Workaround for OpenClaw Claude Access via Claude Code CLI
Workaround for Maintaining Claude Access in OpenClaw
A Reddit user has documented a workaround for maintaining Claude subscription access in OpenClaw after Anthropic cut off direct access for third-party harnesses. The method involves routing OpenClaw requests through the Claude Code CLI, which remains covered by existing Claude subscriptions.
Key Steps from the Source
The workaround requires several configuration steps:
- Install Claude Code CLI globally:
npm install -g u/anthropic-ai/claude-code - Verify installation with
claude --version - Generate a setup token by running
claude setup-tokenon a machine with a browser (not on a headless server) - Use the OAuth token (starting with
sk-ant-oat01-) with theCLAUDE_CODE_OAUTH_TOKENenvironment variable, notANTHROPIC_API_KEY - Add the token to
~/.bashrcasCLAUDE_CODE_OAUTH_TOKEN - Test the token with:
CLAUDE_CODE_OAUTH_TOKEN="<token>" claude -p "Say: TEST_OK" --output-format text(should print TEST_OK) - Update all
anthropic:*profiles in~/.openclaw/agents/main/agent/auth-profiles.jsonwith the new token using python3 - Run these OpenClaw configuration commands:
openclaw config set plugins.entries.acpx.enabled true openclaw config set plugins.entries.acpx.config.permissionMode approve-all openclaw config set acp.enabled true openclaw config set acp.backend acpx openclaw config set acp.defaultAgent claude openclaw config set 'acp.allowedAgents' '["claude"]' --json
- Create a systemd override at
~/.config/systemd/user/openclaw-gateway.service.d/claude-oauth.confwith theCLAUDE_CODE_OAUTH_TOKEN - Reload and restart the service:
systemctl --user daemon-reload && systemctl --user restart openclaw-gateway - Verify the gateway is running and authentication shows the new token
Important Notes
The source notes several critical implementation details:
- The token is an OAuth token that must be used with the
CLAUDE_CODE_OAUTH_TOKENenvironment variable - Do not run
claude setup-tokenon a headless server as it requires a browser - Do not write to
~/.claude/.credentials.jsonas it doesn't work—the environment variable is the only reliable method - Update
auth-profiles.jsondirectly with python3 instead of using the interactiveopenclaw models auth paste-tokencommand, which hangs on headless servers - The workaround adds an extra hop through the CLI, making it slightly slower
- Anthropic could patch this method in the future
📖 Read the full source: r/openclaw
👀 See Also
Three Essential OpenClaw Skills for a Stable Setup: Memory, Security, and Discovery
A Reddit post recommends installing three specific types of OpenClaw skills first: a memory fix skill to prevent context loss, a local security vetting skill to check for malicious code, and a curated discovery hub to find maintained tools.
Resolving Disconnection Issues in OpenClaw Control UI
Learn how to solve the 'Disconnected (1008): control ui requires HTTPS or localhost' error when using OpenClaw on a Hostinger VPS.
Mac Mini M4 Pro vs Mac Studio M4 Max for Local LLM Inference – Key Considerations
A developer compares Mac Mini M4 Pro (12C CPU/16C GPU, 273 GB/s) vs Mac Studio M4 Max (16C CPU/40C GPU, 546 GB/s), both 64GB/1TB, for local inference with Gemma 4 and Qwen. Key question: is the bandwidth jump worth $600?
Fix for Running OpenClaw on Android via proot Ubuntu: Hijack networkInterfaces() to Resolve uv_interface_addresses Error 13
A developer shares a fix for running OpenClaw 2026.3.13 on Android 16 via Termux and proot Ubuntu 25.10, where the app crashes with 'uv_interface_addresses returned Unknown system error 13'. The solution is a JavaScript hijack script that overrides os.networkInterfaces().