LLM/moltbot
1
0
Fork 0
mirror of https://github.com/moltbot/moltbot.git synced 2026-03-08 06:54:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
6408b7f81cd089892f7b557fdaf05d89ee072742
moltbot/docs/cli/devices.md
Peter Steinberger a12cbf8994 docs: refresh CLI and trusted-proxy docs
2026-02-25 02:40:12 +00:00

2.5 KiB
Raw Blame History

summary, read_when, title
summary read_when title
CLI reference for `openclaw devices` (device pairing + token rotation/revocation)
You are approving device pairing requests
You need to rotate or revoke device tokens
devices

openclaw devices

Manage device pairing requests and device-scoped tokens.

Commands

openclaw devices list

List pending pairing requests and paired devices.

openclaw devices list
openclaw devices list --json

openclaw devices remove <deviceId>

Remove one paired device entry.

openclaw devices remove <deviceId>
openclaw devices remove <deviceId> --json

openclaw devices clear --yes [--pending]

Clear paired devices in bulk.

openclaw devices clear --yes
openclaw devices clear --yes --pending
openclaw devices clear --yes --pending --json

openclaw devices approve [requestId] [--latest]

Approve a pending device pairing request. If requestId is omitted, OpenClaw automatically approves the most recent pending request.

openclaw devices approve
openclaw devices approve <requestId>
openclaw devices approve --latest

openclaw devices reject <requestId>

Reject a pending device pairing request.

openclaw devices reject <requestId>

openclaw devices rotate --device <id> --role <role> [--scope <scope...>]

Rotate a device token for a specific role (optionally updating scopes).

openclaw devices rotate --device <deviceId> --role operator --scope operator.read --scope operator.write

openclaw devices revoke --device <id> --role <role>

Revoke a device token for a specific role.

openclaw devices revoke --device <deviceId> --role node

Common options

  • --url <url>: Gateway WebSocket URL (defaults to gateway.remote.url when configured).
  • --token <token>: Gateway token (if required).
  • --password <password>: Gateway password (password auth).
  • --timeout <ms>: RPC timeout.
  • --json: JSON output (recommended for scripting).

Note: when you set --url, the CLI does not fall back to config or environment credentials. Pass --token or --password explicitly. Missing explicit credentials is an error.

Notes

  • Token rotation returns a new token (sensitive). Treat it like a secret.
  • These commands require operator.pairing (or operator.admin) scope.
  • devices clear is intentionally gated by --yes.
  • If pairing scope is unavailable on local loopback (and no explicit --url is passed), list/approve can use a local pairing fallback.