Rate This Document
Findability
Accuracy
Completeness
Readability

Enforce Token or Password Authentication

When token or password authentication is enabled, OpenClaw automatically generates a random token. However, OpenClaw stores the token in plaintext in the configuration file by default. To prevent token leakage, encrypted storage must be implemented and the credentials should be changed periodically. Please adopt an encryption solution to avoid storing sensitive data in plaintext (see Deploying an OpenClaw Instance).

Procedure

Set the authentication mode of the OpenClaw gateway.

openclaw config set gateway.auth.mode token