CLI Reference
CLI reference
Section titled “CLI reference”This page describes the current CLI behavior. If commands change, update this doc.
Command pages
Section titled “Command pages”setuponboardconfigureconfigcompletiondoctordashboardbackupresetuninstallupdatemessageagentagentsacpmcpstatushealthsessionsgatewaylogssystemmodelsmemorydirectorynodesdevicesnodeapprovalssandboxtuibrowsercrontasksdnsdocshookswebhookspairingqrplugins(plugin commands)channelssecuritysecretsskillsdaemon(legacy alias for gateway service commands)clawbot(legacy alias namespace)voicecall(plugin; if installed)
Global flags
Section titled “Global flags”--dev: isolate state under~/.openclaw-devand shift default ports.--profile <name>: isolate state under~/.openclaw-<name>.--container <name>: target a named container for execution.--no-color: disable ANSI colors.--update: shorthand foropenclaw update(source installs only).-V,--version,-v: print version and exit.
Output styling
Section titled “Output styling”- ANSI colors and progress indicators only render in TTY sessions.
- OSC-8 hyperlinks render as clickable links in supported terminals; otherwise we fall back to plain URLs.
--json(and--plainwhere supported) disables styling for clean output.--no-colordisables ANSI styling;NO_COLOR=1is also respected.- Long-running commands show a progress indicator (OSC 9;4 when supported).
Color palette
Section titled “Color palette”OpenClaw uses a lobster palette for CLI output.
accent(#FF5A2D): headings, labels, primary highlights.accentBright(#FF7A3D): command names, emphasis.accentDim(#D14A22): secondary highlight text.info(#FF8A5B): informational values.success(#2FBF71): success states.warn(#FFB020): warnings, fallbacks, attention.error(#E23D2D): errors, failures.muted(#8B7F77): de-emphasis, metadata.
Palette source of truth: src/terminal/palette.ts (the “lobster palette”).
Command tree
Section titled “Command tree”openclaw [--dev] [--profile <name>] <command> setup onboard configure config get set unset file validate completion doctor dashboard backup create verify security audit secrets reload audit configure apply reset uninstall update channels list status logs add remove login logout directory skills list info check plugins list inspect install uninstall update enable disable doctor marketplace list memory status index search message send broadcast agent agents list add delete bindings bind unbind set-identity acp mcp status health sessions cleanup tasks list show notify cancel flow list|show|cancel gateway call health status probe discover install uninstall start stop restart run daemon status install uninstall start stop restart logs system event heartbeat last|enable|disable presence models list status set set-image aliases list|add|remove fallbacks list|add|remove|clear image-fallbacks list|add|remove|clear scan auth add|login|login-github-copilot|setup-token|paste-token auth order get|set|clear sandbox list recreate explain cron status list add edit rm enable disable runs run nodes devices node run status install uninstall start stop restart approvals get set allowlist add|remove browser status start stop reset-profile tabs open focus close profiles create-profile delete-profile screenshot snapshot navigate resize click type press hover drag select upload fill dialog wait evaluate console pdf hooks list info check enable disable install update webhooks gmail setup|run pairing list approve qr clawbot qr docs dns setup tuiNote: plugins can add additional top-level commands (for example openclaw voicecall).
Security
Section titled “Security”openclaw security audit— audit config + local state for common security foot-guns.openclaw security audit --deep— best-effort live Gateway probe.openclaw security audit --fix— tighten safe defaults and chmod state/config.
Secrets
Section titled “Secrets”openclaw secrets reload— re-resolve refs and atomically swap the runtime snapshot.openclaw secrets audit— scan for plaintext residues, unresolved refs, and precedence drift (--allow-execto execute exec providers during audit).openclaw secrets configure— interactive helper for provider setup + SecretRef mapping + preflight/apply (--allow-execto execute exec providers during preflight and exec-containing apply flows).openclaw secrets apply --from <plan.json>— apply a previously generated plan (--dry-runsupported; use--allow-execto permit exec providers in dry-run and exec-containing write plans).
Plugins
Section titled “Plugins”Manage extensions and their config:
openclaw plugins list— discover plugins (use--jsonfor machine output).openclaw plugins inspect <id>— show details for a plugin (infois an alias).openclaw plugins install <path|.tgz|npm-spec|plugin@marketplace>— install a plugin (or add a plugin path toplugins.load.paths).openclaw plugins marketplace list <marketplace>— list marketplace entries before install.openclaw plugins enable <id>/disable <id>— toggleplugins.entries.<id>.enabled.openclaw plugins doctor— report plugin load errors.
Most plugin changes require a gateway restart. See /plugin.
Memory
Section titled “Memory”Vector search over MEMORY.md + memory/*.md:
openclaw memory status— show index stats.openclaw memory index— reindex memory files.openclaw memory search "<query>"(or--query "<query>") — semantic search over memory.
Chat slash commands
Section titled “Chat slash commands”Chat messages support /... commands (text and native). See /tools/slash-commands.
Highlights:
/statusfor quick diagnostics./configfor persisted config changes./debugfor runtime-only config overrides (memory, not disk; requirescommands.debug: true).
Setup + onboarding
Section titled “Setup + onboarding”Initialize config + workspace.
Options:
--workspace <dir>: agent workspace path (default~/.openclaw/workspace).--wizard: run onboarding.--non-interactive: run onboarding without prompts.--mode <local|remote>: onboard mode.--remote-url <url>: remote Gateway URL.--remote-token <token>: remote Gateway token.
Onboarding auto-runs when any onboarding flags are present (--non-interactive, --mode, --remote-url, --remote-token).
onboard
Section titled “onboard”Interactive onboarding for gateway, workspace, and skills.
Options:
--workspace <dir>--reset(reset config + credentials + sessions before onboarding)--reset-scope <config|config+creds+sessions|full>(defaultconfig+creds+sessions; usefullto also remove workspace)--non-interactive--mode <local|remote>--flow <quickstart|advanced|manual>(manual is an alias for advanced)--auth-choice <choice>where<choice>is one of:setup-token,token,chutes,deepseek-api-key,openai-codex,openai-api-key,openrouter-api-key,kilocode-api-key,litellm-api-key,ai-gateway-api-key,cloudflare-ai-gateway-api-key,moonshot-api-key,moonshot-api-key-cn,kimi-code-api-key,synthetic-api-key,venice-api-key,together-api-key,huggingface-api-key,apiKey,gemini-api-key,google-gemini-cli,zai-api-key,zai-coding-global,zai-coding-cn,zai-global,zai-cn,xiaomi-api-key,minimax-global-oauth,minimax-global-api,minimax-cn-oauth,minimax-cn-api,opencode-zen,opencode-go,github-copilot,copilot-proxy,xai-api-key,mistral-api-key,volcengine-api-key,byteplus-api-key,qianfan-api-key,modelstudio-standard-api-key-cn,modelstudio-standard-api-key,modelstudio-api-key-cn,modelstudio-api-key,custom-api-key,skip--token-provider <id>(non-interactive; used with--auth-choice token)--token <token>(non-interactive; used with--auth-choice token)--token-profile-id <id>(non-interactive; default:<provider>:manual)--token-expires-in <duration>(non-interactive; e.g.365d,12h)--secret-input-mode <plaintext|ref>(defaultplaintext; userefto store provider default env refs instead of plaintext keys)--anthropic-api-key <key>--openai-api-key <key>--mistral-api-key <key>--openrouter-api-key <key>--ai-gateway-api-key <key>--moonshot-api-key <key>--kimi-code-api-key <key>--gemini-api-key <key>--zai-api-key <key>--minimax-api-key <key>--opencode-zen-api-key <key>--opencode-go-api-key <key>--custom-base-url <url>(non-interactive; used with--auth-choice custom-api-key)--custom-model-id <id>(non-interactive; used with--auth-choice custom-api-key)--custom-api-key <key>(non-interactive; optional; used with--auth-choice custom-api-key; falls back toCUSTOM_API_KEYwhen omitted)--custom-provider-id <id>(non-interactive; optional custom provider id)--custom-compatibility <openai|anthropic>(non-interactive; optional; defaultopenai)--gateway-port <port>--gateway-bind <loopback|lan|tailnet|auto|custom>--gateway-auth <token|password>--gateway-token <token>--gateway-token-ref-env <name>(non-interactive; storegateway.auth.tokenas an env SecretRef; requires that env var to be set; cannot be combined with--gateway-token)--gateway-password <password>--remote-url <url>--remote-token <token>--tailscale <off|serve|funnel>--tailscale-reset-on-exit--install-daemon--no-install-daemon(alias:--skip-daemon)--daemon-runtime <node|bun>--skip-channels--skip-skills--skip-search--skip-health--skip-ui--cloudflare-ai-gateway-account-id <id>--cloudflare-ai-gateway-gateway-id <id>--node-manager <npm|pnpm|bun>(pnpm recommended; bun not recommended for Gateway runtime)--json
configure
Section titled “configure”Interactive configuration wizard (models, channels, skills, gateway).
config
Section titled “config”Non-interactive config helpers (get/set/unset/file/schema/validate). Running openclaw config with no
subcommand launches the wizard.
Subcommands:
config get <path>: print a config value (dot/bracket path).config set: supports four assignment modes:- value mode:
config set <path> <value>(JSON5-or-string parsing) - SecretRef builder mode:
config set <path> --ref-provider <provider> --ref-source <source> --ref-id <id> - provider builder mode:
config set secrets.providers.<alias> --provider-source <env|file|exec> ... - batch mode:
config set --batch-json '<json>'orconfig set --batch-file <path>
- value mode:
config set --dry-run: validate assignments without writingopenclaw.json(exec SecretRef checks are skipped by default).config set --allow-exec --dry-run: opt in to exec SecretRef dry-run checks (may execute provider commands).config set --dry-run --json: emit machine-readable dry-run output (checks + completeness signal, operations, refs checked/skipped, errors).config set --strict-json: require JSON5 parsing for path/value input.--jsonremains a legacy alias for strict parsing outside dry-run output mode.config unset <path>: remove a value.config file: print the active config file path.config schema: print the generated JSON schema foropenclaw.json.config validate: validate the current config against the schema without starting the gateway.config validate --json: emit machine-readable JSON output.
doctor
Section titled “doctor”Health checks + quick fixes (config + gateway + legacy services).
Options:
--no-workspace-suggestions: disable workspace memory hints.--yes: accept defaults without prompting (headless).--non-interactive: skip prompts; apply safe migrations only.--deep: scan system services for extra gateway installs.--repair(alias:--fix): attempt automatic repairs for detected issues.--force: force repairs even when not strictly needed.--generate-gateway-token: generate a new gateway auth token.
Channel helpers
Section titled “Channel helpers”channels
Section titled “channels”Manage chat channel accounts (WhatsApp/Telegram/Discord/Google Chat/Slack/Mattermost (plugin)/Signal/iMessage/Microsoft Teams).
Subcommands:
channels list: show configured channels and auth profiles.channels status: check gateway reachability and channel health (--proberuns extra checks; useopenclaw healthoropenclaw status --deepfor gateway health probes).- Tip:
channels statusprints warnings with suggested fixes when it can detect common misconfigurations (then points you toopenclaw doctor). channels logs: show recent channel logs from the gateway log file.channels add: wizard-style setup when no flags are passed; flags switch to non-interactive mode.- When adding a non-default account to a channel still using single-account top-level config, OpenClaw moves account-scoped values into
channels.<channel>.accounts.defaultbefore writing the new account. - Non-interactive
channels adddoes not auto-create/upgrade bindings; channel-only bindings continue to match the default account.
- When adding a non-default account to a channel still using single-account top-level config, OpenClaw moves account-scoped values into
channels remove: disable by default; pass--deleteto remove config entries without prompts.channels login: interactive channel login (WhatsApp Web only).channels logout: log out of a channel session (if supported).
Common options:
--channel <name>:whatsapp|telegram|discord|googlechat|slack|mattermost|signal|imessage|msteams--account <id>: channel account id (defaultdefault)--name <label>: display name for the account
channels login options:
--channel <channel>(defaultwhatsapp; supportswhatsapp/web)--account <id>--verbose
channels logout options:
--channel <channel>(defaultwhatsapp)--account <id>
channels list options:
--no-usage: skip model provider usage/quota snapshots (OAuth/API-backed only).--json: output JSON (includes usage unless--no-usageis set).
channels logs options:
--channel <name|all>(defaultall)--lines <n>(default200)--json
More detail: /concepts/oauth
Examples:
openclaw channels add --channel telegram --account alerts --name "Alerts Bot" --token $TELEGRAM_BOT_TOKENopenclaw channels add --channel discord --account work --name "Work Bot" --token $DISCORD_BOT_TOKENopenclaw channels remove --channel discord --account work --deleteopenclaw channels status --probeopenclaw status --deepskills
Section titled “skills”List and inspect available skills plus readiness info.
Subcommands:
skills search [query...]: search ClawHub skills.skills install <slug>: install a skill from ClawHub into the active workspace.skills update <slug|--all>: update tracked ClawHub skills.skills list: list skills (default when no subcommand).skills info <name>: show details for one skill.skills check: summary of ready vs missing requirements.
Options:
--eligible: show only ready skills.--json: output JSON (no styling).-v,--verbose: include missing requirements detail.
Tip: use openclaw skills search, openclaw skills install, and openclaw skills update for ClawHub-backed skills.
pairing
Section titled “pairing”Approve DM pairing requests across channels.
Subcommands:
pairing list [channel] [--channel <channel>] [--account <id>] [--json]pairing approve <channel> <code> [--account <id>] [--notify]pairing approve --channel <channel> [--account <id>] <code> [--notify]
devices
Section titled “devices”Manage gateway device pairing entries and per-role device tokens.
Subcommands:
devices list [--json]devices approve [requestId] [--latest]devices reject <requestId>devices remove <deviceId>devices clear --yes [--pending]devices rotate --device <id> --role <role> [--scope <scope...>]devices revoke --device <id> --role <role>
webhooks gmail
Section titled “webhooks gmail”Gmail Pub/Sub hook setup + runner. See Gmail Pub/Sub.
Subcommands:
webhooks gmail setup(requires--account <email>; supports--project,--topic,--subscription,--label,--hook-url,--hook-token,--push-token,--bind,--port,--path,--include-body,--max-bytes,--renew-minutes,--tailscale,--tailscale-path,--tailscale-target,--push-endpoint,--json)webhooks gmail run(runtime overrides for the same flags)
dns setup
Section titled “dns setup”Wide-area discovery DNS helper (CoreDNS + Tailscale). See /gateway/discovery.
Options:
--apply: install/update CoreDNS config (requires sudo; macOS only).
Messaging + agent
Section titled “Messaging + agent”message
Section titled “message”Unified outbound messaging + channel actions.
See: /cli/message
Subcommands:
message send|poll|react|reactions|read|edit|delete|pin|unpin|pins|permissions|search|timeout|kick|banmessage thread <create|list|reply>message emoji <list|upload>message sticker <send|upload>message role <info|add|remove>message channel <info|list>message member infomessage voice statusmessage event <list|create>
Examples:
openclaw message send --target +15555550123 --message "Hi"openclaw message poll --channel discord --target channel:123 --poll-question "Snack?" --poll-option Pizza --poll-option Sushi
Run one agent turn via the Gateway (or --local embedded).
Required:
-m, --message <text>
Options:
-t, --to <dest>(for session key and optional delivery)--session-id <id>--agent <id>(agent id; overrides routing bindings)--thinking <off|minimal|low|medium|high|xhigh>(provider support varies; not model-gated at CLI level)--verbose <on|off>--channel <channel>(delivery channel; omit to use the main session channel)--reply-to <target>(delivery target override, separate from session routing)--reply-channel <channel>(delivery channel override)--reply-account <id>(delivery account id override)--local--deliver--json--timeout <seconds>
agents
Section titled “agents”Manage isolated agents (workspaces + auth + routing).
agents list
Section titled “agents list”List configured agents.
Options:
--json--bindings
agents add [name]
Section titled “agents add [name]”Add a new isolated agent. Runs the guided wizard unless flags (or --non-interactive) are passed; --workspace is required in non-interactive mode.
Options:
--workspace <dir>--model <id>--agent-dir <dir>--bind <channel[:accountId]>(repeatable)--non-interactive--json
Binding specs use channel[:accountId]. When accountId is omitted, OpenClaw may resolve account scope via channel defaults/plugin hooks; otherwise it is a channel binding without explicit account scope.
agents bindings
Section titled “agents bindings”List routing bindings.
Options:
--agent <id>--json
agents bind
Section titled “agents bind”Add routing bindings for an agent.
Options:
--agent <id>--bind <channel[:accountId]>(repeatable)--json
agents unbind
Section titled “agents unbind”Remove routing bindings for an agent.
Options:
--agent <id>--bind <channel[:accountId]>(repeatable)--all--json
agents delete <id>
Section titled “agents delete <id>”Delete an agent and prune its workspace + state.
Options:
--force--json
Run the ACP bridge that connects IDEs to the Gateway.
See acp for full options and examples.
status
Section titled “status”Show linked session health and recent recipients.
Options:
--json--all(full diagnosis; read-only, pasteable)--deep(probe channels)--usage(show model provider usage/quota)--timeout <ms>--verbose--debug(alias for--verbose)
Notes:
- Overview includes Gateway + node host service status when available.
Usage tracking
Section titled “Usage tracking”OpenClaw can surface provider usage/quota when OAuth/API creds are available.
Surfaces:
/status(adds a short provider usage line when available)openclaw status --usage(prints full provider breakdown)- macOS menu bar (Usage section under Context)
Notes:
- Data comes directly from provider usage endpoints (no estimates).
- Providers: Anthropic, GitHub Copilot, OpenAI Codex OAuth, plus Gemini CLI via the bundled
googleplugin and Antigravity where configured. - If no matching credentials exist, usage is hidden.
- Details: see Usage tracking.
health
Section titled “health”Fetch health from the running Gateway.
Options:
--json--timeout <ms>--verbose
sessions
Section titled “sessions”List stored conversation sessions.
Options:
--json--verbose--store <path>--active <minutes>--agent <id>(filter sessions by agent)--all-agents(show sessions across all agents)
Subcommands:
sessions cleanup— remove expired or orphaned sessions
Reset / Uninstall
Section titled “Reset / Uninstall”Reset local config/state (keeps the CLI installed).
Options:
--scope <config|config+creds+sessions|full>--yes--non-interactive--dry-run
Notes:
--non-interactiverequires--scopeand--yes.
uninstall
Section titled “uninstall”Uninstall the gateway service + local data (CLI remains).
Options:
--service--state--workspace--app--all--yes--non-interactive--dry-run
Notes:
--non-interactiverequires--yesand explicit scopes (or--all).
List and manage background task runs across agents.
tasks list— show active and recent task runstasks show <id>— show details for a specific task runtasks notify <id>— change notification policy for a task runtasks cancel <id>— cancel a running tasktasks audit— surface operational issues (stale, lost, delivery failures)tasks flow list— list active and recent Task Flow flowstasks flow show <lookup>— inspect a flow by id or lookup keytasks flow cancel <lookup>— cancel a running flow and its active tasks
Gateway
Section titled “Gateway”gateway
Section titled “gateway”Run the WebSocket Gateway.
Options:
--port <port>--bind <loopback|tailnet|lan|auto|custom>--token <token>--auth <token|password>--password <password>--password-file <path>--tailscale <off|serve|funnel>--tailscale-reset-on-exit--allow-unconfigured--dev--reset(reset dev config + credentials + sessions + workspace)--force(kill existing listener on port)--verbose--cli-backend-logs--claude-cli-logs(deprecated alias)--ws-log <auto|full|compact>--compact(alias for--ws-log compact)--raw-stream--raw-stream-path <path>
gateway service
Section titled “gateway service”Manage the Gateway service (launchd/systemd/schtasks).
Subcommands:
gateway status(probes the Gateway RPC by default)gateway install(service install)gateway uninstallgateway startgateway stopgateway restart
Notes:
gateway statusprobes the Gateway RPC by default using the service’s resolved port/config (override with--url/--token/--password).gateway statussupports--no-probe,--deep,--require-rpc, and--jsonfor scripting.gateway statusalso surfaces legacy or extra gateway services when it can detect them (--deepadds system-level scans). Profile-named OpenClaw services are treated as first-class and aren’t flagged as “extra”.gateway statusprints which config path the CLI uses vs which config the service likely uses (service env), plus the resolved probe target URL.- If gateway auth SecretRefs are unresolved in the current command path,
gateway status --jsonreportsrpc.authWarningonly when probe connectivity/auth fails (warnings are suppressed when probe succeeds). - On Linux systemd installs, status token-drift checks include both
Environment=andEnvironmentFile=unit sources. gateway install|uninstall|start|stop|restartsupport--jsonfor scripting (default output stays human-friendly).gateway installdefaults to Node runtime; bun is not recommended (WhatsApp/Telegram bugs).gateway installoptions:--port,--runtime,--token,--force,--json.
Tail Gateway file logs via RPC.
Options:
--limit <n>: maximum number of log lines to return--max-bytes <n>: maximum bytes to read from the log file--follow: follow the log file (tail -f style)--interval <ms>: polling interval in ms when following--local-time: display timestamps in local time--json: emit line-delimited JSON--plain: disable structured formatting--no-color: disable ANSI colors
Examples:
openclaw logs --followopenclaw logs --limit 200openclaw logs --plainopenclaw logs --jsonopenclaw logs --no-colorgateway <subcommand>
Section titled “gateway <subcommand>”Gateway CLI helpers (use --url, --token, --password, --timeout, --expect-final for RPC subcommands).
When you pass --url, the CLI does not auto-apply config or environment credentials.
Include --token or --password explicitly. Missing explicit credentials is an error.
Subcommands:
gateway call <method> [--params <json>]gateway healthgateway statusgateway probegateway discovergateway install|uninstall|start|stop|restartgateway run
Common RPCs:
config.set(validate + write full config; usebaseHashfor optimistic concurrency)config.apply(validate + write config + restart + wake)config.patch(merge a partial update + restart + wake)update.run(run update + restart + wake)
Tip: when calling config.set/config.apply/config.patch directly, pass baseHash from
config.get if a config already exists.
Tip: these config write RPCs preflight active SecretRef resolution for refs in the submitted config payload and reject writes when an effectively active submitted ref is unresolved.
Models
Section titled “Models”See /concepts/models for fallback behavior and scanning strategy.
Anthropic setup-token (supported):
claude setup-tokenopenclaw models auth setup-token --provider anthropicopenclaw models statusPolicy note: this is technical compatibility. Anthropic has blocked some subscription usage outside Claude Code in the past; verify current Anthropic terms before relying on setup-token in production.
Anthropic Claude CLI migration:
openclaw models auth login --provider anthropic --method cli --set-defaultNote: --auth-choice anthropic-cli is a deprecated legacy alias. Use models auth login instead.
models (root)
Section titled “models (root)”openclaw models is an alias for models status.
Root options:
--status-json(alias formodels status --json)--status-plain(alias formodels status --plain)
models list
Section titled “models list”Options:
--all--local--provider <name>--json--plain
models status
Section titled “models status”Options:
--json--plain--check(exit 1=expired/missing, 2=expiring)--probe(live probe of configured auth profiles)--probe-provider <name>--probe-profile <id>(repeat or comma-separated)--probe-timeout <ms>--probe-concurrency <n>--probe-max-tokens <n>
Always includes the auth overview and OAuth expiry status for profiles in the auth store.
--probe runs live requests (may consume tokens and trigger rate limits).
models set <model>
Section titled “models set <model>”Set agents.defaults.model.primary.
models set-image <model>
Section titled “models set-image <model>”Set agents.defaults.imageModel.primary.
models aliases list|add|remove
Section titled “models aliases list|add|remove”Options:
list:--json,--plainadd <alias> <model>remove <alias>
models fallbacks list|add|remove|clear
Section titled “models fallbacks list|add|remove|clear”Options:
list:--json,--plainadd <model>remove <model>clear
models image-fallbacks list|add|remove|clear
Section titled “models image-fallbacks list|add|remove|clear”Options:
list:--json,--plainadd <model>remove <model>clear
models scan
Section titled “models scan”Options:
--min-params <b>--max-age-days <days>--provider <name>--max-candidates <n>--timeout <ms>--concurrency <n>--no-probe--yes--no-input--set-default--set-image--json
models auth add|login|login-github-copilot|setup-token|paste-token
Section titled “models auth add|login|login-github-copilot|setup-token|paste-token”Options:
add: interactive auth helperlogin:--provider <name>,--method <method>,--set-defaultlogin-github-copilot: GitHub Copilot OAuth login flowsetup-token:--provider <name>(defaultanthropic),--yespaste-token:--provider <name>,--profile-id <id>,--expires-in <duration>
models auth order get|set|clear
Section titled “models auth order get|set|clear”Options:
get:--provider <name>,--agent <id>,--jsonset:--provider <name>,--agent <id>,<profileIds...>clear:--provider <name>,--agent <id>
System
Section titled “System”system event
Section titled “system event”Enqueue a system event and optionally trigger a heartbeat (Gateway RPC).
Required:
--text <text>
Options:
--mode <now|next-heartbeat>--json--url,--token,--timeout,--expect-final
system heartbeat last|enable|disable
Section titled “system heartbeat last|enable|disable”Heartbeat controls (Gateway RPC).
Options:
--json--url,--token,--timeout,--expect-final
system presence
Section titled “system presence”List system presence entries (Gateway RPC).
Options:
--json--url,--token,--timeout,--expect-final
Manage scheduled jobs (Gateway RPC). See /automation/cron-jobs.
Subcommands:
cron status [--json]cron list [--all] [--json](table output by default; use--jsonfor raw)cron add(alias:create; requires--nameand exactly one of--at|--every|--cron, and exactly one payload of--system-event|--message)cron edit <id>(patch fields)cron rm <id>(aliases:remove,delete)cron enable <id>cron disable <id>cron runs --id <id> [--limit <n>]cron run <id> [--force]
All cron commands accept --url, --token, --timeout, --expect-final.
Node host
Section titled “Node host”node runs a headless node host or manages it as a background service. See
openclaw node.
Subcommands:
node run --host <gateway-host> --port 18789node statusnode install [--host <gateway-host>] [--port <port>] [--tls] [--tls-fingerprint <sha256>] [--node-id <id>] [--display-name <name>] [--runtime <node|bun>] [--force]node uninstallnode stopnode restart
Auth notes:
noderesolves gateway auth from env/config (no--token/--passwordflags):OPENCLAW_GATEWAY_TOKEN/OPENCLAW_GATEWAY_PASSWORD, thengateway.auth.*. In local mode, node host intentionally ignoresgateway.remote.*; ingateway.mode=remote,gateway.remote.*participates per remote precedence rules.- Node-host auth resolution only honors
OPENCLAW_GATEWAY_*env vars.
nodes talks to the Gateway and targets paired nodes. See /nodes.
Common options:
--url,--token,--timeout,--json
Subcommands:
nodes status [--connected] [--last-connected <duration>]nodes describe --node <id|name|ip>nodes list [--connected] [--last-connected <duration>]nodes pendingnodes approve <requestId>nodes reject <requestId>nodes rename --node <id|name|ip> --name <displayName>nodes invoke --node <id|name|ip> --command <command> [--params <json>] [--invoke-timeout <ms>] [--idempotency-key <key>]nodes notify --node <id|name|ip> [--title <text>] [--body <text>] [--sound <name>] [--priority <passive|active|timeSensitive>] [--delivery <system|overlay|auto>] [--invoke-timeout <ms>](mac only)
Camera:
nodes camera list --node <id|name|ip>nodes camera snap --node <id|name|ip> [--facing front|back|both] [--device-id <id>] [--max-width <px>] [--quality <0-1>] [--delay-ms <ms>] [--invoke-timeout <ms>]nodes camera clip --node <id|name|ip> [--facing front|back] [--device-id <id>] [--duration <ms|10s|1m>] [--no-audio] [--invoke-timeout <ms>]
Canvas + screen:
nodes canvas snapshot --node <id|name|ip> [--format png|jpg|jpeg] [--max-width <px>] [--quality <0-1>] [--invoke-timeout <ms>]nodes canvas present --node <id|name|ip> [--target <urlOrPath>] [--x <px>] [--y <px>] [--width <px>] [--height <px>] [--invoke-timeout <ms>]nodes canvas hide --node <id|name|ip> [--invoke-timeout <ms>]nodes canvas navigate <url> --node <id|name|ip> [--invoke-timeout <ms>]nodes canvas eval [<js>] --node <id|name|ip> [--js <code>] [--invoke-timeout <ms>]nodes canvas a2ui push --node <id|name|ip> (--jsonl <path> | --text <text>) [--invoke-timeout <ms>]nodes canvas a2ui reset --node <id|name|ip> [--invoke-timeout <ms>]nodes screen record --node <id|name|ip> [--screen <index>] [--duration <ms|10s>] [--fps <n>] [--no-audio] [--out <path>] [--invoke-timeout <ms>]
Location:
nodes location get --node <id|name|ip> [--max-age <ms>] [--accuracy <coarse|balanced|precise>] [--location-timeout <ms>] [--invoke-timeout <ms>]
Browser
Section titled “Browser”Browser control CLI (dedicated Chrome/Brave/Edge/Chromium). See openclaw browser and the Browser tool.
Common options:
--url,--token,--timeout,--json--browser-profile <name>
Manage:
browser statusbrowser startbrowser stopbrowser reset-profilebrowser tabsbrowser open <url>browser focus <targetId>browser close [targetId]browser profilesbrowser create-profile --name <name> [--color <hex>] [--cdp-url <url>]browser delete-profile --name <name>
Inspect:
browser screenshot [targetId] [--full-page] [--ref <ref>] [--element <selector>] [--type png|jpeg]browser snapshot [--format aria|ai] [--target-id <id>] [--limit <n>] [--interactive] [--compact] [--depth <n>] [--selector <sel>] [--out <path>]
Actions:
browser navigate <url> [--target-id <id>]browser resize <width> <height> [--target-id <id>]browser click <ref> [--double] [--button <left|right|middle>] [--modifiers <csv>] [--target-id <id>]browser type <ref> <text> [--submit] [--slowly] [--target-id <id>]browser press <key> [--target-id <id>]browser hover <ref> [--target-id <id>]browser drag <startRef> <endRef> [--target-id <id>]browser select <ref> <values...> [--target-id <id>]browser upload <paths...> [--ref <ref>] [--input-ref <ref>] [--element <selector>] [--target-id <id>] [--timeout-ms <ms>]browser fill [--fields <json>] [--fields-file <path>] [--target-id <id>]browser dialog --accept|--dismiss [--prompt <text>] [--target-id <id>] [--timeout-ms <ms>]browser wait [--time <ms>] [--text <value>] [--text-gone <value>] [--target-id <id>]browser evaluate --fn <code> [--ref <ref>] [--target-id <id>]browser console [--level <error|warn|info>] [--target-id <id>]browser pdf [--target-id <id>]
Docs search
Section titled “Docs search”docs [query...]
Section titled “docs [query...]”Search the live docs index.
Open the terminal UI connected to the Gateway.
Options:
--url <url>--token <token>--password <password>--session <key>--deliver--thinking <level>--message <text>--timeout-ms <ms>(defaults toagents.defaults.timeoutSeconds)--history-limit <n>