refactor: rename clawdbot to moltbot with legacy compat
This commit is contained in:
Peter Steinberger
@@ -1,24 +1,24 @@
|
||||
---
|
||||
summary: "OAuth in Clawdbot: token exchange, storage, and multi-account patterns"
|
||||
summary: "OAuth in Moltbot: token exchange, storage, and multi-account patterns"
|
||||
read_when:
|
||||
- You want to understand Clawdbot OAuth end-to-end
|
||||
- You want to understand Moltbot OAuth end-to-end
|
||||
- You hit token invalidation / logout issues
|
||||
- You want setup-token or OAuth auth flows
|
||||
- You want multiple accounts or profile routing
|
||||
---
|
||||
# OAuth
|
||||
|
||||
Clawdbot supports “subscription auth” via OAuth for providers that offer it (notably **OpenAI Codex (ChatGPT OAuth)**). For Anthropic subscriptions, use the **setup-token** flow. This page explains:
|
||||
Moltbot supports “subscription auth” via OAuth for providers that offer it (notably **OpenAI Codex (ChatGPT OAuth)**). For Anthropic subscriptions, use the **setup-token** flow. This page explains:
|
||||
|
||||
- how the OAuth **token exchange** works (PKCE)
|
||||
- where tokens are **stored** (and why)
|
||||
- how to handle **multiple accounts** (profiles + per-session overrides)
|
||||
|
||||
Clawdbot also supports **provider plugins** that ship their own OAuth or API‑key
|
||||
Moltbot also supports **provider plugins** that ship their own OAuth or API‑key
|
||||
flows. Run them via:
|
||||
|
||||
```bash
|
||||
clawdbot models auth login --provider <id>
|
||||
moltbot models auth login --provider <id>
|
||||
```
|
||||
|
||||
## The token sink (why it exists)
|
||||
@@ -26,9 +26,9 @@ clawdbot models auth login --provider <id>
|
||||
OAuth providers commonly mint a **new refresh token** during login/refresh flows. Some providers (or OAuth clients) can invalidate older refresh tokens when a new one is issued for the same user/app.
|
||||
|
||||
Practical symptom:
|
||||
- you log in via Clawdbot *and* via Claude Code / Codex CLI → one of them randomly gets “logged out” later
|
||||
- you log in via Moltbot *and* via Claude Code / Codex CLI → one of them randomly gets “logged out” later
|
||||
|
||||
To reduce that, Clawdbot treats `auth-profiles.json` as a **token sink**:
|
||||
To reduce that, Moltbot treats `auth-profiles.json` as a **token sink**:
|
||||
- the runtime reads credentials from **one place**
|
||||
- we can keep multiple profiles and route them deterministically
|
||||
|
||||
@@ -46,37 +46,37 @@ All of the above also respect `$CLAWDBOT_STATE_DIR` (state dir override). Full r
|
||||
|
||||
## Anthropic setup-token (subscription auth)
|
||||
|
||||
Run `claude setup-token` on any machine, then paste it into Clawdbot:
|
||||
Run `claude setup-token` on any machine, then paste it into Moltbot:
|
||||
|
||||
```bash
|
||||
clawdbot models auth setup-token --provider anthropic
|
||||
moltbot models auth setup-token --provider anthropic
|
||||
```
|
||||
|
||||
If you generated the token elsewhere, paste it manually:
|
||||
|
||||
```bash
|
||||
clawdbot models auth paste-token --provider anthropic
|
||||
moltbot models auth paste-token --provider anthropic
|
||||
```
|
||||
|
||||
Verify:
|
||||
|
||||
```bash
|
||||
clawdbot models status
|
||||
moltbot models status
|
||||
```
|
||||
|
||||
## OAuth exchange (how login works)
|
||||
|
||||
Clawdbot’s interactive login flows are implemented in `@mariozechner/pi-ai` and wired into the wizards/commands.
|
||||
Moltbot’s interactive login flows are implemented in `@mariozechner/pi-ai` and wired into the wizards/commands.
|
||||
|
||||
### Anthropic (Claude Pro/Max) setup-token
|
||||
|
||||
Flow shape:
|
||||
|
||||
1) run `claude setup-token`
|
||||
2) paste the token into Clawdbot
|
||||
2) paste the token into Moltbot
|
||||
3) store as a token auth profile (no refresh)
|
||||
|
||||
The wizard path is `clawdbot onboard` → auth choice `setup-token` (Anthropic).
|
||||
The wizard path is `moltbot onboard` → auth choice `setup-token` (Anthropic).
|
||||
|
||||
### OpenAI Codex (ChatGPT OAuth)
|
||||
|
||||
@@ -89,7 +89,7 @@ Flow shape (PKCE):
|
||||
5) exchange at `https://auth.openai.com/oauth/token`
|
||||
6) extract `accountId` from the access token and store `{ access, refresh, expires, accountId }`
|
||||
|
||||
Wizard path is `clawdbot onboard` → auth choice `openai-codex`.
|
||||
Wizard path is `moltbot onboard` → auth choice `openai-codex`.
|
||||
|
||||
## Refresh + expiry
|
||||
|
||||
@@ -110,8 +110,8 @@ Two patterns:
|
||||
If you want “personal” and “work” to never interact, use isolated agents (separate sessions + credentials + workspace):
|
||||
|
||||
```bash
|
||||
clawdbot agents add work
|
||||
clawdbot agents add personal
|
||||
moltbot agents add work
|
||||
moltbot agents add personal
|
||||
```
|
||||
|
||||
Then configure auth per-agent (wizard) and route chats to the right agent.
|
||||
@@ -128,7 +128,7 @@ Example (session override):
|
||||
- `/model Opus@anthropic:work`
|
||||
|
||||
How to see what profile IDs exist:
|
||||
- `clawdbot channels list --json` (shows `auth[]`)
|
||||
- `moltbot channels list --json` (shows `auth[]`)
|
||||
|
||||
Related docs:
|
||||
- [/concepts/model-failover](/concepts/model-failover) (rotation + cooldown rules)
|
||||
|
||||
Reference in New Issue
Block a user