Guides
CLI automation
Use openclaw onboard --non-interactive to script setup. It requires --accept-risk: non-interactive setup can write credentials and daemon config without a confirmation prompt, so the flag is the explicit risk acknowledgement.
Baseline non-interactive example
openclaw onboard --non-interactive --accept-risk \ --mode local \ --auth-choice apiKey \ --anthropic-api-key "$ANTHROPIC_API_KEY" \ --secret-input-mode plaintext \ --gateway-bind loopback \ --install-daemon \ --daemon-runtime node \ --skip-bootstrap \ --skip-skillsAdd --json for a machine-readable summary.
--gateway-portdefaults to18789; only pass it to override.--skip-bootstrapskips creating default workspace files, for automation that pre-seeds its own workspace.--secret-input-mode refstores an env-backed reference ({ source: "env", provider: "default", id: "<ENV_VAR>" }) in the auth profile instead of the plaintext key. In non-interactiverefmode, the provider env var must already be set in the process environment: passing an inline key flag without its matching env var fails fast.
openclaw onboard --non-interactive --accept-risk \ --mode local \ --auth-choice openai-api-key \ --secret-input-mode refProvider-specific examples
Anthropic API key example
openclaw onboard --non-interactive --accept-risk \ --mode local \ --auth-choice apiKey \ --anthropic-api-key "$ANTHROPIC_API_KEY" \ --gateway-bind loopbackCloudflare AI Gateway example
openclaw onboard --non-interactive --accept-risk \ --mode local \ --auth-choice cloudflare-ai-gateway-api-key \ --cloudflare-ai-gateway-account-id "your-account-id" \ --cloudflare-ai-gateway-gateway-id "your-gateway-id" \ --cloudflare-ai-gateway-api-key "$CLOUDFLARE_AI_GATEWAY_API_KEY" \ --gateway-bind loopbackGemini example
openclaw onboard --non-interactive --accept-risk \ --mode local \ --auth-choice gemini-api-key \ --gemini-api-key "$GEMINI_API_KEY" \ --gateway-bind loopbackMistral example
openclaw onboard --non-interactive --accept-risk \ --mode local \ --auth-choice mistral-api-key \ --mistral-api-key "$MISTRAL_API_KEY" \ --gateway-bind loopbackMoonshot example
openclaw onboard --non-interactive --accept-risk \ --mode local \ --auth-choice moonshot-api-key \ --moonshot-api-key "$MOONSHOT_API_KEY" \ --gateway-bind loopbackOllama example
openclaw onboard --non-interactive --accept-risk \ --mode local \ --auth-choice ollama \ --custom-model-id "qwen3.5:27b" \ --gateway-bind loopbackOpenCode example
openclaw onboard --non-interactive --accept-risk \ --mode local \ --auth-choice opencode-zen \ --opencode-zen-api-key "$OPENCODE_API_KEY" \ --gateway-bind loopbackSwap to --auth-choice opencode-go --opencode-go-api-key "$OPENCODE_API_KEY" for the Go catalog.
Synthetic example
openclaw onboard --non-interactive --accept-risk \ --mode local \ --auth-choice synthetic-api-key \ --synthetic-api-key "$SYNTHETIC_API_KEY" \ --gateway-bind loopbackVercel AI Gateway example
openclaw onboard --non-interactive --accept-risk \ --mode local \ --auth-choice ai-gateway-api-key \ --ai-gateway-api-key "$AI_GATEWAY_API_KEY" \ --gateway-bind loopbackZ.AI example
openclaw onboard --non-interactive --accept-risk \ --mode local \ --auth-choice zai-api-key \ --zai-api-key "$ZAI_API_KEY" \ --gateway-bind loopbackCustom provider example
openclaw onboard --non-interactive --accept-risk \ --mode local \ --auth-choice custom-api-key \ --custom-base-url "https://llm.example.com/v1" \ --custom-model-id "foo-large" \ --custom-api-key "$CUSTOM_API_KEY" \ --custom-provider-id "my-custom" \ --custom-compatibility anthropic \ --custom-image-input \ --gateway-bind loopback--custom-api-key is optional; some endpoints do not require auth. If omitted, onboarding checks CUSTOM_API_KEY in env. --custom-provider-id is optional and auto-derived from the base URL when omitted. --custom-compatibility defaults to openai (other values: openai-responses, anthropic).
OpenClaw infers image-input support from known vision model-id patterns (gpt-4o, claude-3/4, gemini, -vl/vision suffixes, and similar). Add --custom-image-input to force it on for an unrecognized vision model, or --custom-text-input to force text-only.
Ref-mode variant, storing apiKey as { source: "env", provider: "default", id: "CUSTOM_API_KEY" }:
export CUSTOM_API_KEY="your-key"openclaw onboard --non-interactive --accept-risk \ --mode local \ --auth-choice custom-api-key \ --custom-base-url "https://llm.example.com/v1" \ --custom-model-id "foo-large" \ --secret-input-mode ref \ --custom-provider-id "my-custom" \ --custom-compatibility anthropic \ --custom-image-input \ --gateway-bind loopbackAnthropic setup-token auth remains supported, but OpenClaw prefers Claude CLI reuse when a local Claude CLI login is available. For production, prefer an Anthropic API key.
Add another agent
openclaw agents add <name> creates a separate agent with its own workspace, sessions, and auth profiles. Running it without --workspace (and no other flags) launches the interactive wizard; passing any of --workspace, --model, --agent-dir, --bind, or --non-interactive runs it non-interactively and then requires --workspace.
openclaw agents add work \ --workspace ~/.openclaw/workspace-work \ --model openai/gpt-5.5 \ --bind whatsapp:biz \ --non-interactive \ --jsonConfig keys it writes (agents.list[] entry for the new agent id):
nameworkspaceagentDirmodel(only when--modelis passed)
Notes:
- Default workspace (when
--workspaceis omitted in the interactive wizard):~/.openclaw/workspace-<agentId>. --bind <channel[:accountId]>is repeatable; add bindings to route inbound messages to the new agent (the wizard can also do this interactively).- The agent name is normalized to a valid agent id;
mainis reserved.
Related docs
- Onboarding hub: Onboarding (CLI)
- Full reference: CLI Setup Reference
- Command reference:
openclaw onboard