2.2 KiB
summary, read_when
| summary | read_when | ||
|---|---|---|---|
| Model authentication: OAuth, API keys, and Claude Code token reuse |
|
Authentication
Clawdbot supports OAuth and API keys for model providers. For Anthropic
subscription accounts, the most stable path is to reuse Claude Code OAuth
credentials, including the 1‑year token created by claude setup-token.
See /concepts/oauth for the full OAuth flow and storage layout.
Recommended: long‑lived Claude Code token
Run this on the gateway host (the machine running the Gateway):
claude setup-token
This issues a long‑lived OAuth token (not an API key) and stores it for Claude Code. Then sync and verify:
clawdbot models status
clawdbot doctor
Automation-friendly check (exit 1 when expired/missing, 2 when expiring):
clawdbot models status --check
Optional ops scripts (systemd/Termux) are documented here: /automation/auth-monitoring
clawdbot models status loads Claude Code credentials into Clawdbot’s
auth-profiles.json and shows expiry (warns within 24h by default).
clawdbot doctor also performs the sync when it runs.
claude setup-tokenrequires an interactive TTY.
Checking model auth status
clawdbot models status
clawdbot doctor
How sync works
- Claude Code stores credentials in
~/.claude/.credentials.json(or Keychain on macOS). - Clawdbot syncs those into
~/.clawdbot/agents/<agentId>/agent/auth-profiles.jsonwhen the auth store is loaded. - OAuth refresh happens automatically on use if a token is expired.
Troubleshooting
“No credentials found”
If the Anthropic OAuth profile is missing, run claude setup-token on the
gateway host, then re-check:
clawdbot models status
Token expiring/expired
Run clawdbot models status to confirm which profile is expiring. If the profile
is anthropic:claude-cli, rerun claude setup-token.
Requirements
- Claude Max or Pro subscription (for
claude setup-token) - Claude Code CLI installed (
claudecommand available)