LLM/moltbot
1
0
Fork 0
mirror of https://github.com/moltbot/moltbot.git synced 2026-04-25 23:47:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
moltbot/docs/providers/cloudflare-ai-gateway.md
Peter Steinberger f523bbfcd1 fix: align claude cli permissions with exec policy 
Derive Claude CLI bypass mode from OpenClaw exec YOLO policy, preserve raw Claude permission-mode overrides, update docs/changelog, and cover global/per-agent policy behavior.
2026-04-23 23:11:34 +01:00

3.7 KiB
Raw Permalink Blame History

summary, title, read_when
summary title read_when
Cloudflare AI Gateway setup (auth + model selection) Cloudflare AI gateway
You want to use Cloudflare AI Gateway with OpenClaw
You need the account ID, gateway ID, or API key env var

Cloudflare AI Gateway sits in front of provider APIs and lets you add analytics, caching, and controls. For Anthropic, OpenClaw uses the Anthropic Messages API through your Gateway endpoint.

Property Value
Provider cloudflare-ai-gateway
Base URL https://gateway.ai.cloudflare.com/v1/<account_id>/<gateway_id>/anthropic
Default model cloudflare-ai-gateway/claude-sonnet-4-6
API key CLOUDFLARE_AI_GATEWAY_API_KEY (your provider API key for requests through the Gateway)
For Anthropic models routed through Cloudflare AI Gateway, use your **Anthropic API key** as the provider key.

Getting started

Run onboarding and choose the Cloudflare AI Gateway auth option: 
```bash
openclaw onboard --auth-choice cloudflare-ai-gateway-api-key
```

This prompts for your account ID, gateway ID, and API key.
Add the model to your OpenClaw config: 
```json5
{
  agents: {
    defaults: {
      model: { primary: "cloudflare-ai-gateway/claude-sonnet-4-6" },
    },
  },
}
```
```bash openclaw models list --provider cloudflare-ai-gateway ```

Non-interactive example

For scripted or CI setups, pass all values on the command line:

openclaw onboard --non-interactive \
  --mode local \
  --auth-choice cloudflare-ai-gateway-api-key \
  --cloudflare-ai-gateway-account-id "your-account-id" \
  --cloudflare-ai-gateway-gateway-id "your-gateway-id" \
  --cloudflare-ai-gateway-api-key "$CLOUDFLARE_AI_GATEWAY_API_KEY"

Advanced configuration

If you enabled Gateway authentication in Cloudflare, add the `cf-aig-authorization` header. This is **in addition to** your provider API key. 
```json5
{
  models: {
    providers: {
      "cloudflare-ai-gateway": {
        headers: {
          "cf-aig-authorization": "Bearer <cloudflare-ai-gateway-token>",
        },
      },
    },
  },
}
```

<Tip>
The `cf-aig-authorization` header authenticates with the Cloudflare Gateway itself, while the provider API key (for example, your Anthropic key) authenticates with the upstream provider.
</Tip>
If the Gateway runs as a daemon (launchd/systemd), make sure `CLOUDFLARE_AI_GATEWAY_API_KEY` is available to that process. 
<Warning>
A key sitting only in `~/.profile` will not help a launchd/systemd daemon unless that environment is imported there as well. Set the key in `~/.openclaw/.env` or via `env.shellEnv` to ensure the gateway process can read it.
</Warning>

Related

Choosing providers, model refs, and failover behavior. General troubleshooting and FAQ.