openclaw devices

Manage device pairing requests and device-scoped tokens.

Commands

openclaw devices list

List pending pairing requests and paired devices.

openclaw devices list
openclaw devices list --json

openclaw devices approve <requestId>

Approve a pending device pairing request.

openclaw devices approve <requestId>

openclaw devices reject <requestId>

Reject a pending device pairing request.

openclaw devices reject <requestId>

openclaw devices rotate --device <id> --role <role> [--scope <scope...>]

Rotate a device token for a specific role (optionally updating scopes).

openclaw devices rotate --device <deviceId> --role operator --scope operator.read --scope operator.write

openclaw devices revoke --device <id> --role <role>

Revoke a device token for a specific role.

openclaw devices revoke --device <deviceId> --role node

Common options

  • --url <url>: Gateway WebSocket URL (defaults to gateway.remote.url when configured).
  • --token <token>: Gateway token (if required).
  • --password <password>: Gateway password (password auth).
  • --timeout <ms>: RPC timeout.
  • --json: JSON output (recommended for scripting).

Notes

  • Token rotation returns a new token (sensitive). Treat it like a secret.
  • These commands require operator.pairing (or operator.admin) scope.
Back to docs