let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions 4 Packages Projects Releases Wiki Activity
Files
db4d0b8e7519c17d9a82052242452c52b2d4d341
clawdbot/docs/concepts/model-failover.md
Peter Steinberger db4d0b8e75 docs: reorganize documentation structure
2026-01-07 00:45:46 +01:00

3.3 KiB
Raw Blame History

summary, read_when
summary read_when
How Clawdbot rotates auth profiles and falls back across models
Diagnosing auth profile rotation, cooldowns, or model fallback behavior
Updating failover rules for auth profiles or models

Model failover

Clawdbot handles failures in two stages:

  1. Auth profile rotation within the current provider.
  2. Model fallback to the next model in agent.model.fallbacks.

This doc explains the runtime rules and the data that backs them.

Auth storage (keys + OAuth)

Clawdbot uses auth profiles for both API keys and OAuth tokens.

  • Secrets live in ~/.clawdbot/agents/<agentId>/agent/auth-profiles.json (legacy: ~/.clawdbot/agent/auth-profiles.json).
  • Config auth.profiles / auth.order are metadata + routing only (no secrets).
  • Legacy import-only OAuth file: ~/.clawdbot/credentials/oauth.json (imported into auth-profiles.json on first use).

Credential types:

  • type: "api_key"{ provider, key }
  • type: "oauth"{ provider, access, refresh, expires, email? } (+ projectId/enterpriseUrl for some providers)

Profile IDs

OAuth logins create distinct profiles so multiple accounts can coexist.

  • Default: provider:default when no email is available.
  • OAuth with email: provider:<email> (for example google-antigravity:user@gmail.com).

Profiles live in ~/.clawdbot/agents/<agentId>/agent/auth-profiles.json under profiles.

Rotation order

When a provider has multiple profiles, Clawdbot chooses an order like this:

  1. Explicit config: auth.order[provider] (if set).
  2. Configured profiles: auth.profiles filtered by provider.
  3. Stored profiles: entries in auth-profiles.json for the provider.

If no explicit order is configured, Clawdbot uses a roundrobin order:

  • Primary key: profile type (OAuth before API keys).
  • Secondary key: usageStats.lastUsed (oldest first, within each type).
  • Cooldown profiles are moved to the end, ordered by soonest cooldown expiry.

Why OAuth can “look lost”

If you have both an OAuth profile and an API key profile for the same provider, roundrobin can switch between them across messages unless pinned. To force a single profile:

  • Pin with auth.order[provider] = ["provider:profileId"], or
  • Use a per-session override via /model … with a profile override (when supported by your UI/chat surface).

Cooldowns

When a profile fails due to auth/ratelimit errors (or a timeout that looks like rate limiting), Clawdbot marks it in cooldown and moves to the next profile.

Cooldowns use exponential backoff:

  • 1 minute
  • 5 minutes
  • 25 minutes
  • 1 hour (cap)

State is stored in auth-profiles.json under usageStats:

{
  "usageStats": {
    "provider:profile": {
      "lastUsed": 1736160000000,
      "cooldownUntil": 1736160600000,
      "errorCount": 2
    }
  }
}

Model fallback

If all profiles for a provider fail, Clawdbot moves to the next model in agent.model.fallbacks. This applies to auth failures, rate limits, and timeouts that exhausted profile rotation.

Related config

See docs/configuration.md for:

  • auth.profiles / auth.order
  • agent.model.primary / agent.model.fallbacks
  • agent.imageModel routing

See docs/models.md for the broader model selection and fallback overview.

Reference in New Issue View Git Blame Copy Permalink