let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: document provider auth plugins

Browse Source
This commit is contained in:
Peter Steinberger
2026-01-16 00:39:29 +00:00
parent 6084421ec6
commit 96daa51d45
3 changed files with 60 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/cli/models.md
View File

@@ -37,6 +37,9 @@ clawdbot models fallbacks list
```bash ```bash
clawdbot models auth add clawdbot models auth add
clawdbot models auth login --provider <id>
clawdbot models auth setup-token clawdbot models auth setup-token
clawdbot models auth paste-token clawdbot models auth paste-token
``` ```
`models auth login` runs a provider plugins auth flow (OAuth/API key). Use
`clawdbot plugins list` to see which providers are installed.

7
docs/concepts/oauth.md
View File

@@ -15,6 +15,13 @@ Clawdbot supports “subscription auth” via OAuth for providers that offer it
- how we **reuse external CLI tokens** (Claude Code / Codex CLI) - how we **reuse external CLI tokens** (Claude Code / Codex CLI)
- how to handle **multiple accounts** (profiles + per-session overrides) - how to handle **multiple accounts** (profiles + per-session overrides)
Clawdbot also supports **provider plugins** that ship their own OAuth or APIkey
flows. Run them via:
```bash
clawdbot models auth login --provider <id>
```
## The token sink (why it exists) ## The token sink (why it exists)
OAuth providers commonly mint a **new refresh token** during login/refresh flows. Some providers (or OAuth clients) can invalidate older refresh tokens when a new one is issued for the same user/app. OAuth providers commonly mint a **new refresh token** during login/refresh flows. Some providers (or OAuth clients) can invalidate older refresh tokens when a new one is issued for the same user/app.

50
docs/plugin.md
View File

@@ -172,6 +172,56 @@ Plugins export either:
- A function: `(api) => { ... }` - A function: `(api) => { ... }`
- An object: `{ id, name, configSchema, register(api) { ... } }` - An object: `{ id, name, configSchema, register(api) { ... } }`
## Provider plugins (model auth)
Plugins can register **model provider auth** flows so users can run OAuth or
API-key setup inside Clawdbot (no external scripts needed).
Register a provider via `api.registerProvider(...)`. Each provider exposes one
or more auth methods (OAuth, API key, device code, etc.). These methods power:
- `clawdbot models auth login --provider <id> [--method <id>]`
Example:
```ts
api.registerProvider({
id: "acme",
label: "AcmeAI",
auth: [
{
id: "oauth",
label: "OAuth",
kind: "oauth",
run: async (ctx) => {
// Run OAuth flow and return auth profiles.
return {
profiles: [
{
profileId: "acme:default",
credential: {
type: "oauth",
provider: "acme",
access: "...",
refresh: "...",
expires: Date.now() + 3600 * 1000,
},
},
],
defaultModel: "acme/opus-1",
};
},
},
],
});
```
Notes:
- `run` receives a `ProviderAuthContext` with `prompter`, `runtime`,
`openUrl`, and `oauth.createVpsAwareHandlers` helpers.
- Return `configPatch` when you need to add default models or provider config.
- Return `defaultModel` so `--set-default` can update agent defaults.
### Register a messaging channel ### Register a messaging channel
Plugins can register **channel plugins** that behave like builtin channels Plugins can register **channel plugins** that behave like builtin channels