OpenClaw 401 with OAuth token (x-api-key vs Bearer)
A regression in OpenClaw 2026.2.17 sends OAuth tokens as x-api-key instead of Authorization: Bearer, so OAuth users hit a 401; separately, context.id: true adds a beta header that 401s setup-token users. Pin a good build with openclaw@2026.2.15, or switch to an API key. If you set context.id: true with a setup token, set it to false - that alone resolves it.
Likely cause
A regression in OpenClaw 2026.2.17 sends OAuth tokens as x-api-key: <oauth-token> instead of Authorization: Bearer <oauth-token>, so OAuth users get a 401. Separately, setting context.id: true adds a beta header that triggers the same 401 for setup-token users.
The fix
- 1 Pin a known-good build: openclaw gateway stop && npm install -g openclaw@2026.2.15 && openclaw gateway start.
- 2 Or switch to an API key instead of OAuth.
- 3 If you set context.id: true with a setup token, set it to false - that alone resolves it.
npm install -g openclaw@2026.2.15Hit a different error?
Paste any agent error and get the cause and fix in seconds.
Frequently asked questions
My OAuth token is valid but I still get a 401. Why?
OpenClaw 2026.2.17 sends OAuth tokens in the wrong header (x-api-key instead of Authorization: Bearer), so the provider rejects them. Pin 2026.2.15, or switch to an API key, until the header bug is patched.
I'm on a setup token and enabled context.id. Is that related?
Yes. context.id: true adds a beta header that triggers the same 401 for setup-token users. Set it to false and the 401 clears on its own.
Should I switch from OAuth to an API key?
If you can, yes - the API-key path doesn't hit the header bug. Otherwise pin openclaw@2026.2.15 until the OAuth header regression is fixed upstream.
Stop firefighting agent errors
Decoding errors one at a time is the manual version of what BetterClaw automates. Run your OpenClaw agents hosted with managed models, retries and config validation built in.
$19/month per agent · BYOK · 7-day money-back guarantee