ROOH/openclaw_oauth_sync
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2db7d7d90a
openclaw_oauth_sync/docs/OPENCLAW-MODEL-CONFIG.md
sol 0b94cb8fd5 policies: add standard policy files, formatting, and secret scanning 
- Add .editorconfig, .prettierrc, .prettierignore, .gitignore
- Add Makefile with fmt, fmt-check, secret-scan, test (skip) targets
- Add package.json with prettier
- Add tools/secret-scan.sh
- Add .secret-scan-allowlist for documentation token format references
- Sanitize documentation to use generic placeholders
- Auto-format with prettier
- make check passes clean
2026-03-01 07:28:54 +00:00

3.4 KiB
Raw Blame History

Configuring Anthropic Models in OpenClaw

CRITICAL: Do NOT add an "anthropic" provider to models.providers

OpenClaw has a built-in Anthropic provider. You do NOT need to (and must NOT) add a custom anthropic entry to models.providers in openclaw.json.

Adding one causes the Anthropic SDK to append /v1 to your baseUrl, which already has /v1, resulting in:

https://api.anthropic.com/v1/v1/messages -> 404 Not Found

Correct Configuration

1. Set the primary model

In openclaw.json, under agents.defaults.model:

{
  "agents": {
    "defaults": {
      "model": {
        "primary": "anthropic/claude-opus-4-6",
        "fallbacks": ["anthropic/claude-sonnet-4-6", "google/gemini-3.1-pro-preview"]
      }
    }
  }
}

The anthropic/ prefix tells OpenClaw to use the built-in Anthropic provider. No extra configuration needed.

2. Add model aliases (optional)

Under agents.defaults.models:

{
  "agents": {
    "defaults": {
      "models": {
        "anthropic/claude-opus-4-6": {
          "alias": "Claude Opus 4.6 (Max)"
        },
        "anthropic/claude-sonnet-4-6": {
          "alias": "Claude Sonnet 4.6 (Max)"
        }
      }
    }
  }
}

3. Set ANTHROPIC_OAUTH_TOKEN in .env

In your OpenClaw .env file (e.g., /root/openclaw/.env):

ANTHROPIC_OAUTH_TOKEN="<YOUR-ACCESS-TOKEN>"

This is the fallback auth method. The gateway reads it as a container environment variable.

4. Create auth profiles for agents

Each agent needs an anthropic:default profile in its auth-profiles.json:

{
  "profiles": {
    "anthropic:default": {
      "type": "oauth",
      "provider": "anthropic",
      "access": "<YOUR-ACCESS-TOKEN>"
    }
  },
  "lastGood": {
    "anthropic": "anthropic:default"
  }
}

Important: The field must be access, NOT key. Using key with type: "oauth" causes the profile to be silently skipped.

5. Create oauth.json

At /root/.openclaw/credentials/oauth.json (maps to /home/node/.openclaw/credentials/oauth.json in the gateway container):

{
  "anthropic": {
    "access": "<YOUR-ACCESS-TOKEN>",
    "refresh": "<YOUR-REFRESH-TOKEN>",
    "expires": 1772120060006,
    "scopes": ["user:inference", "user:mcp_servers", "user:profile", "user:sessions:claude_code"],
    "subscriptionType": "max",
    "rateLimitTier": "default_claude_max_5x"
  }
}

Available Built-in Models

When using the built-in Anthropic provider:

  • anthropic/claude-opus-4-6
  • anthropic/claude-sonnet-4-6
  • Other models listed in the Anthropic API

Per-Agent Model Override

You can set a specific model per agent:

{
  "agents": {
    "list": [
      {
        "id": "my-agent",
        "model": "anthropic/claude-opus-4-6"
      }
    ]
  }
}

Authentication Flow

  1. Gateway checks auth-profiles.json for a valid anthropic:default profile
  2. For type: "oauth", it requires the access field (not key)
  3. If no valid profile: falls back to ANTHROPIC_OAUTH_TOKEN env var
  4. On startup, mergeOAuthFileIntoStore() reads oauth.json and merges credentials
  5. isOAuthToken() detects the <token-prefix> prefix
  6. Uses Bearer auth + Claude Code identity headers to call api.anthropic.com

OAuth Token Lifecycle

Tokens from Claude Max subscriptions expire every ~8 hours. Use the sync service from this project to keep them fresh automatically. See the main README for setup instructions.