Skip to content

fix: resolve Control UI token mismatch + add device commands#69

Merged
vignesh07 merged 1 commit into
mainfrom
fix/pr50-token-and-devices
Feb 11, 2026
Merged

fix: resolve Control UI token mismatch + add device commands#69
vignesh07 merged 1 commit into
mainfrom
fix/pr50-token-and-devices

Conversation

@vignesh07

Copy link
Copy Markdown
Owner

Port of #50 with a couple hardening tweaks:

  • Sets gateway.remote.token to match gateway.auth.token during setup (fixes Control UI token mismatch / unauthorized)
  • Adds openclaw devices list and openclaw devices approve <requestId> to the debug console allowlist
  • Adds requestId validation (alnum/_/- only)
  • Adds a small unit test (node --test)

Credits: @bamao88

… validation)

Adds gateway.remote.token setup to prevent Control UI token mismatch and exposes devices list/approve in the debug console. Validates requestId and adds a small unit test.
@vignesh07 vignesh07 merged commit 51811fa into main Feb 11, 2026
1 check passed
@vignesh07 vignesh07 deleted the fix/pr50-token-and-devices branch February 11, 2026 04:30
@vignesh07 vignesh07 mentioned this pull request Feb 11, 2026
gginesta pushed a commit to gginesta/clawdbot-railway-template that referenced this pull request Apr 28, 2026
…penclaw.json

Root cause: Molty's secrets migration wrote tokenRef to Leonardo's auth-profiles.json
on the shared volume, but didn't add the filemain provider to Leonardo's openclaw.json.
v2026.2.26 enforces fail-fast on missing secret providers (v2026.2.25 was lenient).
Fix: inject provider config via Railway start command (Lesson vignesh07#69). All agents now on v2026.2.26.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant