Gateway Guide
OpenClaw gateway setup and operations
This page covers OpenClaw gateway operations: start, status, dashboard access, auth tokens, and secure access. Use it to verify runtime health or fix connection issues.
If gateway fails to start, see troubleshooting. For full setup flow, start at OpenClaw setup.
Core command set
openclaw gateway status openclaw dashboard openclaw gateway --port 18789
What the gateway does in practice
- Hosts Control UI for local/remote operations.
- Runs agent sessions and tool orchestration.
- Handles auth and approvals for sensitive actions.
- Maintains runtime state and channel integrations.
Essential gateway workflow
1) Check runtime
openclaw gateway status
2) Open dashboard
openclaw dashboard
Default local URL is http://127.0.0.1:18789/.
3) Foreground debug mode (when needed)
openclaw gateway --port 18789
Useful for fast local debugging when service mode is unclear.
Auth and token basics
Dashboard authentication is enforced at websocket handshake. If UI reports unauthorized/1008, retrieve the active token and set it in dashboard settings.
openclaw config get gateway.auth.token openclaw doctor --generate-gateway-token
Secure access patterns
- Prefer localhost access for daily operations.
- For remote admin, use trusted private transport (Tailscale Serve / SSH tunnel).
- Avoid exposing Control UI on public internet. It is an admin surface.
Troubleshooting mini-playbook
Gateway not running
- Run
openclaw gateway status. - Run
openclaw doctorto detect config/runtime issues.
Port conflicts
- Test foreground start with explicit port:
openclaw gateway --port 18789. - If occupied, reconfigure port and restart service cleanly.
Dashboard unauthorized (1008)
- Confirm gateway reachability (
openclaw status). - Fetch token with
openclaw config get gateway.auth.token. - Paste token in dashboard settings and reconnect.
For broader setup failures, use the full OpenClaw setup troubleshooting guide.