LLM/moltbot
1
0
Fork 0
mirror of https://github.com/moltbot/moltbot.git synced 2026-03-21 16:41:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Docs: document secrets refs runtime and migration

Browse Source
This commit is contained in:
joshavant
2026-02-24 16:26:51 -06:00
committed by Peter Steinberger
parent cb119874dc
commit c0a3801086
19 changed files with 187 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
docs/start/wizard-cli-reference.md
View File

@@ -139,8 +139,7 @@ What you set:
</Accordion>
<Accordion title="OpenAI API key">
Uses `OPENAI_API_KEY` if present or prompts for a key, then saves it to
`~/.openclaw/.env` so launchd can read it.
Uses `OPENAI_API_KEY` if present or prompts for a key, then stores the credential in auth profiles.
Sets `agents.defaults.model` to `openai/gpt-5.1-codex` when model is unset, `openai/*`, or `openai-codex/*`.
@@ -202,6 +201,12 @@ Credential and profile paths:
- OAuth credentials: `~/.openclaw/credentials/oauth.json`
- Auth profiles (API keys + OAuth): `~/.openclaw/agents/<agentId>/agent/auth-profiles.json`
API key storage mode:
- Default onboarding behavior persists API keys as plaintext values in auth profiles.
- `--secret-input-mode ref` stores env-backed refs in auth profiles instead of plaintext values (for example `keyRef: { source: "env", id: "OPENAI_API_KEY" }`).
- Existing plaintext setups continue to work unchanged.
<Note>
Headless and server tip: complete OAuth on a machine with a browser, then copy
`~/.openclaw/credentials/oauth.json` (or `$OPENCLAW_STATE_DIR/credentials/oauth.json`)