Skip to main content
Reference for LLM/model providers (not chat channels like WhatsApp/Telegram). For model selection rules, see Models.

Quick rules

  • Model refs use provider/model (example: opencode/claude-opus-4-6).
  • agents.defaults.models acts as an allowlist when set.
  • CLI helpers: openclaw onboard, openclaw models list, openclaw models set <provider/model>.
  • models.providers.*.contextWindow / contextTokens / maxTokens set provider-level defaults; models.providers.*.models[].contextWindow / contextTokens / maxTokens override them per model.
  • Fallback rules, cooldown probes, and session-override persistence: Model failover.
openclaw configure preserves an existing agents.defaults.model.primary when you add or reauth a provider. openclaw models auth login does the same unless you pass --set-default. Provider plugins may still return a recommended default model in their auth config patch, but OpenClaw treats that as “make this model available” when a primary model already exists, not “replace the current primary model.”To intentionally switch the default model, use openclaw models set <provider/model> or openclaw models auth login --provider <id> --set-default.
OpenAI model refs and agent runtimes are separate:
  • openai/<model> selects the canonical OpenAI provider and model. The prefix alone never selects Codex.
  • With provider/model runtime policy unset or auto, OpenAI may select Codex implicitly only for an exact official HTTPS Platform Responses or ChatGPT Responses route with no authored request override.
  • Authored Completions adapters, custom endpoints, and routes with authored request behavior stay on OpenClaw. Plaintext official HTTP endpoints are rejected.
  • legacy Codex model refs are legacy config that doctor rewrites to openai/<model>.
  • Provider/model agentRuntime.id: "openclaw" explicitly keeps an otherwise eligible route on OpenClaw. agentRuntime.id: "codex" requires Codex and fails closed when the effective route is not Codex-compatible.
See OpenAI implicit agent runtime and Codex harness. If the provider/runtime split is confusing, read Agent runtimes first.Plugin auto-enable follows the same boundary: an implicitly Codex-compatible effective route can enable the Codex plugin, while explicit provider/model agentRuntime.id: "codex" or legacy codex/<model> refs require it. An openai/* prefix by itself does not.Fresh OpenAI setup uses a route-specific GPT-5.6 ref: API-key setup selects openai/gpt-5.6 (the bare direct-API id resolves to Sol), while ChatGPT/Codex OAuth selects exact openai/gpt-5.6-sol for the native Codex catalog. Existing explicit primaries, including openai/gpt-5.5, are preserved when OpenAI auth is added or refreshed. GPT-5.5 remains available through either runtime as an explicit recovery choice for accounts without GPT-5.6 access.
CLI runtimes use the same split: choose canonical model refs such as anthropic/claude-* or google/gemini-*, then set provider/model runtime policy to claude-cli or google-gemini-cli when you want a local CLI backend.Legacy claude-cli/* and google-gemini-cli/* refs migrate back to canonical provider refs with the runtime recorded separately. Legacy codex-cli/* refs migrate to openai/* and use the Codex app-server route; OpenClaw no longer keeps a bundled Codex CLI backend.

Configure providers in the Control UI

Open Settings → Model Providers in the Control UI to add, replace, or remove provider API keys stored in models.providers.<id>.apiKey. The page identifies whether each API key comes from OpenClaw config or an environment variable without displaying the credential. Environment-provided keys remain managed by the gateway process environment. Use Test connection to run a live provider probe and see latency or a categorized authentication, rate-limit, billing, timeout, or response error. A probe makes a real provider request and may consume a small number of tokens. OAuth and token profiles can also be logged out from the provider card. The Default models card manages the primary model, ordered fallbacks, and utility model from the configured model catalog. Choose the models, then save them together to the existing agents.defaults.model and agents.defaults.utilityModel settings. For the utility model, Automatic leaves the setting unset and Disabled stores an empty string to turn utility routing off.

Plugin-owned provider behavior

Most provider-specific logic lives in provider plugins (registerProvider(...)) while OpenClaw keeps the generic inference loop. Plugins own onboarding, model catalogs, auth env-var mapping, transport/config normalization, tool-schema cleanup, failover classification, OAuth refresh, usage reporting, thinking/reasoning profiles, and more. The full list of provider-SDK hooks and bundled-plugin examples lives in Provider plugins. A provider that needs a totally custom request executor is a separate, deeper extension surface.
Provider-owned runner behavior lives on explicit provider hooks such as replay policy, tool-schema normalization, stream wrapping, and transport/request helpers. The legacy ProviderPlugin.capabilities static bag is compatibility-only and is no longer read by shared runner logic.

API key rotation

Configure multiple keys via:
  • OPENCLAW_LIVE_<PROVIDER>_KEY (single live override, highest priority)
  • <PROVIDER>_API_KEYS (comma or semicolon list)
  • <PROVIDER>_API_KEY (primary key)
  • <PROVIDER>_API_KEY_* (numbered list, e.g. <PROVIDER>_API_KEY_1)
For Google providers, GOOGLE_API_KEY is also included as fallback. Key selection order preserves priority and deduplicates values.
  • Requests are retried with the next key only on rate-limit responses (for example 429, rate_limit, quota, resource exhausted, Too many concurrent requests, ThrottlingException, concurrency limit reached, workers_ai ... quota limit exceeded, or periodic usage-limit messages).
  • Non-rate-limit failures fail immediately; no key rotation is attempted.
  • When all candidate keys fail, the final error is returned from the last attempt.

Official provider plugins

Official provider plugins publish their own model catalog rows. These providers require no models.providers model entries; enable the provider plugin, set auth, and pick a model. Use models.providers only for explicit custom providers or narrow request settings such as timeouts.

OpenAI

  • Provider: openai
  • Auth: OPENAI_API_KEY
  • Optional rotation: OPENAI_API_KEYS, OPENAI_API_KEY_1, OPENAI_API_KEY_2, plus OPENCLAW_LIVE_OPENAI_KEY (single override)
  • Fresh setup default: openai/gpt-5.6; on the direct API, the bare id resolves to Sol.
  • Example models: openai/gpt-5.6, openai/gpt-5.6-terra, openai/gpt-5.6-luna, openai/gpt-5.5
  • Verify account/model availability with openclaw models list --provider openai if a specific install or API key behaves differently.
  • CLI: openclaw onboard --auth-choice openai-api-key
  • Default transport is auto; OpenClaw passes the transport choice to the shared model runtime.
  • Override per model via agents.defaults.models["openai/<model>"].params.transport ("sse", "websocket", or "auto")
  • OpenAI priority processing can be enabled via agents.defaults.models["openai/<model>"].params.serviceTier
  • /fast and params.fastMode map direct openai/* Responses requests to service_tier=priority on api.openai.com
  • Use params.serviceTier when you want an explicit tier instead of the shared /fast toggle
  • Hidden OpenClaw attribution headers (originator, version, User-Agent) apply only on native OpenAI traffic to api.openai.com, not generic OpenAI-compatible proxies
  • Native OpenAI routes also keep Responses store, prompt-cache hints, and OpenAI reasoning-compat payload shaping; proxy routes do not
  • openai/gpt-5.3-codex-spark is available only through ChatGPT/Codex OAuth; direct OpenAI API-key and Azure API-key routes reject it
If the API organization does not expose GPT-5.6, set openai/gpt-5.5 explicitly. Normal onboarding and reauthentication preserve an existing explicit primary model; models auth login --set-default and models set are the intentional replacement paths.

Anthropic

  • Provider: anthropic
  • Auth: ANTHROPIC_API_KEY
  • Optional rotation: ANTHROPIC_API_KEYS, ANTHROPIC_API_KEY_1, ANTHROPIC_API_KEY_2, plus OPENCLAW_LIVE_ANTHROPIC_KEY (single override)
  • Example model: anthropic/claude-opus-4-6
  • CLI: openclaw onboard --auth-choice apiKey
  • Direct public Anthropic requests support the shared /fast toggle and params.fastMode, including API-key and OAuth-authenticated traffic sent to api.anthropic.com; OpenClaw maps that to Anthropic service_tier (auto vs standard_only)
  • Preferred Claude CLI config keeps the model ref canonical and selects the CLI backend separately: anthropic/claude-opus-4-8 with model-scoped agentRuntime.id: "claude-cli". Legacy claude-cli/claude-opus-4-7 refs still work for compatibility.
Claude CLI reuse (claude -p) is a sanctioned OpenClaw integration path. Anthropic setup-token auth remains supported, but OpenClaw prefers Claude CLI reuse when available.

OpenAI ChatGPT/Codex OAuth

  • Provider: openai
  • Auth: OAuth (ChatGPT)
  • Fresh native Codex app-server harness ref: openai/gpt-5.6-sol
  • Native Codex app-server harness docs: Codex harness
  • Legacy model refs: codex/gpt-*
  • Plugin boundary: openai/* loads the OpenAI plugin; explicit runtime policy or the provider-owned effective route decides whether the native Codex app-server plugin is selected.
  • CLI: openclaw onboard --auth-choice openai or openclaw models auth login --provider openai
  • OpenClaw’s embedded ChatGPT Responses transport defaults to auto (WebSocket-first, SSE fallback).
  • agents.defaults.models["openai/<model>"].params.transport, params.serviceTier, and params.fastMode are authored embedded-request settings. They keep implicit runtime selection on OpenClaw; native Codex owns its app-server transport and service tier.
  • Hidden OpenClaw attribution headers (originator, version, User-Agent) are only attached on native Codex traffic to chatgpt.com/backend-api, not generic OpenAI-compatible proxies
  • The shared /fast toggle remains available as a runtime control; it is distinct from authored model params.
  • The native Codex catalog can expose exact openai/gpt-5.6-sol, openai/gpt-5.6-terra, and openai/gpt-5.6-luna refs according to account access. It does not apply the direct API’s bare gpt-5.6 alias client-side.
  • openai/gpt-5.5 uses the Codex catalog native contextWindow = 400000 and default runtime contextTokens = 272000; override the runtime cap with models.providers.openai.models[].contextTokens
  • Sign in with openai auth and use openai/gpt-5.6-sol for a fresh subscription-backed setup. Select openai/gpt-5.5 explicitly if that Codex workspace does not expose GPT-5.6.
  • Use provider/model agentRuntime.id: "openclaw" to keep an otherwise eligible route on the built-in runtime. With runtime unset or auto, only an exact official HTTPS Responses/ChatGPT-compatible route with no authored request override may select Codex implicitly.
  • Legacy Codex GPT refs are legacy state, not a live provider route. Use canonical openai/* refs for new agent config, and run openclaw doctor --fix to migrate old legacy Codex model refs without upgrading an existing explicit openai/gpt-5.5 selection.

Other subscription-style hosted options

MiniMax

MiniMax Coding Plan OAuth or API key access.

Qwen Cloud

Qwen Cloud provider surface plus Alibaba DashScope and Coding Plan endpoint mapping.

Z.AI (GLM)

Z.AI Coding Plan or general API endpoints.

OpenCode

  • Auth: OPENCODE_API_KEY (or OPENCODE_ZEN_API_KEY)
  • Zen runtime provider: opencode
  • Go runtime provider: opencode-go
  • Example models: opencode/claude-opus-4-6, opencode-go/kimi-k2.6
  • CLI: openclaw onboard --auth-choice opencode-zen or openclaw onboard --auth-choice opencode-go

Google Gemini (API key)

  • Provider: google
  • Auth: GEMINI_API_KEY
  • Optional rotation: GEMINI_API_KEYS, GEMINI_API_KEY_1, GEMINI_API_KEY_2, GOOGLE_API_KEY fallback, and OPENCLAW_LIVE_GEMINI_KEY (single override)
  • Example models: google/gemini-3.1-pro-preview, google/gemini-3.5-flash
  • Compatibility: legacy OpenClaw config using google/gemini-3.1-flash-preview is normalized to google/gemini-3-flash-preview
  • Alias: google/gemini-3.1-pro is accepted and normalized to Google’s live Gemini API id, google/gemini-3.1-pro-preview
  • CLI: openclaw onboard --auth-choice gemini-api-key
  • Thinking: /think adaptive uses Google dynamic thinking. Gemini 3/3.1 omit a fixed thinkingLevel; Gemini 2.5 sends thinkingBudget: -1.
  • Direct Gemini runs also accept agents.defaults.models["google/<model>"].params.cachedContent (or legacy cached_content) to forward a provider-native cachedContents/... handle; Gemini cache hits surface as OpenClaw cacheRead

Google Vertex and Gemini CLI

  • Providers: google-vertex, google-gemini-cli
  • Auth: Vertex uses gcloud ADC; Gemini CLI uses its OAuth flow
Gemini CLI OAuth in OpenClaw is an unofficial integration. Some users have reported Google account restrictions after using third-party clients. Review Google terms and use a non-critical account if you choose to proceed.
Gemini CLI OAuth is shipped as part of the bundled google plugin.
1

Install Gemini CLI

2

Enable plugin

3

Login

Default model: google-gemini-cli/gemini-3-flash-preview. You do not paste a client id or secret into openclaw.json. The CLI login flow stores tokens in auth profiles on the gateway host.
4

Set project (if needed)

If requests fail after login, set GOOGLE_CLOUD_PROJECT or GOOGLE_CLOUD_PROJECT_ID on the gateway host.
Gemini CLI uses stream-json by default. OpenClaw reads assistant stream messages and normalizes stats.cached into cacheRead; legacy --output-format json overrides still read reply text from response.

Z.AI (GLM)

  • Provider: zai
  • Auth: ZAI_API_KEY
  • Example model: zai/glm-5.2
  • CLI: openclaw onboard --auth-choice zai-api-key
    • Model refs use the canonical zai/* provider ID.
    • zai-api-key auto-detects the matching Z.AI endpoint; zai-coding-global, zai-coding-cn, zai-global, and zai-cn force a specific surface

Vercel AI Gateway

  • Provider: vercel-ai-gateway
  • Auth: AI_GATEWAY_API_KEY
  • Example models: vercel-ai-gateway/anthropic/claude-opus-4.6, vercel-ai-gateway/moonshotai/kimi-k2.6
  • CLI: openclaw onboard --auth-choice ai-gateway-api-key

Other bundled provider plugins

Quirks worth knowing

Applies its app-attribution headers and Anthropic cache_control markers only on verified openrouter.ai routes. DeepSeek, Moonshot, and ZAI refs are cache-TTL eligible for OpenRouter-managed prompt caching but do not receive Anthropic cache markers. As a proxy-style OpenAI-compatible path, it skips native-OpenAI-only shaping (serviceTier, Responses store, prompt-cache hints, OpenAI reasoning-compat). Gemini-backed refs keep proxy-Gemini thought-signature sanitation only.
Gemini-backed refs follow the same proxy-Gemini sanitation path; kilocode/kilo/auto and other proxy-reasoning-unsupported refs skip proxy reasoning injection.
API-key onboarding writes explicit M3 and M2.7 chat model definitions; image understanding stays on the plugin-owned MiniMax-VL-01 media provider.
Model ids use a nvidia/<vendor>/<model> namespace (for example nvidia/nvidia/nemotron-... alongside nvidia/moonshotai/kimi-k2.5); pickers preserve the literal <provider>/<model-id> composition while the canonical key sent to the API stays single-prefixed.
Uses the xAI Responses path. The recommended path is SuperGrok/X Premium OAuth; API keys still work via XAI_API_KEY or plugin config, and Grok web_search reuses the same auth profile before API-key fallback. Grok 4.5 is selectable for chat, coding, and agentic work where available; grok-4.3 remains the regional-safe bundled default. Older /fast and params.fastMode: true configurations still resolve through xAI’s Grok 4.3 compatibility redirects, but new configurations should select a current model directly. tool_stream defaults on; disable via agents.defaults.models["xai/<model>"].params.tool_stream=false.

Providers via models.providers (custom/base URL)

Use models.providers (or models.json) to add custom providers or OpenAI/Anthropic-compatible proxies. Many of the bundled provider plugins below already publish a default catalog. Use explicit models.providers.<id> entries only when you want to override the default base URL, headers, or model list. Gateway model capability checks also read explicit models.providers.<id>.models[] metadata. If a custom or proxy model accepts images, set input: ["text", "image"] on that model so WebChat and node-origin attachment paths pass images as native model inputs instead of text-only media refs. agents.defaults.models["provider/model"] only controls model visibility, aliases, and per-model metadata for agents. It does not register a new runtime model by itself. For custom provider models, also add models.providers.<provider>.models[] with at least the matching id.

Moonshot AI (Kimi)

Install @openclaw/moonshot-provider before onboarding. Add an explicit models.providers.moonshot entry only when you need to override the base URL or model metadata:
  • Provider: moonshot
  • Auth: MOONSHOT_API_KEY
  • Example model: moonshot/kimi-k2.6
  • CLI: openclaw onboard --auth-choice moonshot-api-key or openclaw onboard --auth-choice moonshot-api-key-cn
Kimi K2 model IDs:
  • moonshot/kimi-k2.6
  • moonshot/kimi-k2.7-code
  • moonshot/kimi-k2.5
  • moonshot/kimi-k2-thinking
  • moonshot/kimi-k2-thinking-turbo
  • moonshot/kimi-k2-turbo
See Moonshot AI (Kimi + Kimi Coding) for the full setup guide.

Kimi Coding

Kimi Coding uses Moonshot AI’s Anthropic-compatible endpoint:
  • Provider: kimi
  • Auth: KIMI_API_KEY
  • Example model: kimi/kimi-for-coding
Legacy kimi/kimi-code and kimi/k2p5 remain accepted as compatibility model ids and normalize to Kimi’s stable API model id.

Volcano Engine (Doubao)

Volcano Engine (火山引擎) provides access to Doubao and other models in China.
  • Provider: volcengine (coding: volcengine-plan)
  • Auth: VOLCANO_ENGINE_API_KEY
  • Example model: volcengine-plan/ark-code-latest
  • CLI: openclaw onboard --auth-choice volcengine-api-key
Onboarding defaults to the coding surface, but the general volcengine/* catalog is registered at the same time. In onboarding/configure model pickers, the Volcengine auth choice prefers both volcengine/* and volcengine-plan/* rows. If those models are not loaded yet, OpenClaw falls back to the unfiltered catalog instead of showing an empty provider-scoped picker.
  • volcengine/doubao-seed-1-8-251228 (Doubao Seed 1.8)
  • volcengine/doubao-seed-code-preview-251028
  • volcengine/kimi-k2-5-260127 (Kimi K2.5)
  • volcengine/glm-4-7-251222 (GLM 4.7)
  • volcengine/deepseek-v3-2-251201 (DeepSeek V3.2)

BytePlus (International)

BytePlus ARK provides access to the same models as Volcano Engine for international users.
  • Provider: byteplus (coding: byteplus-plan)
  • Auth: BYTEPLUS_API_KEY
  • Example model: byteplus-plan/ark-code-latest
  • CLI: openclaw onboard --auth-choice byteplus-api-key
Onboarding defaults to the coding surface, but the general byteplus/* catalog is registered at the same time. In onboarding/configure model pickers, the BytePlus auth choice prefers both byteplus/* and byteplus-plan/* rows. If those models are not loaded yet, OpenClaw falls back to the unfiltered catalog instead of showing an empty provider-scoped picker.
  • byteplus/seed-1-8-251228 (Seed 1.8)
  • byteplus/kimi-k2-5-260127 (Kimi K2.5)
  • byteplus/glm-4-7-251222 (GLM 4.7)

Synthetic

Synthetic provides Anthropic-compatible models behind the synthetic provider:
  • Provider: synthetic
  • Auth: SYNTHETIC_API_KEY
  • Example model: synthetic/hf:MiniMaxAI/MiniMax-M2.5
  • CLI: openclaw onboard --auth-choice synthetic-api-key

MiniMax

MiniMax is configured via models.providers because it uses custom endpoints:
  • MiniMax OAuth (Global): --auth-choice minimax-global-oauth
  • MiniMax OAuth (CN): --auth-choice minimax-cn-oauth
  • MiniMax API key (Global): --auth-choice minimax-global-api
  • MiniMax API key (CN): --auth-choice minimax-cn-api
  • Auth: MINIMAX_API_KEY for minimax; MINIMAX_OAUTH_TOKEN or MINIMAX_API_KEY for minimax-portal
See /providers/minimax for setup details, model options, and config snippets.
On MiniMax’s Anthropic-compatible streaming path, OpenClaw disables thinking by default for the M2.x family unless you explicitly set it; MiniMax-M3 (and M3.x) stays on the provider’s omitted/adaptive thinking path by default. /fast on rewrites MiniMax-M2.7 to MiniMax-M2.7-highspeed.
Plugin-owned capability split:
  • Text/chat defaults stay on minimax/MiniMax-M3
  • Image generation is minimax/image-01 or minimax-portal/image-01
  • Image understanding is plugin-owned MiniMax-VL-01 on both MiniMax auth paths
  • Web search stays on provider id minimax

LM Studio

LM Studio ships as a bundled provider plugin which uses the native API:
  • Provider: lmstudio
  • Auth: LM_API_TOKEN
  • Default inference base URL: http://localhost:1234/v1
Then set a model (replace with one of the IDs returned by http://localhost:1234/api/v1/models):
OpenClaw uses LM Studio’s native /api/v1/models and /api/v1/models/load for discovery + auto-load, with /v1/chat/completions for inference by default. If you want LM Studio JIT loading, TTL, and auto-evict to own model lifecycle, set models.providers.lmstudio.params.preload: false. See /providers/lmstudio for setup and troubleshooting.

Ollama

Ollama ships as a bundled provider plugin and uses Ollama’s native API:
Ollama is detected locally at http://127.0.0.1:11434 when you opt in with OLLAMA_API_KEY, and the bundled provider plugin adds Ollama directly to openclaw onboard and the model picker. See /providers/ollama for onboarding, cloud/local mode, and custom configuration.

vLLM

vLLM ships as a bundled provider plugin for local/self-hosted OpenAI-compatible servers:
  • Provider: vllm
  • Auth: Optional (depends on your server)
  • Default base URL: http://127.0.0.1:8000/v1
To opt in to auto-discovery locally (any value works if your server doesn’t enforce auth):
Then set a model (replace with one of the IDs returned by /v1/models):
See /providers/vllm for details.

SGLang

SGLang ships as a bundled provider plugin for fast self-hosted OpenAI-compatible servers:
  • Provider: sglang
  • Auth: Optional (depends on your server)
  • Default base URL: http://127.0.0.1:30000/v1
To opt in to auto-discovery locally (any value works if your server does not enforce auth):
Then set a model (replace with one of the IDs returned by /v1/models):
See /providers/sglang for details.

Local proxies (LM Studio, vLLM, LiteLLM, etc.)

Example (OpenAI-compatible):
For custom providers, reasoning, input, cost, contextWindow, and maxTokens are optional. When omitted, OpenClaw defaults to:
  • reasoning: false
  • input: ["text"]
  • cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 }
  • contextWindow: 200000
  • maxTokens: 8192
Recommended: set explicit values that match your proxy/model limits.
  • For api: "openai-completions" on non-native endpoints (any non-empty baseUrl whose host is not api.openai.com), OpenClaw forces compat.supportsDeveloperRole: false to avoid provider 400 errors for unsupported developer roles.
  • Proxy-style OpenAI-compatible routes also skip native OpenAI-only request shaping: no service_tier, no Responses store, no Completions store, no prompt-cache hints, no OpenAI reasoning-compat payload shaping, and no hidden OpenClaw attribution headers.
  • For OpenAI-compatible Completions proxies that need vendor-specific fields, set agents.defaults.models["provider/model"].params.extra_body (or extraBody) to merge extra JSON into the outbound request body.
  • For vLLM chat-template controls, set agents.defaults.models["provider/model"].params.chat_template_kwargs. The bundled vLLM plugin automatically sends enable_thinking: false and force_nonempty_content: true for vllm/nemotron-3-* when the session thinking level is off.
  • For slow local models or remote LAN/tailnet hosts, set models.providers.<id>.timeoutSeconds. This extends provider model HTTP request handling, including connect, headers, body streaming, and the total guarded-fetch abort, without increasing the whole agent runtime timeout. If agents.defaults.timeoutSeconds or a run-specific timeout is lower, raise that ceiling too; provider timeouts cannot extend the whole run.
  • Model provider HTTP calls allow Surge, Clash, and sing-box fake-IP DNS answers in 198.18.0.0/15 and fc00::/7 only for the configured provider baseUrl hostname. Custom/local provider endpoints also trust that exact configured scheme://host:port origin for guarded model requests, including loopback, LAN, and tailnet hosts. This is not a new config option; the baseUrl you configure extends the request policy only for that origin. Fake-IP hostname allowance and exact-origin trust are independent mechanisms. Other private, loopback, link-local, metadata destinations, and different ports still require an explicit models.providers.<id>.request.allowPrivateNetwork: true opt-in. Set models.providers.<id>.request.allowPrivateNetwork: false to opt out of the exact-origin trust.
  • If baseUrl is empty/omitted, OpenClaw keeps the default OpenAI behavior (which resolves to api.openai.com).
  • For safety, an explicit compat.supportsDeveloperRole: true is still overridden on non-native openai-completions endpoints.
  • For api: "anthropic-messages" on non-direct endpoints (any provider other than canonical anthropic, or a custom models.providers.anthropic.baseUrl whose host is not a public api.anthropic.com endpoint), OpenClaw suppresses implicit Anthropic beta headers such as claude-code-20250219, interleaved-thinking-2025-05-14, and OAuth markers, so custom Anthropic-compatible proxies do not reject unsupported beta flags. Set models.providers.<id>.headers["anthropic-beta"] explicitly if your proxy needs specific beta features.

CLI examples

See also: Configuration for full configuration examples.