644
index 00000000..37ddd498
--- /dev/null
+++ b/site/cds_rdm/notifications/__init__.py
@@ -0,0 +1,9 @@
+# -*- coding: utf-8 -*-
+#
+# This file is part of Invenio.
+# Copyright (C) 2026 CERN.
+#
+# Invenio is free software; you can redistribute it and/or modify it
+# under the terms of the GPL-2.0 License; see LICENSE file for more details.
+
+"""CDS RDM notifications."""
diff --git a/site/cds_rdm/notifications/ep_approval.py b/site/cds_rdm/notifications/ep_approval.py
new file mode 100644
index 00000000..28511f04
--- /dev/null
+++ b/site/cds_rdm/notifications/ep_approval.py
@@ -0,0 +1,103 @@
+# -*- coding: utf-8 -*-
+#
+# This file is part of Invenio.
+# Copyright (C) 2026 CERN.
+#
+# Invenio is free software; you can redistribute it and/or modify it
+# under the terms of the GPL-2.0 License; see LICENSE file for more details.
+
+"""EP Approval notification builders."""
+
+from __future__ import annotations
+
+from typing import ClassVar
+
+from flask_principal import Identity
+from invenio_notifications.models import Notification
+from invenio_notifications.registry import EntityResolverRegistry
+from invenio_notifications.services.builders import NotificationBuilder
+from invenio_notifications.services.filters import RecipientFilter
+from invenio_notifications.services.generators import (
+    ContextGenerator,
+    EntityResolve,
+    RecipientGenerator,
+    UserEmailBackend,
+)
+from invenio_requests.records.api import Request
+from invenio_users_resources.notifications.filters import UserPreferencesRecipientFilter
+from invenio_users_resources.notifications.generators import UserRecipient
+
+from .generators import GroupMembersRecipientGenerator
+
+
+class EPApprovalNotificationBuilder(NotificationBuilder):
+    """Base notification builder for EP approval request actions."""
+
+    type: ClassVar[str] = "ep-approval-request"
+
+    context: ClassVar[list[ContextGenerator]] = [
+        EntityResolve(key="request"),
+        EntityResolve(key="request.topic"),
+        EntityResolve(key="request.receiver"),
+        # request.created_by and executing_user are intentionally omitted:
+        # when the action is performed by system_identity there is no resolvable
+        # user record, which causes a PermissionDeniedError in the users service.
+    ]
+
+    recipients: ClassVar[list[RecipientGenerator]] = []
+
+    recipient_filters: ClassVar[list[RecipientFilter]] = [
+        UserPreferencesRecipientFilter(),
+    ]
+
+    recipient_backends: ClassVar[list[UserEmailBackend]] = [
+        UserEmailBackend(),
+    ]
+
+    @classmethod
+    def build(cls, identity: Identity, request: Request) -> Notification:
+        """Build notification."""
+        return Notification(
+            type=cls.type,
+            context={
+                "executing_user": EntityResolverRegistry.reference_identity(identity),
+                "request": EntityResolverRegistry.reference_entity(request),
+            },
+        )
+
+
+class EPApprovalSubmitNotificationBuilder(EPApprovalNotificationBuilder):
+    """Notify the EP referee group when a request is submitted."""
+
+    type: ClassVar[str] = f"{EPApprovalNotificationBuilder.type}.submit"
+    # created_by omitted: submit can be triggered by system_identity which has
+    # no resolvable user record.
+    recipients: ClassVar[list[RecipientGenerator]] = [
+        GroupMembersRecipientGenerator("request.receiver"),
+    ]
+
+
+class EPApprovalAcceptNotificationBuilder(EPApprovalNotificationBuilder):
+    """Notify the submitter when their request is accepted."""
+
+    type: ClassVar[str] = f"{EPApprovalNotificationBuilder.type}.accept"
+    context: ClassVar[list[ContextGenerator]] = [
+        *EPApprovalNotificationBuilder.context,
+        EntityResolve(key="request.created_by"),
+    ]
+    recipients: ClassVar[list[RecipientGenerator]] = [
+        UserRecipient("request.created_by"),
+    ]
+
+
+class EPApprovalDeclineNotificationBuilder(EPApprovalNotificationBuilder):
+    """Notify the submitter when their request is declined."""
+
+    type: ClassVar[str] = f"{EPApprovalNotificationBuilder.type}.decline"
+    context: ClassVar[list[ContextGenerator]] = [
+        *EPApprovalNotificationBuilder.context,
+        EntityResolve(key="request.created_by"),
+    ]
+    recipients: ClassVar[list[RecipientGenerator]] = [
+        UserRecipient("request.created_by"),
+    ]
diff --git a/site/cds_rdm/notifications/generators.py b/site/cds_rdm/notifications/generators.py
new file mode 100644
index 00000000..c8f63d54
--- /dev/null
+++ b/site/cds_rdm/notifications/generators.py
@@ -0,0 +1,55 @@
+# -*- coding: utf-8 -*-
+#
+# This file is part of Invenio.
+# Copyright (C) 2025 CERN.
+#
+# Invenio is free software; you can redistribute it and/or modify it
+# under the terms of the GPL-2.0 License; see LICENSE file for more details.
+
+"""Notification recipient generators."""
+
+from __future__ import annotations
+
+from typing import Any
+
+from invenio_access.permissions import system_identity
+from invenio_accounts.models import Role
+from invenio_notifications.models import Notification, Recipient
+from invenio_notifications.services.generators import RecipientGenerator
+from invenio_records.dictutils import dict_lookup
+from invenio_search.engine import dsl
+from invenio_users_resources.proxies import current_users_service
+
+
+class GroupMembersRecipientGenerator(RecipientGenerator):
+    """Recipient generator that resolves all members of a group/role.
+
+    Looks up the group reference at ``key`` in the notification context,
+    then fetches every user belonging to that role and adds them as
+    recipients.
+    """
+
+    def __init__(self, key: str) -> None:
+        """Initialise with the context key pointing to the group."""
+        self.key = key
+
+    def __call__(
+        self,
+        notification: Notification,
+        recipients: dict[str, Recipient],
+    ) -> dict[str, Recipient]:
+        """Add all members of the referenced group to ``recipients``."""
+        group: dict[str, Any] = dict_lookup(notification.context, self.key)
+
+        role: Role = Role.query.filter(Role.id == group["id"]).one()
+
+        user_ids: list[str] = [str(u.id) for u in role.users]
+        if not user_ids:
+            return recipients
+
+        filter_: dsl.Q = dsl.Q("terms", **{"id": user_ids})
+        users = current_users_service.scan(system_identity, extra_filter=filter_)
+        for u in users:
+            recipients[u["id"]] = Recipient(data=u)
+
+        return recipients
diff --git a/site/cds_rdm/permissions.py b/site/cds_rdm/permissions.py
index 68c9818d..8e9a24e1 100644
--- a/site/cds_rdm/permissions.py
+++ b/site/cds_rdm/permissions.py
@@ -30,6 +30,7 @@
     ArchiverRead,
     AuthenticatedRegularUser,
     CERNEmailsGroups,
+    EPCommitteeReferee,
     HarvesterCurator,
     Librarian,
 )
@@ -70,15 +71,23 @@ class CDSRDMRecordPermissionPolicy(RDMRecordPermissionPolicy):
     """Record permission policy."""
 
     can_create = [AuthenticatedRegularUser(), SystemProcess()]
-    can_read = RDMRecordPermissionPolicy.can_read + [ArchiverRead()]
+    can_read = RDMRecordPermissionPolicy.can_read + [
+        ArchiverRead(),
+        EPCommitteeReferee(),
+    ]
     can_search = RDMRecordPermissionPolicy.can_search + [ArchiverRead()]
     can_search_revisions = RDMRecordPermissionPolicy.can_manage
-    can_read_files = RDMRecordPermissionPolicy.can_read_files + [ArchiverRead()]
+    can_read_files = RDMRecordPermissionPolicy.can_read_files + [
+        ArchiverRead(),
+        EPCommitteeReferee(),
+    ]
     can_get_content_files = RDMRecordPermissionPolicy.can_get_content_files + [
-        ArchiverRead()
+        ArchiverRead(),
+        EPCommitteeReferee(),
     ]
     can_media_get_content_files = RDMRecordPermissionPolicy.can_get_content_files + [
-        ArchiverRead()
+        ArchiverRead(),
+        EPCommitteeReferee(),
     ]
     can_read_deleted = [
         IfRecordDeleted(
@@ -118,6 +127,7 @@ class CDSJobLogsPermissionPolicy(JobLogsPermissionPolicy):
 
     can_read = JobLogsPermissionPolicy.can_search
 
+
 class CDSRequestsPermissionPolicy(RDMRequestsPermissionPolicy):
     """Requests permission policy."""
 
diff --git a/site/cds_rdm/requests/__init__.py b/site/cds_rdm/requests/__init__.py
new file mode 100644
index 00000000..34dc3420
--- /dev/null
+++ b/site/cds_rdm/requests/__init__.py
@@ -0,0 +1,13 @@
+# -*- coding: utf-8 -*-
+#
+# This file is part of Invenio.
+# Copyright (C) 2026 CERN.
+#
+# Invenio is free software; you can redistribute it and/or modify it
+# under the terms of the GPL-2.0 License; see LICENSE file for more details.
+
+"""CDS RDM request types."""
+
+from .ep_approval import EPApprovalRequest
+
+__all__ = ["EPApprovalRequest"]
diff --git a/site/cds_rdm/requests/ep_approval.py b/site/cds_rdm/requests/ep_approval.py
new file mode 100644
index 00000000..de4bf31e
--- /dev/null
+++ b/site/cds_rdm/requests/ep_approval.py
@@ -0,0 +1,317 @@
+# -*- coding: utf-8 -*-
+#
+# This file is part of Invenio.
+# Copyright (C) 2025 CERN.
+#
+# Invenio is free software; you can redistribute it and/or modify it
+# under the terms of the GPL-2.0 License; see LICENSE file for more details.
+
+"""EP Approval request type."""
+
+from __future__ import annotations
+
+from datetime import date, datetime, timezone
+from typing import Final
+
+from flask import current_app
+from flask_principal import Identity
+from invenio_access.permissions import system_identity
+from invenio_db import db
+from invenio_i18n import lazy_gettext as _
+from invenio_notifications.services.uow import NotificationOp
+from invenio_pidstore.models import PersistentIdentifier, PIDStatus
+from invenio_rdm_records.records.api import RDMRecord
+from invenio_rdm_records.requests.base import BaseRequest as RDMBaseRequest
+from invenio_records_resources.services.errors import PermissionDeniedError
+from invenio_records_resources.services.uow import UnitOfWork
+from invenio_requests.customizations import actions
+from invenio_requests.proxies import current_requests_service
+from marshmallow import ValidationError, fields
+
+from ..generators import EPWorkflowCommunityManager
+from ..notifications.ep_approval import (
+    EPApprovalAcceptNotificationBuilder,
+    EPApprovalDeclineNotificationBuilder,
+    EPApprovalSubmitNotificationBuilder,
+)
+
+# PID type stored in pidstore_pid.pid_type (VARCHAR(6) — keep ≤ 6 chars).
+# The identifier scheme name in record metadata is "apprn" (no length limit).
+# TODO: what is apprn? can we name this better?
+APPRN_PID_TYPE = "apprn"
+
+
+# ---------------------------------------------------------------------------
+# Actions
+# ---------------------------------------------------------------------------
+
+
+def _resolve_community_config(request):
+    """Resolve the EP approval config for the request's topic record.
+
+    Validates that:
+    - the topic record belongs to at least one community, and
+    - that community is enrolled in CDS_EP_APPROVAL_COMMUNITIES.
+
+    Raises ``ValueError`` with a descriptive message if either condition fails.
+    """
+    topic = request.topic.resolve()
+    default_community_id = topic.parent.get("communities", {}).get("default", "")
+    if not default_community_id:
+        raise ValidationError(
+            "The record is not part of any community. "
+            "It must belong to an EP-approval-enabled community before submitting."
+        )
+    ep_communities = current_app.config.get("CDS_EP_APPROVAL_COMMUNITIES", {})
+    if default_community_id in ep_communities:
+        return ep_communities[default_community_id]
+    raise ValidationError(
+        # TODO: do we need i18n for these errors?
+        "The record's community is not enrolled in the EP approval workflow. "
+        "Only records in EP-approval-enabled communities can be submitted."
+    )
+
+
+class EPApprovalSubmitAction(actions.CreateAndSubmitAction):
+    """Submit action — validate community enrollment and notify referees."""
+
+    def execute(self, identity: Identity, uow: UnitOfWork) -> None:
+        """Execute submit: validate community, store version ID, notify referees."""
+        # Enforce that only community managers of enrolled communities (or system)
+        # can submit. The base service only checks generic can_create.
+        topic = self.request.topic.resolve()
+        is_system = identity.id == "system"
+        allowed = is_system or any(
+            need in identity.provides
+            for need in EPWorkflowCommunityManager().needs(record=topic)
+        )
+        if not allowed:
+            raise PermissionDeniedError()
+
+        # Fail fast: ensure the record belongs to an enrolled community before
+        # the request is persisted as submitted.
+        _resolve_community_config(self.request)
+
+        # Reject if the parent already carries an approval report number.
+        if ((topic.parent.get("permission_flags") or {}).get("ep_approval") or {}).get(
+            "reportnumber"
+        ):
+            raise ValidationError(
+                "A version of this record already has an approval report number assigned. "
+                "A new EP approval request cannot be submitted."
+            )
+
+        # Reject if there is already a submitted (pending) request for ANY version
+        # in the family — prevents parallel submissions from older/newer versions.
+        parent_recids = []
+        for family_rec in RDMRecord.get_records_by_parent(topic.parent):
+            pid = PersistentIdentifier.query.filter_by(
+                pid_type="recid",
+                object_uuid=str(family_rec.id),
+                object_type="rec",
+            ).first()
+            if pid:
+                parent_recids.append(pid.pid_value)
+        parent_recids = parent_recids or [topic["id"]]
+
+        topic_query = " OR ".join(f'topic.record:"{r}"' for r in parent_recids)
+        existing = list(
+            current_requests_service.search(
+                system_identity,
+                params={
+                    "q": (
+                        f'({topic_query}) AND type:"ep-approval"'
+                        ' AND status:"submitted"'
+                    ),
+                    "size": 1,
+                },
+            ).hits
+        )
+        if existing:
+            raise ValidationError(
+                "An EP approval request is already pending for this record."
+            )
+
+        # Store the recid (pid_value) of the submitted version so that
+        # _propagate_to_newer_versions can match it against search hit["id"].
+        # The UUID (topic.id) is intentionally NOT stored here; it is resolved
+        # at accept time directly from the request topic.
+        # TODO: why do we need this
+        self.request["payload"]["submitted_version_id"] = topic["id"]
+
+        uow.register(
+            NotificationOp(
+                EPApprovalSubmitNotificationBuilder.build(
+                    identity=identity,
+                    request=self.request,
+                )
+            )
+        )
+        super().execute(identity, uow)
+
+
+class EPApprovalAcceptAction(actions.AcceptAction):
+    """Accept action — auto-generate the approval report number and assign it."""
+
+    def _community_config(self):
+        """Resolve the community config for this request (guaranteed enrolled at submit)."""
+        return _resolve_community_config(self.request)
+
+    def _generate_report_number(self, pattern: str) -> str:
+        """Auto-generate the next sequential report number for the given pattern.
+
+        Derives the next sequence number from the MAX existing apprn PID value
+        for this pattern prefix and year, not a COUNT.  This is robust to gaps
+        (deleted PIDs, failed accepts) — the sequence only ever goes forward.
+
+        The prefix is extracted by splitting on ``{seq`` so that zero-padded
+        formats like ``{seq:03d}`` do not produce a truncated prefix that misses
+        PIDs >= 010 (e.g. "CERN-EP-2026-00" would miss "CERN-EP-2026-010").
+
+        Pattern example: "CERN-EP-{year}-{seq:03d}"
+        """
+        year = date.today().year
+        # Split on "{seq" to get everything before the sequence placeholder,
+        # then format only the year part → "CERN-EP-2026-"
+        # TODO: I don't understand what this is doing
+        prefix = pattern.split("{seq")[0].format(year=year)
+        existing = PersistentIdentifier.query.filter(
+            PersistentIdentifier.pid_type == APPRN_PID_TYPE,
+            PersistentIdentifier.pid_value.like(f"{prefix}%"),
+        ).all()
+        max_seq = max(
+            (
+                int(p.pid_value[len(prefix) :])
+                for p in existing
+                if p.pid_value[len(prefix) :].isdigit()
+            ),
+            default=0,
+        )
+        return pattern.format(year=year, seq=max_seq + 1)
+
+    def _mint_apprn_pid(self, report_number: str, record_uuid: str) -> None:
+        """Mint the apprn PID pointing at the given record UUID."""
+        PersistentIdentifier.create(
+            pid_type=APPRN_PID_TYPE,
+            pid_value=report_number,
+            object_type="rec",
+            object_uuid=record_uuid,
+            status=PIDStatus.REGISTERED,
+        )
+
+    def execute(self, identity: Identity, uow: UnitOfWork) -> None:
+        """Execute accept: mint report number and write ep_approval to the parent.
+
+        All versions in the family share the same parent, so a single write is
+        visible to every version — no propagation or edit/publish cycle needed.
+        The apprn metadata identifier is NOT added here; it is only added by
+        CommitteeApprovalComponent when the public approved record is created
+        (detected by the presence of source_internal_version on the public parent).
+        """
+        config = self._community_config()
+        pattern = config["report_number_pattern"]
+        report_number = self._generate_report_number(pattern)
+
+        topic = self.request.topic.resolve()
+        submitted_version_recid = (
+            self.request["payload"].get("submitted_version_id") or topic["id"]
+        )
+
+        # TODO: do we not need to mint/reserve the report number when the request is created
+        # rather than accepted? E.g. maybe the curators need the number before publication
+        self._mint_apprn_pid(report_number, str(topic.id))
+
+        # Write ep_approval into permission_flags — single source of truth.
+        pf = topic.parent.get("permission_flags") or {}
+        pf["ep_approval"] = {
+            "reportnumber": report_number,
+            "datetime": datetime.now(timezone.utc).isoformat(),
+            "approved_internal_version": submitted_version_recid,
+        }
+        # TODO: why is this in `permission_flags`? It is instance-specific metadata so makes sense to go in a dict field,
+        # but why not create a generic `metadata` field or something.
+        topic.parent["permission_flags"] = pf
+        topic.parent.commit()
+        db.session.commit()
+
+        # Store on the request payload so the UI can display it.
+        self.request["payload"]["approved_report_number"] = report_number
+
+        uow.register(
+            NotificationOp(
+                EPApprovalAcceptNotificationBuilder.build(
+                    identity=identity,
+                    request=self.request,
+                )
+            )
+        )
+        super().execute(identity, uow)
+
+
+class EPApprovalDeclineAction(actions.DeclineAction):
+    """Decline action — notify the submitter."""
+
+    def execute(self, identity: Identity, uow: UnitOfWork) -> None:
+        """Execute decline."""
+        uow.register(
+            NotificationOp(
+                EPApprovalDeclineNotificationBuilder.build(
+                    identity=identity,
+                    request=self.request,
+                )
+            )
+        )
+        super().execute(identity, uow)
+
+
+class EPApprovalRequest(RDMBaseRequest):
+    """EP Approval request type.
+
+    Allows community managers of enrolled communities to request EP committee
+    approval for a specific record version. On acceptance CDS auto-generates
+    a report number (e.g. CERN-EP-2026-001) and assigns it to the record.
+    """
+
+    type_id: Final[str] = "ep-approval"
+    name: Final[str] = _("EP Approval")
+
+    available_actions: Final[dict] = {
+        **RDMBaseRequest.available_actions,
+        "create": EPApprovalSubmitAction,
+        "accept": EPApprovalAcceptAction,
+        "decline": EPApprovalDeclineAction,
+        "cancel": actions.CancelAction,
+    }
+
+    available_statuses: Final[dict] = {
+        **RDMBaseRequest.available_statuses,
+    }
+
+    creator_can_be_none: Final[bool] = False
+    topic_can_be_none: Final[bool] = False
+    receiver_can_be_none: Final[bool] = False
+
+    allowed_creator_ref_types: Final[list] = ["user"]
+    allowed_receiver_ref_types: Final[list] = ["group"]
+    allowed_topic_ref_types: Final[list] = ["record"]
+
+    # Payload fields collected from the submission form.
+    payload_schema: Final[dict] = {
+        # Populated automatically on submit, not from the form.
+        "submitted_version_id": fields.Str(load_default=None),
+        # Populated on accept by the system.
+        "approved_report_number": fields.Str(load_default=None),
+        # Form fields.
+        "experiment": fields.Str(required=True),
+        "submitted_by": fields.Str(required=True),
+        "role": fields.Str(required=True),
+        "publication_title": fields.Str(required=True),
+        "latest_version_url": fields.Str(load_default=None),
+        "rapid_approval": fields.Bool(load_default=False),
+        "cb_review_completed": fields.Bool(load_default=False),
+        "cb_process_type": fields.Str(load_default=None),  # "standard" | "accelerated"
+        "paper_signed": fields.Bool(load_default=True),
+        "num_non_signers": fields.Int(load_default=0),
+        "controversy": fields.Bool(load_default=False),
+        "additional_communication": fields.Str(load_default=None),
+    }
diff --git a/site/cds_rdm/requests/ep_approval_state.py b/site/cds_rdm/requests/ep_approval_state.py
new file mode 100644
index 00000000..3d2ffa78
--- /dev/null
+++ b/site/cds_rdm/requests/ep_approval_state.py
@@ -0,0 +1,227 @@
+# -*- coding: utf-8 -*-
+#
+# This file is part of Invenio.
+# Copyright (C) 2026 CERN.
+#
+# Invenio is free software; you can redistribute it and/or modify it
+# under the terms of the GPL-2.0 License; see LICENSE file for more details.
+
+"""EP Approval state helpers for the record landing page."""
+
+from flask import current_app, g
+from invenio_access.permissions import system_identity
+from invenio_communities.generators import CommunityRoleNeed
+from invenio_requests.proxies import current_requests_service
+
+
+def _get_enrolled_community(record_ui):
+    """Return (community_id, community_config) for enrolled communities, else (None, None)."""
+    ep_communities = current_app.config.get("CDS_EP_APPROVAL_COMMUNITIES", {})
+    parent = record_ui.get("parent", {}) if record_ui else {}
+    default_community_id = parent.get("communities", {}).get("default")
+    config = ep_communities.get(default_community_id) if default_community_id else None
+    return (default_community_id, config) if config else (None, None)
+
+
+def _get_parent_ep_approval(record):
+    """Read ep_approval dict directly from the parent record object.
+
+    Returns the dict or {} if not set / record not available.
+    """
+    try:
+        return (record._record.parent.get("permission_flags") or {}).get(
+            "ep_approval"
+        ) or {}
+    except Exception:
+        return {}
+
+
+def _get_open_request(record_id, parent_record=None):
+    """Return the most-recent EP approval request for the record family.
+
+    Uses parent.get_records_by_parent to build the topic query so we cover
+    all versions without a separate DB scan.
+    """
+    try:
+        from invenio_pidstore.models import PersistentIdentifier
+        from invenio_rdm_records.records.api import RDMRecord
+
+        if parent_record is not None:
+            recids = []
+            for rec in RDMRecord.get_records_by_parent(parent_record):
+                pid = PersistentIdentifier.query.filter_by(
+                    pid_type="recid",
+                    object_uuid=str(rec.id),
+                    object_type="rec",
+                ).first()
+                if pid:
+                    recids.append(pid.pid_value)
+        else:
+            recids = [record_id]
+
+        topic_query = " OR ".join(
+            f'topic.record:"{r}"' for r in (recids or [record_id])
+        )
+        results = current_requests_service.search(
+            system_identity,
+            params={
+                "q": (
+                    f'({topic_query}) AND type:"ep-approval"'
+                    ' AND (status:"submitted" OR status:"declined" OR status:"accepted")'
+                ),
+                "size": 1,
+                "sort": "newest",
+            },
+        )
+        hits = list(results.hits)
+        if not hits:
+            return None
+        req = hits[0]
+        return {
+            "id": req["id"],
+            "status": req.get("status"),
+            "links": req.get("links", {}),
+        }
+    except Exception:
+        return None
+
+
+def _check_can_curate_for_community(community_id):
+    """Return True if the current user is a curator, manager, or owner of the community."""
+    try:
+        identity = g.identity
+        return any(
+            CommunityRoleNeed(community_id, role) in identity.provides
+            for role in ("curator", "manager", "owner")
+        )
+    except Exception:
+        return False
+
+
+def _check_can_create_public(can_submit, ea, record_id):
+    """Return True if this version may be used as the source for a public record.
+
+    Requires:
+    - can_submit is True (user is a manager/owner)
+    - an approval number exists on the parent
+    - this version's index >= the approved version's index
+    - no public record has been created yet
+    """
+    if not can_submit:
+        return False
+    if not ea.get("reportnumber"):
+        return False
+    if ea.get("approved_public_version"):
+        return False
+    approved_version_recid = ea.get("approved_internal_version")
+    if not approved_version_recid or approved_version_recid == record_id:
+        return True
+    try:
+        from invenio_pidstore.models import PersistentIdentifier
+        from invenio_rdm_records.records.api import RDMRecord
+
+        appr_pid = PersistentIdentifier.get("recid", approved_version_recid)
+        appr_rec = RDMRecord.get_record(appr_pid.object_uuid)
+        cur_pid = PersistentIdentifier.get("recid", record_id)
+        cur_rec = RDMRecord.get_record(cur_pid.object_uuid)
+        return cur_rec.versions.index >= appr_rec.versions.index
+    except Exception:
+        return True  # fail open — backend will re-validate
+
+
+def get_ep_approval_state(record_ui, record=None):
+    """Return EP approval state for the record landing page.
+
+    Reads ep_approval from the parent record object (single source of truth).
+    No DB scans across versions needed.
+
+    Returns a dict with:
+      - can_submit: bool
+      - can_create_public: bool
+      - community_enrolled: bool
+      - is_public_approved_record: bool
+      - open_request: dict or None — {id, status, links}
+      - approved_report_number: str or None
+      - approval_date: str or None
+      - ep_approval: dict — raw parent ep_approval (for frontend version badges)
+      - draft_record_id: str or None
+      - receiver_group: str or None
+    """
+    # Read ep_approval from the parent.
+    ea = _get_parent_ep_approval(record)
+
+    # Early exit: this IS the public EP-approved copy.
+    # The public record's parent has source_internal_version set.
+    if ea.get("source_internal_version"):
+        default_community_id = (
+            (record_ui or {}).get("parent", {}).get("communities", {}).get("default")
+        )
+        can_view_reviewed_version = (
+            _check_can_curate_for_community(default_community_id)
+            if default_community_id
+            else False
+        )
+        return {
+            "can_submit": False,
+            "can_create_public": False,
+            "community_enrolled": False,
+            "is_public_approved_record": True,
+            "open_request": None,
+            "approved_report_number": ea.get("reportnumber"),
+            "approval_date": None,
+            "ep_approval": ea,
+            "draft_record_id": ea["source_internal_version"],
+            "can_view_reviewed_version": can_view_reviewed_version,
+            "receiver_group": None,
+            "cern_scientific_community_id": None,
+        }
+
+    # Check community enrollment.
+    community_id, community_config = _get_enrolled_community(record_ui)
+    if community_id is None:
+        return {
+            "can_submit": False,
+            "can_create_public": False,
+            "community_enrolled": False,
+            "is_public_approved_record": False,
+            "open_request": None,
+            "approved_report_number": None,
+            "approval_date": None,
+            "ep_approval": {},
+            "draft_record_id": None,
+            "can_view_reviewed_version": False,
+            "receiver_group": None,
+        }
+
+    record_id = record_ui.get("id") if record_ui else None
+
+    # Get the parent object for the request search (avoids re-scanning recids).
+    parent_record = None
+    try:
+        parent_record = record._record.parent
+    except Exception:
+        pass
+
+    open_request = _get_open_request(record_id, parent_record)
+    can_submit = _check_can_curate_for_community(community_id)
+    approved_report_number = ea.get("reportnumber")
+    can_create_public = _check_can_create_public(can_submit, ea, record_id)
+
+    cern_scientific_community_id = current_app.config.get(
+        "CDS_CERN_SCIENTIFIC_COMMUNITY_ID"
+    )
+
+    return {
+        "can_submit": can_submit,
+        "can_create_public": can_create_public,
+        "community_enrolled": True,
+        "is_public_approved_record": False,
+        "open_request": open_request,
+        "approved_report_number": approved_report_number,
+        "approval_date": ea.get("datetime"),
+        "ep_approval": ea,
+        "draft_record_id": None,
+        "can_view_reviewed_version": False,
+        "receiver_group": community_config.get("referee_group"),
+        "cern_scientific_community_id": cern_scientific_community_id,
+    }
diff --git a/site/cds_rdm/requests/views.py b/site/cds_rdm/requests/views.py
new file mode 100644
index 00000000..c5531b05
--- /dev/null
+++ b/site/cds_rdm/requests/views.py
@@ -0,0 +1,325 @@
+# -*- coding: utf-8 -*-
+#
+# This file is part of Invenio.
+# Copyright (C) 2025 CERN.
+#
+# Invenio is free software; you can redistribute it and/or modify it
+# under the terms of the GPL-2.0 License; see LICENSE file for more details.
+
+"""CDS EP Approval API views."""
+
+import copy
+
+from flask import Blueprint, current_app, g, jsonify, request
+from flask_login import login_required
+from invenio_access.permissions import system_identity
+from invenio_communities.communities.records.api import Community
+from invenio_communities.generators import CommunityRoleNeed
+from invenio_db import db
+from invenio_pidstore.errors import PIDDoesNotExistError
+from invenio_pidstore.models import PersistentIdentifier
+from invenio_rdm_records.proxies import (
+    current_rdm_records_service,
+    current_record_communities_service,
+)
+from invenio_rdm_records.records.api import RDMRecord
+from invenio_records_resources.services.errors import PermissionDeniedError
+from invenio_requests.proxies import current_requests_service
+from invenio_requests.resolvers.registry import ResolverRegistry
+
+from .ep_approval import EPApprovalRequest
+
+
+def create_ep_approval_bp(app):
+    """Create EP approval API blueprint."""
+    bp = Blueprint("cds_ep_approval", __name__)
+
+    @bp.route("/records/<pid_value>/ep-approval", methods=["POST"])
+    @login_required
+    def submit_ep_approval(pid_value):
+        """Submit an EP approval request for a published record."""
+        try:
+            record = current_rdm_records_service.read(
+                g.identity, pid_value, expand=False
+            )
+        except (PIDDoesNotExistError, PermissionDeniedError) as e:
+            return jsonify({"message": str(e)}), 409
+
+        body = request.get_json(force=True) or {}
+        receiver_group = body.pop("receiver_group", None)
+        payload = body.get("payload", {})
+
+        if not receiver_group:
+            return jsonify({"message": "receiver_group is required"}), 400
+
+        try:
+            # Resolve receiver group entity.
+            receiver = ResolverRegistry.resolve_entity(
+                {"group": receiver_group}, raise_=True
+            )
+
+            print("receiver", receiver, type(receiver))
+
+            title = record.data.get("metadata", {}).get("title", "")
+            req = current_requests_service.create(
+                identity=g.identity,
+                data={
+                    "title": f'EP approval for "{title}"',
+                    "payload": payload,
+                },
+                request_type=EPApprovalRequest,
+                receiver=receiver,
+                topic=record._record,
+            )
+        except PermissionDeniedError:
+            return jsonify({"message": "Permission denied"}), 403
+        except Exception as e:
+            return jsonify({"message": str(e)}), 400
+
+        return jsonify(req.to_dict()), 201
+
+    @bp.route("/records/<pid_value>/ep-approval/publish-public", methods=["POST"])
+    @login_required
+    def publish_public_record(pid_value):
+        """Create a public approved record from an approved draft.
+
+        Requires the calling user to be a community manager/owner of the
+        record's enrolled community.
+
+        Steps:
+        1. Read the approved draft — must have ep_approval.reportnumber set on parent.
+        2. Build a new public record: copy metadata + files, set access=public.
+        3. Create draft, import files, write ep_approval to both parents, publish.
+        4. Return the new public record id and links.
+        """
+        # --- read + authorise ---
+        try:
+            draft_record = current_rdm_records_service.read(
+                g.identity, pid_value, expand=False
+            )
+        except (PIDDoesNotExistError, PermissionDeniedError) as e:
+            return jsonify({"message": str(e)}), 403
+
+        # Read ep_approval from the internal draft's parent.
+        src_pid_obj = PersistentIdentifier.get("recid", pid_value)
+        src_rec_obj = RDMRecord.get_record(src_pid_obj.object_uuid)
+        ea = (src_rec_obj.parent.get("permission_flags") or {}).get("ep_approval") or {}
+        report_number = ea.get("reportnumber")
+
+        if not report_number:
+            return jsonify({"message": "Record has no approved report number."}), 400
+
+        # Check that the calling user is a community manager/owner of the enrolled community.
+        default_community_id = (
+            draft_record.data.get("parent", {}).get("communities", {}).get("default")
+        )
+        if not default_community_id:
+            return jsonify({"message": "Record has no default community."}), 400
+
+        identity = g.identity
+        allowed_roles = ("curator", "manager", "owner")
+        if not any(
+            CommunityRoleNeed(default_community_id, role) in identity.provides
+            for role in allowed_roles
+        ):
+            return jsonify({"message": "Permission denied"}), 403
+
+        # Reject if the calling version predates the approved version.
+        approved_version_recid = ea.get("approved_internal_version")
+        if approved_version_recid and approved_version_recid != pid_value:
+            try:
+                appr_pid = PersistentIdentifier.get("recid", approved_version_recid)
+                appr_rec = RDMRecord.get_record(appr_pid.object_uuid)
+                cur_pid = PersistentIdentifier.get("recid", pid_value)
+                cur_rec = RDMRecord.get_record(cur_pid.object_uuid)
+                if cur_rec.versions.index < appr_rec.versions.index:
+                    return (
+                        jsonify(
+                            {
+                                "message": (
+                                    "Cannot create a public record from a version that "
+                                    "predates the approved version."
+                                )
+                            }
+                        ),
+                        400,
+                    )
+            except Exception:
+                pass  # fail open — report_number check above already validated
+
+        # Guard: refuse if a public record was already created.
+        if ea.get("approved_public_version"):
+            return (
+                jsonify(
+                    {
+                        "message": "A public record for this approval already exists.",
+                        "id": ea["approved_public_version"],
+                    }
+                ),
+                409,
+            )
+
+        # --- build new public record data ---
+        src = draft_record.data
+        src_id = src["id"]
+
+        # Strip apprn from identifiers — CommitteeApprovalComponent regenerates it
+        # from ep_approval.reportnumber on every update_draft / publish.
+        new_identifiers = [
+            i
+            for i in src.get("metadata", {}).get("identifiers", [])
+            if i.get("scheme") != "apprn"
+        ]
+
+        new_related = list(src.get("metadata", {}).get("related_identifiers", []))
+        isversionof_entry = {
+            "identifier": src_id,
+            "scheme": "cds",
+            "relation_type": {"id": "isversionof"},
+        }
+        src_resource_type = src.get("metadata", {}).get("resource_type")
+        if src_resource_type:
+            isversionof_entry["resource_type"] = src_resource_type
+        new_related.append(isversionof_entry)
+
+        new_metadata = {
+            **copy.deepcopy(src.get("metadata", {})),
+            "identifiers": new_identifiers,
+            "related_identifiers": new_related,
+        }
+
+        # Strip committee_approval CF from public record — no longer used on versions.
+        new_custom_fields = {
+            k: v
+            for k, v in src.get("custom_fields", {}).items()
+            if k != "cern:committee_approval"
+        }
+
+        new_record_data = {
+            "metadata": new_metadata,
+            "custom_fields": new_custom_fields,
+            "access": {"record": "public", "files": "public"},
+            "files": {"enabled": src.get("files", {}).get("enabled", False)},
+        }
+
+        try:
+            # Create draft as the calling user so they own the public record.
+            new_draft = current_rdm_records_service.create(g.identity, new_record_data)
+            community_obj = Community.get_record(default_community_id)
+            new_draft._record.parent.communities.add(community_obj, default=True)
+            new_draft._record.parent.commit()
+
+            if src.get("files", {}).get("enabled", False):
+                new_draft._record.files.copy(src_rec_obj.files)
+                new_draft._record.commit()
+
+            # Write ep_approval into the public record's permission_flags.
+            # source_internal_version marks this as the public copy and links back.
+            pf = new_draft._record.parent.get("permission_flags") or {}
+            pf["ep_approval"] = {
+                "reportnumber": report_number,
+                "source_internal_version": src_id,
+            }
+            new_draft._record.parent["permission_flags"] = pf
+            new_draft._record.parent.commit()
+            db.session.commit()
+
+            # update_draft triggers CommitteeApprovalComponent which regenerates
+            # the apprn identifier (now reads from parent ep_approval).
+            new_record = current_rdm_records_service.publish(
+                system_identity, new_draft.id
+            )
+        except Exception as e:
+            return jsonify({"message": str(e)}), 400
+
+        # Submit an inclusion request to the CERN Research community.
+        cern_scientific_community_id = current_app.config.get(
+            "CDS_CERN_SCIENTIFIC_COMMUNITY_ID"
+        )
+        if cern_scientific_community_id:
+            try:
+                current_record_communities_service.add(
+                    system_identity,
+                    new_record.data["id"],
+                    data={
+                        "communities": [
+                            {
+                                "id": cern_scientific_community_id,
+                                "require_review": True,
+                                "comment": {
+                                    "payload": {
+                                        "content": (
+                                            f"This inclusion request was automatically "
+                                            f"generated when publishing the EP-approved "
+                                            f"public record for {report_number}. The "
+                                            f"document has been reviewed and approved by "
+                                            f"the EP Publication Committee."
+                                        )
+                                    }
+                                },
+                            }
+                        ]
+                    },
+                )
+            except Exception as e:
+                current_app.logger.warning(
+                    f"Could not submit CERN Research inclusion request for "
+                    f"{new_record.data['id']}: {e}"
+                )
+
+        new_record_id = new_record.data["id"]
+
+        # Write approved_public_version + source_public_version to the internal
+        # draft's parent so future page loads know a public record was created.
+        back_link_warning = None
+        try:
+            pf = src_rec_obj.parent.get("permission_flags") or {}
+            pf["ep_approval"] = {
+                **ea,
+                "approved_public_version": new_record_id,
+                "source_public_version": src_id,
+            }
+            src_rec_obj.parent["permission_flags"] = pf
+            src_rec_obj.parent.commit()
+            db.session.commit()
+
+            # Also add the isvariantformof back-link to the source version.
+            back_draft = current_rdm_records_service.edit(system_identity, id_=src_id)
+            back_data = back_draft.data
+            back_related = list(
+                back_data.get("metadata", {}).get("related_identifiers", [])
+            )
+            already_linked = any(
+                r.get("scheme") == "cds"
+                and (r.get("relation_type") or {}).get("id") == "isvariantformof"
+                and r.get("identifier") == new_record_id
+                for r in back_related
+            )
+            if not already_linked:
+                isvariantformof_entry = {
+                    "identifier": new_record_id,
+                    "scheme": "cds",
+                    "relation_type": {"id": "isvariantformof"},
+                }
+                pub_resource_type = new_record.data.get("metadata", {}).get(
+                    "resource_type"
+                )
+                if pub_resource_type:
+                    isvariantformof_entry["resource_type"] = pub_resource_type
+                back_related.append(isvariantformof_entry)
+                back_data["metadata"]["related_identifiers"] = back_related
+                current_rdm_records_service.update_draft(
+                    system_identity, id_=back_draft.id, data=back_data
+                )
+                current_rdm_records_service.publish(system_identity, id_=back_draft.id)
+        except Exception:
+            back_link_warning = (
+                "Public record created but back-link on source version failed."
+            )
+
+        response_body = {"id": new_record_id, "links": new_record.data.get("links", {})}
+        if back_link_warning:
+            response_body["warning"] = back_link_warning
+        return jsonify(response_body), 201
+
+    return bp
diff --git a/site/cds_rdm/schemes.py b/site/cds_rdm/schemes.py
index 93f5c847..68c4069b 100644
--- a/site/cds_rdm/schemes.py
+++ b/site/cds_rdm/schemes.py
@@ -152,6 +152,23 @@ def cds_report_number():
     return {"validator": lambda value: True, "normalizer": lambda value: value}
 
 
+# Matches patterns like CERN-EP-2026-001 or CERN-TH-2026-042
+approval_rn_regexp = re.compile(r"^[A-Z]+-[A-Z]+-\d{4}-\d+$")
+
+
+def is_approval_report_number(val):
+    """Test if argument is a valid approval report number."""
+    return bool(approval_rn_regexp.match(val))
+
+
+def approval_report_number():
+    """Define validator for auto-generated approval report numbers (apprn)."""
+    return {
+        "validator": is_approval_report_number,
+        "normalizer": lambda value: value,
+    }
+
+
 def cds():
     """Define scheme for CDS."""
     return {
diff --git a/site/cds_rdm/templates/semantic-ui/cds_rdm/records/detail.html b/site/cds_rdm/templates/semantic-ui/cds_rdm/records/detail.html
index 66999fc3..1d1e56a5 100644
--- a/site/cds_rdm/templates/semantic-ui/cds_rdm/records/detail.html
+++ b/site/cds_rdm/templates/semantic-ui/cds_rdm/records/detail.html
@@ -9,6 +9,34 @@
 
 {%- set clc_sync_entry = get_clc_sync_entry(record_ui) %}
 {%- set additional_permissions = evaluate_permissions(record, ['manage_clc_sync']) %}
+{%- set ep_approval_state = get_ep_approval_state(record_ui, record) %}
+
+{# Find the apprn identifier on the public EP-approved record. #}
+{%- set apprn_identifier = namespace(value=None) %}
+{%- for ident in record_ui.get("metadata", {}).get("identifiers", []) %}
+  {%- if ident.get("scheme") == "apprn" %}
+    {%- set apprn_identifier.value = ident.get("identifier") %}
+  {%- endif %}
+{%- endfor %}
+
+{%- block record_header -%}
+{{ super() }}
+{%- if apprn_identifier.value %}
+<script>
+  /* Inject apprn label into the right-aligned labels column, before the resource type label. */
+  document.addEventListener("DOMContentLoaded", function () {
+    var rightCol = document.querySelector("#record-info .right.floated.column");
+    if (rightCol) {
+      var label = document.createElement("span");
+      label.setAttribute("role", "note");
+      label.className = "ui label horizontal small blue mb-5";
+      label.textContent = "{{ apprn_identifier.value }}";
+      rightCol.insertBefore(label, rightCol.firstChild);
+    }
+  });
+</script>
+{%- endif %}
+{%- endblock record_header -%}
 
 
 {%- block record_content -%}
diff --git a/site/cds_rdm/templates/semantic-ui/cds_rdm/records/manage_menu.html b/site/cds_rdm/templates/semantic-ui/cds_rdm/records/manage_menu.html
index b67cdd3b..71ca61cb 100644
--- a/site/cds_rdm/templates/semantic-ui/cds_rdm/records/manage_menu.html
+++ b/site/cds_rdm/templates/semantic-ui/cds_rdm/records/manage_menu.html
@@ -8,3 +8,4 @@
 data-allowed-resource-types='{{ config.CLC_SYNC_ALLOWED_RESOURCE_TYPES | tojson }}'
 data-clc-sync-entry='{{ clc_sync_entry | tojson | safe }}'
 data-additional-permissions='{{ additional_permissions | tojson }}'
+data-ep-approval='{{ ep_approval_state | tojson | safe }}'
diff --git a/site/cds_rdm/templates/semantic-ui/invenio_requests/ep-approval/index.html b/site/cds_rdm/templates/semantic-ui/invenio_requests/ep-approval/index.html
new file mode 100644
index 00000000..b52ec4c2
--- /dev/null
+++ b/site/cds_rdm/templates/semantic-ui/invenio_requests/ep-approval/index.html
@@ -0,0 +1,154 @@
+{#
+  Copyright (C) 2025 CERN.
+
+  CDS-RDM is free software; you can redistribute it and/or modify it
+  under the terms of the GPL-2.0 License; see LICENSE file for more details.
+#}
+
+{# Request landing page for the EP Approval request type. #}
+
+{% extends "invenio_requests/details/index.html" %}
+
+{%- block request_header %}
+  {% if is_user_dashboard %}
+    {% set back_button_url = url_for("invenio_app_rdm_users.requests") %}
+  {% else %}
+    {% set back_button_url = "" %}
+  {% endif %}
+
+  <div class="computer-flex-header rel-mt-2">
+    {% if back_button_url %}
+      <div class="mb-10">
+        <a href="{{ back_button_url }}" class="ui small button labeled icon rel-mr-1">
+          <i class="ui icon left arrow" aria-hidden="true"></i>
+          {{ _("Back to requests") }}
+        </a>
+      </div>
+    {% endif %}
+    <div id="request-actions" class="flex align-items-start ml-auto mb-10"></div>
+  </div>
+
+  <div class="rel-mt-2">
+    <h2 class="ui header request-header">{{ invenio_request.title }}</h2>
+  </div>
+
+  <div class="ui divider"></div>
+{%- endblock request_header %}
+
+{%- block request_timeline %}
+
+  {# EP Approval payload — two-column split card above the standard conversation.
+     Left group: submission info (record, experiment, submitter, role, URL).
+     Right group: approval checklist (rapid, CB review, paper signed, controversy).
+     The standard React #request-detail (timeline + metadata sidebar) renders below.
+  #}
+  {% set payload = invenio_request["payload"] or {} %}
+  {% set record_self_html = record_ui.links.self_html if record_ui and record_ui.links else None %}
+
+  <div class="ui segment rel-mb-2">
+    <h4 class="ui header">{{ _("EP approval request") }}</h4>
+
+    {% if payload.get("approved_report_number") %}
+      <div class="ui positive message rel-mb-1">
+        <strong>{{ _("Approved report number:") }}</strong>
+        {{ payload["approved_report_number"] }}
+      </div>
+    {% endif %}
+
+    <div class="ui stackable two column grid">
+
+      {# Left column: submission details #}
+      <div class="column">
+        <table class="ui definition celled compact table">
+          <tbody>
+            {% if record_self_html %}
+              <tr>
+                <td class="four wide">{{ _("Record") }}</td>
+                <td>
+                  <a href="{{ record_self_html }}" target="_blank" rel="noopener noreferrer">
+                    {{ record_ui.metadata.title }}
+                  </a>
+                </td>
+              </tr>
+            {% endif %}
+            {% if payload.get("experiment") %}
+              <tr>
+                <td>{{ _("Experiment") }}</td>
+                <td>{{ payload["experiment"] }}</td>
+              </tr>
+            {% endif %}
+            {% if payload.get("submitted_by") %}
+              <tr>
+                <td>{{ _("Submitted by") }}</td>
+                <td>{{ payload["submitted_by"] }}</td>
+              </tr>
+            {% endif %}
+            {% if payload.get("role") %}
+              <tr>
+                <td>{{ _("Role") }}</td>
+                <td>{{ payload["role"] }}</td>
+              </tr>
+            {% endif %}
+            {% if payload.get("latest_version_url") %}
+              <tr>
+                <td>{{ _("Latest version at") }}</td>
+                <td>
+                  <a href="{{ payload['latest_version_url'] }}" target="_blank" rel="noopener noreferrer">
+                    {{ payload["latest_version_url"] }}
+                  </a>
+                </td>
+              </tr>
+            {% endif %}
+            {% if payload.get("additional_communication") %}
+              <tr>
+                <td>{{ _("Additional communication") }}</td>
+                <td style="white-space: pre-wrap">{{ payload["additional_communication"] }}</td>
+              </tr>
+            {% endif %}
+          </tbody>
+        </table>
+      </div>
+
+      {# Right column: approval checklist #}
+      <div class="column">
+        <table class="ui definition celled compact table">
+          <tbody>
+            <tr>
+              <td class="nine wide">{{ _("Rapid approval") }}</td>
+              <td>{{ _("Yes") if payload.get("rapid_approval") else _("No") }}</td>
+            </tr>
+            <tr>
+              <td>{{ _("CB review completed") }}</td>
+              <td>
+                {{ _("Yes") if payload.get("cb_review_completed") else _("No") }}
+                {% if payload.get("cb_review_completed") and payload.get("cb_process_type") %}
+                  ({{ payload["cb_process_type"] }})
+                {% endif %}
+              </td>
+            </tr>
+            <tr>
+              <td>{{ _("Paper signed by whole collaboration") }}</td>
+              <td>
+                {{ _("Yes") if payload.get("paper_signed") else _("No") }}
+                {% if not payload.get("paper_signed") and payload.get("num_non_signers") %}
+                  <br/><small>{{ payload["num_non_signers"] }} {{ _("non-signer(s)") }}</small>
+                {% endif %}
+              </td>
+            </tr>
+            {% if not payload.get("paper_signed") %}
+              <tr>
+                <td>{{ _("Controversy") }}</td>
+                <td>{{ _("Yes") if payload.get("controversy") else _("No") }}</td>
+              </tr>
+            {% endif %}
+          </tbody>
+        </table>
+      </div>
+
+    </div>{# end two column grid #}
+  </div>
+
+  {# Standard React conversation: timeline (13 wide) + metadata sidebar (3 wide). #}
+  {{ super() }}
+
+{%- endblock request_timeline %}
diff --git a/site/cds_rdm/webpack.py b/site/cds_rdm/webpack.py
index 3f5ce18b..3f0af266 100644
--- a/site/cds_rdm/webpack.py
+++ b/site/cds_rdm/webpack.py
@@ -22,7 +22,15 @@
                 "cds-rdm-linked-records": "./js/cds_rdm/linked-records/index.js",
                 "cds-rdm-harvester-reports": "./js/cds_rdm/administration/harvesterReports/index.js",
             },
-            dependencies={"three": "^0.182.0", "three-addons": "^1.2.0"},
+            dependencies={
+                "three": "^0.182.0",
+                "three-addons": "^1.2.0",
+                "@visx/group": "^3.12.0",
+                "@visx/responsive": "^3.12.0",
+                "@visx/scale": "^3.12.0",
+                "@visx/shape": "^3.12.0",
+                "@visx/text": "^3.12.0",
+            },
         ),
     },
 )
diff --git a/site/pyproject.toml b/site/pyproject.toml
index b4ce4111..1f521ab6 100644
--- a/site/pyproject.toml
+++ b/site/pyproject.toml
@@ -17,6 +17,7 @@ harvester_download = "cds_rdm.views:create_harvester_download_bp"
 
 [project.entry-points."invenio_base.api_blueprints"]
 clc_sync = "cds_rdm.views:create_cds_clc_sync_bp"
+ep_approval = "cds_rdm.requests.views:create_ep_approval_bp"
 
 [project.entry-points."invenio_celery.tasks"]
 cds_rdm_tasks = "cds_rdm.tasks"
@@ -31,8 +32,12 @@ process_inspire = "cds_rdm.inspire_harvester.jobs:ProcessInspireHarvesterJob"
 [project.entry-points."invenio_pidstore.minters"]
 legacy = "cds_rdm.minters:legacy_recid_minter"
 
+[project.entry-points."invenio_requests.types"]
+ep_approval = "cds_rdm.requests:EPApprovalRequest"
+
 [project.entry-points."idutils.custom_schemes"]
 cdsrn = "cds_rdm.schemes:cds_report_number"
+apprn = "cds_rdm.schemes:approval_report_number"
 aleph = "cds_rdm.schemes:aleph"
 inspire = "cds_rdm.schemes:inspire"
 inspire_author = "cds_rdm.schemes:inspire_author"
diff --git a/site/tests/conftest.py b/site/tests/conftest.py
index 902d7ec3..df3bb5b9 100644
--- a/site/tests/conftest.py
+++ b/site/tests/conftest.py
@@ -10,7 +10,6 @@
 from collections import namedtuple
 
 import pytest
-from celery import current_app as current_celery_app
 from flask import current_app
 from flask_webpackext.manifest import (
     JinjaManifest,
@@ -27,6 +26,7 @@
 from invenio_communities.communities.records.api import Community
 from invenio_communities.proxies import current_communities
 from invenio_i18n import lazy_gettext as _
+from invenio_notifications.services.builders import NotificationBuilder
 from invenio_pidstore.models import PersistentIdentifier, PIDStatus
 from invenio_rdm_records.cli import create_records_custom_field
 from invenio_rdm_records.config import (
@@ -37,7 +37,10 @@
     RDM_RECORDS_RELATED_IDENTIFIERS_SCHEMES,
     always_valid,
 )
+from invenio_rdm_records.proxies import current_rdm_records
+from invenio_rdm_records.records.api import RDMRecord
 from invenio_rdm_records.resources.serializers import DataCite43JSONSerializer
+from invenio_rdm_records.services.components import DefaultRecordsComponents
 from invenio_rdm_records.services.pids import providers
 from invenio_records_resources.proxies import current_service_registry
 from invenio_users_resources.records.api import UserAggregate
@@ -55,10 +58,16 @@
 from invenio_vocabularies.records.api import Vocabulary
 
 from cds_rdm import schemes
+from cds_rdm.components import CommitteeApprovalComponent
 from cds_rdm.custom_fields import CUSTOM_FIELDS, CUSTOM_FIELDS_UI, NAMESPACES
 from cds_rdm.inspire_harvester.reader import InspireHTTPReader
 from cds_rdm.inspire_harvester.transformer import InspireJsonTransformer
 from cds_rdm.inspire_harvester.writer import InspireWriter
+from cds_rdm.notifications.ep_approval import (
+    EPApprovalAcceptNotificationBuilder,
+    EPApprovalDeclineNotificationBuilder,
+    EPApprovalSubmitNotificationBuilder,
+)
 from cds_rdm.permissions import (
     CDSCommunitiesPermissionPolicy,
     CDSRDMRecordPermissionPolicy,
@@ -199,18 +208,21 @@ def app_config(app_config, mock_datacite_client, mock_crossref_client):
     app_config["CELERY_RESULT_BACKEND"] = "cache"
     app_config["REST_CSRF_ENABLED"] = False  # Disable CSRF globally for tests
     app_config["RDM_RECORDS_IDENTIFIERS_SCHEMES"] = {
-        **{
-            "cdsrn": {
-                "label": _("CDS Report Number"),
-                "validator": always_valid,
-                "datacite": "CDS",
-            },
-            "aleph": {
-                "label": _("Aleph number"),
-                "validator": schemes.is_aleph,
-                "datacite": "ALEPH",
-            },
-            "cds": {"label": _("CDS"), "validator": schemes.is_cds, "datacite": "CDS"},
+        "cdsrn": {
+            "label": _("CDS Report Number"),
+            "validator": always_valid,
+            "datacite": "CDS",
+        },
+        "aleph": {
+            "label": _("Aleph number"),
+            "validator": schemes.is_aleph,
+            "datacite": "ALEPH",
+        },
+        "cds": {"label": _("CDS"), "validator": schemes.is_cds, "datacite": "CDS"},
+        "apprn": {
+            "label": _("Approval Report Number"),
+            "validator": schemes.is_approval_report_number,
+            "datacite": "CERN",
         },
     }
     app_config["RDM_RECORDS_RELATED_IDENTIFIERS_SCHEMES"] = {
@@ -296,6 +308,29 @@ def app_config(app_config, mock_datacite_client, mock_crossref_client):
     app_config["RDM_CUSTOM_FIELDS"] = CUSTOM_FIELDS
     app_config["RDM_CUSTOM_FIELDS_UI"] = CUSTOM_FIELDS_UI
 
+    from invenio_requests.notifications.builders import (
+        CommentRequestEventCreateNotificationBuilder,
+        CommentRequestEventReplyNotificationBuilder,
+    )
+
+    app_config["NOTIFICATIONS_BUILDERS"] = {
+        EPApprovalSubmitNotificationBuilder.type: DummyNotificationBuilder,
+        EPApprovalAcceptNotificationBuilder.type: DummyNotificationBuilder,
+        EPApprovalDeclineNotificationBuilder.type: DummyNotificationBuilder,
+        CommentRequestEventCreateNotificationBuilder.type: DummyNotificationBuilder,
+        CommentRequestEventReplyNotificationBuilder.type: DummyNotificationBuilder,
+    }
+
+    # EP Approval communities — static dummy UUIDs for config-lookup tests.
+    # Tests that run the full accept action add their real community UUID at
+    # fixture time by mutating this dict directly (see ep_enrolled_community fixture).
+    app_config["CDS_EP_APPROVAL_COMMUNITIES"] = {}
+
+    app_config["RDM_RECORDS_SERVICE_COMPONENTS"] = [
+        CommitteeApprovalComponent,
+        *DefaultRecordsComponents,
+    ]
+
     return app_config
 
 
@@ -1606,3 +1641,92 @@ def name_full_data():
         ],
         "affiliations": [{"name": "CustomORG"}],
     }
+
+
+def _publish_record_in_community(identity, record_data, community, service):
+    """Helper: publish a record belonging to a community.
+
+    Follows the pattern from invenio-rdm-records tests/conftest.py:
+    add the community to the draft's parent before publishing.
+    """
+    draft = service.create(identity, record_data)
+    # Add community membership on the parent before publishing.
+    draft._record.parent.communities.add(community, default=True)
+    draft._record.parent.commit()
+    record = service.publish(identity, id_=draft.id)
+    RDMRecord.index.refresh()
+    return record
+
+
+@pytest.fixture()
+def ep_enrolled_community(community_service, running_app):
+    """Community enrolled in CDS_EP_APPROVAL_COMMUNITIES."""
+    community_data = {
+        "access": {
+            "visibility": "public",
+            "members_visibility": "public",
+            "record_submission_policy": "open",
+        },
+        "slug": "ep-enrolled",
+        "metadata": {"title": "EP Enrolled Community"},
+    }
+    community = community_service.create(system_identity, community_data)
+    Community.index.refresh()
+    current_app.config["CDS_EP_APPROVAL_COMMUNITIES"][str(community.id)] = {
+        "label": "EP approval",
+        "referee_group": "cds-ph-ep-publication",
+        "report_number_pattern": "CERN-EP-{year}-{seq:03d}",
+    }
+    return community._record
+
+
+@pytest.fixture()
+def ep_non_enrolled_community(community_service, running_app):
+    """Community NOT enrolled in CDS_EP_APPROVAL_COMMUNITIES."""
+    community_data = {
+        "access": {
+            "visibility": "public",
+            "members_visibility": "public",
+            "record_submission_policy": "open",
+        },
+        "slug": "ep-non-enrolled",
+        "metadata": {"title": "Non-EP Community"},
+    }
+    community = community_service.create(system_identity, community_data)
+    Community.index.refresh()
+    # Deliberately not added to CDS_EP_APPROVAL_COMMUNITIES.
+    return community._record
+
+
+@pytest.fixture()
+def record_in_enrolled_community(
+    minimal_restricted_record, uploader, ep_enrolled_community, running_app
+):
+    """Published record that belongs to an EP-enrolled community."""
+    service = current_rdm_records.records_service
+    return _publish_record_in_community(
+        uploader.identity, minimal_restricted_record, ep_enrolled_community, service
+    )
+
+
+@pytest.fixture()
+def record_in_non_enrolled_community(
+    minimal_restricted_record, uploader, ep_non_enrolled_community, running_app
+):
+    """Published record that belongs to a community NOT enrolled in EP approval."""
+    service = current_rdm_records.records_service
+    return _publish_record_in_community(
+        uploader.identity, minimal_restricted_record, ep_non_enrolled_community, service
+    )
+
+
+class DummyNotificationBuilder(NotificationBuilder):
+    """Dummy builder class to do nothing.
+
+    Specific test cases should override their respective builder to test functionality.
+    """
+
+    @classmethod
+    def build(cls, **kwargs):
+        """Build notification based on type and additional context."""
+        return {}
diff --git a/site/tests/test_ep_approval.py b/site/tests/test_ep_approval.py
new file mode 100644
index 00000000..54700f4d
--- /dev/null
+++ b/site/tests/test_ep_approval.py
@@ -0,0 +1,512 @@
+# -*- coding: utf-8 -*-
+#
+# Copyright (C) 2025 CERN.
+#
+# CDS-RDM is free software; you can redistribute it and/or modify it under
+# the terms of the MIT License; see LICENSE file for more details.
+
+"""Integration tests for the EP Approval workflow."""
+
+from datetime import date
+
+import pytest
+from invenio_access.permissions import system_identity
+from invenio_db import db
+from invenio_pidstore.models import PersistentIdentifier, PIDStatus
+from invenio_rdm_records.proxies import current_rdm_records
+from invenio_records_resources.services.errors import PermissionDeniedError
+from invenio_requests.proxies import (
+    current_request_type_registry,
+    current_requests_service,
+)
+from marshmallow import ValidationError
+
+from cds_rdm.requests.ep_approval import APPRN_PID_TYPE, EPApprovalAcceptAction
+from cds_rdm.schemes import is_approval_report_number
+
+# ---------------------------------------------------------------------------
+# Constants
+# ---------------------------------------------------------------------------
+
+YEAR = date.today().year
+EP_PATTERN = "CERN-EP-{year}-{seq:03d}"
+EP_GROUP_NAME = "cds-ph-ep-publication"
+
+
+# ---------------------------------------------------------------------------
+# Local fixtures
+# ---------------------------------------------------------------------------
+
+
+@pytest.fixture()
+def ep_referee_group(app, db):
+    """Create the EP referee role/group in the DB."""
+    ds = app.extensions["invenio-accounts"].datastore
+    role = ds.create_role(
+        id=EP_GROUP_NAME,
+        name=EP_GROUP_NAME,
+        description="EP publication committee",
+    )
+    db.session.commit()
+    return role
+
+
+@pytest.fixture()
+def ep_request_payload():
+    """Minimal valid EP approval request payload."""
+    return {
+        "payload": {
+            "experiment": "ATLAS",
+            "submitted_by": "Jane Doe",
+            "role": "Author",
+            "publication_title": "Search for new physics at the LHC",
+        }
+    }
+
+
+@pytest.fixture()
+def ep_referee(UserFixture, ep_referee_group, app, db):
+    """A user that is a member of the EP referee group.
+
+    The RoleNeed is injected directly — going through the full group membership
+    flow is out of scope for these tests.
+    """
+    from invenio_users_resources.records.api import UserAggregate
+
+    u = UserFixture(
+        email="ep-referee@inveniosoftware.org",
+        password="ep-referee",
+        preferences={
+            "visibility": "public",
+            "email_visibility": "restricted",
+            "notifications": {"enabled": True},
+        },
+        active=True,
+        confirmed=True,
+    )
+    u.create(app, db)
+    UserAggregate.index.refresh()
+
+    from flask_principal import RoleNeed
+
+    u.identity.provides.add(RoleNeed(EP_GROUP_NAME))
+    return u
+
+
+@pytest.fixture()
+def community_manager(UserFixture, ep_enrolled_community, app, db):
+    """A user with community-manager role in the EP-enrolled community.
+
+    The CommunityRoleNeed is injected directly into the identity because
+    user membership goes through invite→accept (out of scope here).
+    """
+    from invenio_communities.generators import CommunityRoleNeed
+    from invenio_users_resources.records.api import UserAggregate
+
+    u = UserFixture(
+        email="ep-manager@inveniosoftware.org",
+        password="ep-manager",
+        preferences={
+            "visibility": "public",
+            "email_visibility": "restricted",
+            "notifications": {"enabled": True},
+        },
+        active=True,
+        confirmed=True,
+    )
+    u.create(app, db)
+    UserAggregate.index.refresh()
+    u.identity.provides.add(
+        CommunityRoleNeed(str(ep_enrolled_community.id), "manager")
+    )
+    return u
+
+
+# ---------------------------------------------------------------------------
+# Scheme validator tests (pure unit)
+# ---------------------------------------------------------------------------
+
+
+def test_approval_rn_valid_ep_format():
+    """Standard CERN-EP format validates correctly."""
+    assert is_approval_report_number(f"CERN-EP-{YEAR}-001")
+    assert is_approval_report_number(f"CERN-EP-{YEAR}-42")
+    assert is_approval_report_number(f"CERN-EP-{YEAR}-999")
+
+
+def test_approval_rn_valid_th_format():
+    """Theory department format validates correctly."""
+    assert is_approval_report_number(f"CERN-TH-{YEAR}-001")
+    assert is_approval_report_number("CERN-TH-2099-100")
+
+
+def test_approval_rn_invalid_formats():
+    """Various invalid formats are rejected."""
+    assert not is_approval_report_number(f"cern-ep-{YEAR}-001")  # lowercase
+    assert not is_approval_report_number("CERN-EP-26-001")  # 2-digit year
+    assert not is_approval_report_number(f"CERN-EP-{YEAR}")  # missing seq
+    assert not is_approval_report_number(f"{YEAR}-001")  # missing prefix
+    assert not is_approval_report_number("")  # empty
+    assert not is_approval_report_number(f"CERN-EP-{YEAR}-abc")  # non-numeric seq
+
+
+# ---------------------------------------------------------------------------
+# Request type registration
+# ---------------------------------------------------------------------------
+
+
+def test_ep_approval_request_type_is_registered(app):
+    """EPApprovalRequest must be discoverable via the request type registry."""
+    request_type = current_request_type_registry.lookup("ep-approval", quiet=True)
+    assert request_type is not None
+    assert request_type.type_id == "ep-approval"
+
+
+# ---------------------------------------------------------------------------
+# Report number generation
+# ---------------------------------------------------------------------------
+
+
+def test_generate_report_number_first_of_year(app, db):
+    """First number minted in a year produces seq=1."""
+    action = EPApprovalAcceptAction.__new__(EPApprovalAcceptAction)
+    assert action._generate_report_number(EP_PATTERN) == f"CERN-EP-{YEAR}-001"
+
+
+def test_generate_report_number_sequential_increment(app, db):
+    """Each call increments the sequence based on existing PIDs."""
+    action = EPApprovalAcceptAction.__new__(EPApprovalAcceptAction)
+    prefix = f"CERN-EP-{YEAR}-"
+
+    for seq in ("001", "002"):
+        PersistentIdentifier.create(
+            pid_type=APPRN_PID_TYPE,
+            pid_value=f"{prefix}{seq}",
+            object_type="rec",
+            object_uuid="00000000-0000-0000-0000-000000000001",
+            status=PIDStatus.REGISTERED,
+        )
+    db.session.commit()
+
+    assert action._generate_report_number(EP_PATTERN) == f"CERN-EP-{YEAR}-003"
+
+
+def test_generate_report_number_independent_prefix_counters(app, db):
+    """EP and TH patterns use independent counters — no cross-contamination."""
+    action = EPApprovalAcceptAction.__new__(EPApprovalAcceptAction)
+
+    PersistentIdentifier.create(
+        pid_type=APPRN_PID_TYPE,
+        pid_value=f"CERN-EP-{YEAR}-001",
+        object_type="rec",
+        object_uuid="00000000-0000-0000-0000-000000000002",
+        status=PIDStatus.REGISTERED,
+    )
+    db.session.commit()
+
+    assert action._generate_report_number(EP_PATTERN) == f"CERN-EP-{YEAR}-002"
+    assert (
+        action._generate_report_number("CERN-TH-{year}-{seq:03d}")
+        == f"CERN-TH-{YEAR}-001"
+    )
+
+
+# ---------------------------------------------------------------------------
+# Full workflow: submit → accept (enrolled community)
+# ---------------------------------------------------------------------------
+
+
+def test_ep_approval_submit_accept_assigns_report_number(
+    record_in_enrolled_community,
+    community_manager,
+    ep_referee,
+    ep_request_payload,
+    app,
+    db,
+):
+    """Submit → accept: report number is auto-generated and stored on the request."""
+    request_type = current_request_type_registry.lookup("ep-approval")
+
+    request = current_requests_service.create(
+        identity=community_manager.identity,
+        data=ep_request_payload,
+        request_type=request_type,
+        receiver={"group": EP_GROUP_NAME},
+        topic={"record": record_in_enrolled_community.id},
+    )
+
+    assert request.data["status"] == "submitted"
+
+    accepted = current_requests_service.execute_action(
+        identity=ep_referee.identity,
+        id_=request.id,
+        action="accept",
+        data={"payload": {"content": "<p>.</p>", "format": "html"}},
+    )
+
+    assert accepted.data["status"] == "accepted"
+    report_number = accepted.data["payload"]["approved_report_number"]
+    assert report_number == f"CERN-EP-{YEAR}-001"
+
+    pid = PersistentIdentifier.query.filter_by(
+        pid_type=APPRN_PID_TYPE, pid_value=report_number
+    ).one()
+    assert str(pid.object_uuid) == str(record_in_enrolled_community._record.id)
+
+
+def test_ep_approval_second_request_increments_sequence(
+    record_in_enrolled_community,
+    community_manager,
+    ep_referee,
+    ep_request_payload,
+    ep_enrolled_community,
+    minimal_restricted_record,
+    app,
+    db,
+):
+    """A second accepted request gets the next sequential report number."""
+    request_type = current_request_type_registry.lookup("ep-approval")
+
+    r1 = current_requests_service.create(
+        identity=community_manager.identity,
+        data=ep_request_payload,
+        request_type=request_type,
+        receiver={"group": EP_GROUP_NAME},
+        topic={"record": record_in_enrolled_community.id},
+    )
+    current_requests_service.execute_action(
+        identity=ep_referee.identity,
+        id_=r1.id,
+        action="accept",
+        data={"payload": {"content": "<p>.</p>", "format": "html"}},
+    )
+
+    # Second record in the same enrolled community.
+    from .conftest import _publish_record_in_community
+
+    service = current_rdm_records.records_service
+    record2 = _publish_record_in_community(
+        community_manager.identity, minimal_restricted_record, ep_enrolled_community, service
+    )
+
+    r2 = current_requests_service.create(
+        identity=community_manager.identity,
+        data=ep_request_payload,
+        request_type=request_type,
+        receiver={"group": EP_GROUP_NAME},
+        topic={"record": record2.id},
+    )
+    accepted2 = current_requests_service.execute_action(
+        identity=ep_referee.identity,
+        id_=r2.id,
+        action="accept",
+        data={"payload": {"content": "<p>.</p>", "format": "html"}},
+    )
+
+    assert accepted2.data["payload"]["approved_report_number"] == f"CERN-EP-{YEAR}-002"
+
+
+# ---------------------------------------------------------------------------
+# Full workflow: submit → decline (enrolled community)
+# ---------------------------------------------------------------------------
+
+
+def test_ep_approval_submit_decline(
+    record_in_enrolled_community,
+    community_manager,
+    ep_referee,
+    ep_request_payload,
+    app,
+    db,
+):
+    """Submit → decline: status is declined and no report number is issued."""
+    request_type = current_request_type_registry.lookup("ep-approval")
+
+    request = current_requests_service.create(
+        identity=community_manager.identity,
+        data=ep_request_payload,
+        request_type=request_type,
+        receiver={"group": EP_GROUP_NAME},
+        topic={"record": record_in_enrolled_community.id},
+    )
+    assert request.data["status"] == "submitted"
+
+    declined = current_requests_service.execute_action(
+        identity=ep_referee.identity,
+        id_=request.id,
+        action="decline",
+        data={"payload": {"content": "<p>.</p>", "format": "html"}},
+    )
+
+    assert declined.data["status"] == "declined"
+    assert declined.data["payload"].get("approved_report_number") is None
+    assert PersistentIdentifier.query.filter_by(pid_type=APPRN_PID_TYPE).count() == 0
+
+
+# ---------------------------------------------------------------------------
+# Community enrollment validation
+# ---------------------------------------------------------------------------
+
+
+def test_ep_approval_submit_raises_for_record_without_community(
+    minimal_restricted_record, uploader, ep_referee_group, app, db
+):
+    """Submit raises ValidationError when the record belongs to no community."""
+    service = current_rdm_records.records_service
+    draft = service.create(uploader.identity, minimal_restricted_record)
+    record = service.publish(uploader.identity, id_=draft.id)
+
+    request_type = current_request_type_registry.lookup("ep-approval")
+    with pytest.raises(ValidationError, match="not part of any community"):
+        current_requests_service.create(
+            identity=system_identity,
+            data={
+                "payload": {
+                    "experiment": "OTHER",
+                    "submitted_by": "Someone",
+                    "role": "Author",
+                    "publication_title": "A paper",
+                }
+            },
+            request_type=request_type,
+            receiver={"group": EP_GROUP_NAME},
+            topic={"record": record.id},
+        )
+
+
+def test_ep_approval_submit_raises_for_non_enrolled_community(
+    record_in_non_enrolled_community, uploader, ep_referee_group, app, db
+):
+    """Submit raises ValidationError when the record's community is not enrolled."""
+    request_type = current_request_type_registry.lookup("ep-approval")
+    with pytest.raises(
+        ValidationError, match="not enrolled in the EP approval workflow"
+    ):
+        current_requests_service.create(
+            identity=system_identity,
+            data={
+                "payload": {
+                    "experiment": "OTHER",
+                    "submitted_by": "Someone",
+                    "role": "Author",
+                    "publication_title": "A paper",
+                }
+            },
+            request_type=request_type,
+            receiver={"group": EP_GROUP_NAME},
+            topic={"record": record_in_non_enrolled_community.id},
+        )
+
+
+# ---------------------------------------------------------------------------
+# CommitteeApprovalComponent — apprn identifier derived from parent ep_approval
+# ---------------------------------------------------------------------------
+
+
+def test_apprn_identifier_derived_from_parent(
+    minimal_restricted_record, uploader, app, db
+):
+    """CommitteeApprovalComponent derives apprn from parent ep_approval.
+
+    EP approval state lives on the parent record (not the version CF).
+    The apprn identifier is only added to records where the parent carries
+    ``source_internal_version`` — that marks the public approved copy.
+    The internal draft and all its versions do NOT carry the apprn identifier.
+    """
+    from invenio_pidstore.models import PersistentIdentifier
+    from invenio_rdm_records.records.api import RDMRecord
+
+    service = current_rdm_records.records_service
+
+    draft = service.create(uploader.identity, minimal_restricted_record)
+    record = service.publish(uploader.identity, id_=draft.id)
+
+    report_number = f"CERN-EP-{YEAR}-001"
+
+    # Simulate accept: write ep_approval into permission_flags (no source_internal_version).
+    pid_obj = PersistentIdentifier.get("recid", record.id)
+    rec_obj = RDMRecord.get_record(pid_obj.object_uuid)
+    pf = rec_obj.parent.get("permission_flags") or {}
+    pf["ep_approval"] = {
+        "reportnumber": report_number,
+        "approved_internal_version": record.id,
+    }
+    rec_obj.parent["permission_flags"] = pf
+    rec_obj.parent.commit()
+    db.session.commit()
+
+    # Update and re-publish: apprn should NOT be added (no source_internal_version).
+    sys_draft = service.edit(system_identity, id_=record.id)
+    record = service.publish(system_identity, id_=sys_draft.id)
+
+    apprn_ids = [
+        i for i in record.data.get("metadata", {}).get("identifiers", [])
+        if i.get("scheme") == "apprn"
+    ]
+    assert len(apprn_ids) == 0, "Internal draft must NOT carry the apprn identifier"
+
+    # Simulate public record: set source_internal_version in permission_flags.
+    pf = rec_obj.parent.get("permission_flags") or {}
+    pf["ep_approval"] = {
+        "reportnumber": report_number,
+        "source_internal_version": record.id,
+    }
+    rec_obj.parent["permission_flags"] = pf
+    rec_obj.parent.commit()
+    db.session.commit()
+
+    # Update draft again: apprn SHOULD now appear (source_internal_version present).
+    sys_draft2 = service.edit(system_identity, id_=record.id)
+    record2 = service.publish(system_identity, id_=sys_draft2.id)
+
+    apprn_ids = [
+        i for i in record2.data.get("metadata", {}).get("identifiers", [])
+        if i.get("scheme") == "apprn"
+    ]
+    assert len(apprn_ids) == 1 and apprn_ids[0]["identifier"] == report_number
+
+
+# ---------------------------------------------------------------------------
+# Permissions: who can submit an EP approval request
+# ---------------------------------------------------------------------------
+
+
+def test_ep_approval_submit_permissions(
+    record_in_enrolled_community,
+    uploader,
+    ep_referee_group,
+    ep_request_payload,
+    ep_enrolled_community,
+    app,
+    db,
+):
+    """Only community managers/owners of enrolled communities can submit."""
+    request_type = current_request_type_registry.lookup("ep-approval")
+
+    # Plain uploader (reader, not manager) — must be denied.
+    with pytest.raises(PermissionDeniedError):
+        current_requests_service.create(
+            identity=uploader.identity,
+            data=ep_request_payload,
+            request_type=request_type,
+            receiver={"group": EP_GROUP_NAME},
+            topic={"record": record_in_enrolled_community.id},
+        )
+
+    # Simulate the uploader being a community manager by injecting the need
+    # directly into the identity. members.add is groups-only; user membership
+    # goes through invite→accept which is out of scope for this permission test.
+    from invenio_communities.generators import CommunityRoleNeed
+
+    community_id = str(ep_enrolled_community.id)
+    uploader.identity.provides.add(CommunityRoleNeed(community_id, "manager"))
+
+    # Now as manager the uploader must be allowed.
+    request = current_requests_service.create(
+        identity=uploader.identity,
+        data=ep_request_payload,
+        request_type=request_type,
+        receiver={"group": EP_GROUP_NAME},
+        topic={"record": record_in_enrolled_community.id},
+    )
+    assert request.data["status"] == "submitted"
diff --git a/templates/semantic-ui/invenio_app_rdm/records/details/side_bar/versions.html b/templates/semantic-ui/invenio_app_rdm/records/details/side_bar/versions.html
new file mode 100644
index 00000000..d5bab760
--- /dev/null
+++ b/templates/semantic-ui/invenio_app_rdm/records/details/side_bar/versions.html
@@ -0,0 +1,29 @@
+{#
+  Copyright (C) 2020 CERN.
+  Copyright (C) 2020 Northwestern University.
+  Copyright (C) 2021 TU Wien.
+  Copyright (C) 2022 New York University.
+  Copyright (C) 2025 CERN.
+
+  Invenio RDM Records is free software; you can redistribute it and/or modify
+  it under the terms of the MIT License; see LICENSE file for more details.
+-#}
+
+<div class="sidebar-container">
+  <h2 class="ui medium top attached header mt-0">{{ _('Versions')}}</h2>
+  <div id="record-versions" class="ui segment rdm-sidebar bottom attached pl-0 pr-0 pt-0">
+    <div class="versions">
+      <div id="recordVersions" data-record='{{ record_ui | tojson }}' data-preview='{{ is_preview | tojson }}'>
+        <div class="rel-p-1"></div>
+        <div class="ui fluid placeholder rel-mr-1 rel-ml-1"></div>
+        <div class="header">
+          <div class="line"></div>
+          <div class="line"></div>
+          <div class="line"></div>
+        </div>
+      </div>
+    </div>
+
+
+  </div>
+</div>
diff --git a/templates/semantic-ui/invenio_notifications/ep-approval-request.submit.jinja b/templates/semantic-ui/invenio_notifications/ep-approval-request.submit.jinja
new file mode 100644
index 00000000..d018f756
--- /dev/null
+++ b/templates/semantic-ui/invenio_notifications/ep-approval-request.submit.jinja
@@ -0,0 +1,104 @@
+{% set ep_request = notification.context.request %}
+{% set record = ep_request.topic %}
+{% set request_id = ep_request.id %}
+{% set record_title = record.metadata.title %}
+{% set report_number = ep_request.title | replace('EP approval for "', '') | replace('"', '') %}
+{% if recipient.data.profile is defined and recipient.data.profile.full_name %}
+  {% set recipient_full_name = recipient.data.profile.full_name %}
+{% else %}
+  {% set recipient_full_name = recipient.data.name %}
+{% endif %}
+{% set help_url = config.CDS_SERVICE_ELEMENT_URL %}
+{% set request_link = "{ui}/me/requests/{id}".format(
+    ui=config.SITE_UI_URL, id=request_id
+    )
+%}
+{% set record_link = "{ui}/records/{id}".format(
+    ui=config.SITE_UI_URL, id=record.id
+    )
+%}
+{% set account_settings_link = "{ui}/account/settings/notifications".format(
+    ui=config.SITE_UI_URL
+    )
+%}
+
+{%- block subject -%}
+    [CDS] {{ _("Request for EP approval of '{record_title}'").format(record_title=record_title) }}
+{%- endblock subject -%}
+
+{%- block html_body -%}
+    <table style="font-family:'Lato',Helvetica,Arial,sans-serif;border-spacing:15px">
+        <tr>
+            <td>{{ _("Dear {recipient}").format(recipient=recipient_full_name) }},
+            </td>
+        </tr>
+        <tr>
+            <td>
+                {{ _("A new EP approval request has been submitted for the following document:") }}
+            </td>
+        </tr>
+        <tr>
+            <td>
+                <strong>{{ _("Title:") }}</strong> {{ record_title }}<br>
+                <strong>{{ _("Record:") }}</strong> <a href="{{ record_link }}">{{ record_link }}</a>
+            </td>
+        </tr>
+        <tr>
+            <td>{{ _("Please review the document and register your decision at the link below.") }}</td>
+        </tr>
+        <tr>
+            <td><a href="{{ request_link }}">{{ _("Review the approval request") }}</a></td>
+        </tr>
+        <tr>
+            <td>
+                {{ _("Best regards") }},<br>
+                --<br>
+                CERN Document Server <a href="{{ config.SITE_UI_URL }}">{{ config.SITE_UI_URL }}</a><br>
+                {{ _("Need help?") }} <a href="{{ help_url }}">{{ help_url }}</a>
+            </td>
+        </tr>
+        <tr>
+            <td style="font-size:smaller">{{ _("This is an auto-generated message. To manage notifications, visit your") }} <a href="{{ account_settings_link }}">{{ _("account settings") }}</a>.</td>
+        </tr>
+    </table>
+{%- endblock html_body %}
+
+{%- block plain_body -%}
+{{ _("Dear {recipient}").format(recipient=recipient_full_name) }},
+
+{{ _("A new EP approval request has been submitted for the following document:") }}
+
+{{ _("Title:") }} {{ record_title }}
+{{ _("Record:") }} {{ record_link }}
+
+{{ _("Please review the document and register your decision at the link below.") }}
+
+{{ _("Review the approval request:") }} {{ request_link }}
+
+{{ _("Best regards") }},
+--
+CERN Document Server {{ config.SITE_UI_URL }}
+{{ _("Need help? {help_url}").format(help_url=help_url) }}
+
+{{ _("This is an auto-generated message. To manage notifications, visit your account settings {account_settings_link}.").format(account_settings_link=account_settings_link) }}
+{%- endblock plain_body %}
+
+{%- block md_body -%}
+{{ _("Dear {recipient}").format(recipient=recipient_full_name) }},
+
+{{ _("A new EP approval request has been submitted for the following document:") }}
+
+**{{ _("Title:") }}** {{ record_title }}
+**{{ _("Record:") }}** {{ record_link }}
+
+{{ _("Please review the document and register your decision at the link below.") }}
+
+{{ _("Review the approval request:") }} {{ request_link }}
+
+{{ _("Best regards") }},
+--
+CERN Document Server {{ config.SITE_UI_URL }}
+{{ _("Need help? {help_url}").format(help_url=help_url) }}
+
+{{ _("This is an auto-generated message. To manage notifications, visit your account settings {account_settings_link}.").format(account_settings_link=account_settings_link) }}
+{%- endblock md_body -%}
diff --git a/templates/semantic-ui/invenio_requests/ep-approval/index.html b/templates/semantic-ui/invenio_requests/ep-approval/index.html
new file mode 100644
index 00000000..67f568a2
--- /dev/null
+++ b/templates/semantic-ui/invenio_requests/ep-approval/index.html
@@ -0,0 +1,120 @@
+{# -*- coding: utf-8 -*-
+
+  This file is part of Invenio.
+  Copyright (C) 2025 CERN.
+
+  Invenio is free software; you can redistribute it and/or modify it
+  under the terms of the MIT License; see LICENSE file for more details.
+#}
+
+{#
+  Renders the EP Approval request detail page.
+  Identical layout to community-submission, with the EP payload fields
+  displayed below the standard request header.
+#}
+
+{% extends "invenio_requests/community-submission/index.html" %}
+
+{% set active_dashboard_menu_item = 'requests' %}
+
+{%- block request_header %}
+  {{ super() }}
+
+  {# ── EP Approval payload summary ── #}
+  {% set p = invenio_request.get("payload", {}) %}
+  {% if p %}
+    <div class="ui segment ep-approval-payload rel-mb-2">
+      <h4 class="ui header">{{ _("Submission details") }}</h4>
+
+      {% if p.get("approved_report_number") %}
+        <div class="ui positive message rel-mb-1">
+          <strong>{{ _("Approved report number:") }}</strong> {{ p.approved_report_number }}
+        </div>
+      {% endif %}
+
+      <table class="ui definition celled compact table">
+        <tbody>
+
+          {# ── Submission info ── #}
+          <tr class="active">
+            <td colspan="2"><strong>{{ _("Submission info") }}</strong></td>
+          </tr>
+          {% if p.get("experiment") %}
+            <tr>
+              <td class="four wide">{{ _("Experiment") }}</td>
+              <td>{{ p.experiment }}</td>
+            </tr>
+          {% endif %}
+          {% if p.get("submitted_by") %}
+            <tr>
+              <td>{{ _("Submitted by") }}</td>
+              <td>{{ p.submitted_by }}</td>
+            </tr>
+          {% endif %}
+          {% if p.get("role") %}
+            <tr>
+              <td>{{ _("Role") }}</td>
+              <td>{{ p.role }}</td>
+            </tr>
+          {% endif %}
+          {% if p.get("publication_title") %}
+            <tr>
+              <td>{{ _("Publication title") }}</td>
+              <td>{{ p.publication_title }}</td>
+            </tr>
+          {% endif %}
+          {% if p.get("latest_version_url") %}
+            <tr>
+              <td>{{ _("Latest version at") }}</td>
+              <td>
+                <a href="{{ p.latest_version_url }}" target="_blank" rel="noopener noreferrer">
+                  {{ p.latest_version_url }}
+                </a>
+              </td>
+            </tr>
+          {% endif %}
+          {% if p.get("additional_communication") %}
+            <tr>
+              <td>{{ _("Additional communication") }}</td>
+              <td style="white-space: pre-wrap">{{ p.additional_communication }}</td>
+            </tr>
+          {% endif %}
+
+          {# ── Approval checklist ── #}
+          <tr class="active">
+            <td colspan="2"><strong>{{ _("Approval checklist") }}</strong></td>
+          </tr>
+          <tr>
+            <td>{{ _("Rapid approval") }}</td>
+            <td>{{ _("Yes") if p.get("rapid_approval") else _("No") }}</td>
+          </tr>
+          <tr>
+            <td>{{ _("CB review completed") }}</td>
+            <td>
+              {{ _("Yes") if p.get("cb_review_completed") else _("No") }}
+              {% if p.get("cb_review_completed") and p.get("cb_process_type") %}
+                ({{ p.cb_process_type }})
+              {% endif %}
+            </td>
+          </tr>
+          <tr>
+            <td>{{ _("Paper signed by whole collaboration") }}</td>
+            <td>
+              {{ _("Yes") if p.get("paper_signed") else _("No") }}
+              {% if not p.get("paper_signed") and p.get("num_non_signers") %}
+                <br/><small>{{ p.num_non_signers }} {{ _("non-signer(s)") }}</small>
+              {% endif %}
+            </td>
+          </tr>
+          {% if not p.get("paper_signed") %}
+            <tr>
+              <td>{{ _("Controversy") }}</td>
+              <td>{{ _("Yes") if p.get("controversy") else _("No") }}</td>
+            </tr>
+          {% endif %}
+
+        </tbody>
+      </table>
+    </div>
+  {% endif %}
+{%- endblock request_header %}
diff --git a/uv.lock b/uv.lock
index e58edce8..49cf7902 100644
--- a/uv.lock
+++ b/uv.lock
@@ -13,6 +13,7 @@ members = [
     "cds-rdm",
     "cds-rdm-app",
 ]
+overrides = [{ name = "invenio-requests", git = "https://github.com/inveniosoftware/invenio-requests.git?rev=feature%2Fep-approval" }]
 
 [[package]]
 name = "aiobotocore"
@@ -3102,7 +3103,7 @@ wheels = [
 
 [[package]]
 name = "invenio-app-rdm"
-version = "14.0.0rc1"
+version = "15.0.0b0.dev0"
 source = { registry = "https://pypi.org/simple" }
 dependencies = [
     { name = "cairosvg", version = "2.8.2", source = { registry = "https://pypi.org/simple" }, marker = "python_full_version < '3.10'" },
@@ -3144,9 +3145,9 @@ dependencies = [
     { name = "invenio-theme" },
     { name = "invenio-userprofiles" },
 ]
-sdist = { url = "https://files.pythonhosted.org/packages/97/74/01e5cc7ff97d730d946631477d90e680e00fa10944e7fa809625fce8170f/invenio_app_rdm-14.0.0rc1.tar.gz", hash = "sha256:34956743e4f1189dfd391ce9d83ffa62a5a9e29d3e6bfa02f1a9c6704a94f90c", size = 766388, upload-time = "2026-06-08T06:33:30.807Z" }
+sdist = { url = "https://files.pythonhosted.org/packages/49/6f/dd253a1d88a72e2396192bd4afc726e04d8158b5432fc0a66490586e17ee/invenio_app_rdm-15.0.0b0.dev0.tar.gz", hash = "sha256:0040196154d5c2bd6d50b5a18cee2d495f3c1983bb24f3d8c54e49be4e3bc6fe", size = 766253, upload-time = "2026-06-08T09:16:34.219Z" }
 wheels = [
-    { url = "https://files.pythonhosted.org/packages/47/48/fe5fdec69ae6a69f224be8e20beaf3b2e6bcea174f2192d6b8d9043f008c/invenio_app_rdm-14.0.0rc1-py2.py3-none-any.whl", hash = "sha256:8c955625ad522051f353fa44444fa7c1dad5100de2c291b91e20f881510ece6f", size = 1208884, upload-time = "2026-06-08T06:33:28.563Z" },
+    { url = "https://files.pythonhosted.org/packages/61/fc/e2257ade3751e467a667c9a2f0f1fe2ef6a248be2f3a3fdd47d9362ec8bd/invenio_app_rdm-15.0.0b0.dev0-py2.py3-none-any.whl", hash = "sha256:edd783ea35694d501f4b23c5dc45ba6642a74598563a223a7360d6500cc4889b", size = 1208941, upload-time = "2026-06-08T09:16:31.874Z" },
 ]
 
 [package.optional-dependencies]
@@ -3816,16 +3817,12 @@ wheels = [
 [[package]]
 name = "invenio-requests"
 version = "14.0.0"
-source = { registry = "https://pypi.org/simple" }
+source = { git = "https://github.com/inveniosoftware/invenio-requests.git?rev=feature%2Fep-approval#0279a1ea2129e831b6a57d904833414eef692062" }
 dependencies = [
     { name = "invenio-records-resources" },
     { name = "invenio-theme" },
     { name = "invenio-users-resources" },
 ]
-sdist = { url = "https://files.pythonhosted.org/packages/7b/10/e50636b67f49c253cfc472ec6cbcf373d3ea429cf022a0ac5f142a36defb/invenio_requests-14.0.0.tar.gz", hash = "sha256:e74ac7fdf4463ce79aa5d1d9f99f42b433b5ac20a8e2527125b7a5259284f19c", size = 179998, upload-time = "2026-06-05T13:14:59.897Z" }
-wheels = [
-    { url = "https://files.pythonhosted.org/packages/47/24/e8c6ff77622081db1ed7a1b630674b8204472d914db378daffe163f95a3a/invenio_requests-14.0.0-py2.py3-none-any.whl", hash = "sha256:401d7effe56bcf200d0368225174fcb611a4516afd79c63dee22216bbd62a382", size = 390547, upload-time = "2026-06-05T13:14:58.519Z" },
-]
 
 [[package]]
 name = "invenio-rest"