Settings

Auth & Access

Gateway connection, operator identity, device pairing, and scopes.

Where credentials live

Gateway URL — localStorage. Persists across reloads.
Auth token — memory only by default; sessionStorage when Remember on this tab is checked. Never written to localStorage.
Device private key — IndexedDB as a non-extractable CryptoKey. The bytes never appear in the JS heap.
Device public record — localStorage. Just the deviceId and public key; not a secret.

Connection

Live Gateway endpoint and session status.

Editable via modalDisconnected

Gateway URL

wss://daemon.myrakilabs.com

Token

Not configured

Token storage

Memory only — cleared on reload

Client identity

What this console sends in the connect handshake.

Read-only

Client id

openclaw-control-ui

Client mode

webchat

Platform

web

Version

0.1.0

Role

operator

Scopes

operator.readoperator.writeoperator.approvals

Authentication is who this device is (client id + device keypair). Authorization is what this connection is allowed to do (scopes). They are signed together into every connect handshake.

Device identity

Ed25519 keypair this browser uses to sign handshakes.

Read-only

Loading device identity…

Gateway capabilities

What this Gateway advertised in hello-ok.

Read-only

Protocol

Not yet received

Capabilities

None advertised yet

Paired devices

Other devices the Gateway knows about.

Connect to a Gateway to list paired devices.

Settings

Auth & Access

Connection

Client identity

Device identity

Gateway capabilities

Paired devices

Command Palette