OpenClaw API Keys: Connect OpenAI, Claude, Gemini, and More

Connect multiple AI models safely, avoid auth errors, control costs, and keep workflows running without provider failures breaking your agent.

Why API Keys Matter in OpenClaw

API keys let OpenClaw connect with AI model providers such as OpenAI, Claude, Gemini, OpenRouter, Groq, and other compatible APIs.

In simple words, API keys decide:

  • Which AI models OpenClaw can use
  • Whether your workflows can run
  • How much each request costs
  • Which provider handles coding, research, chat, or automation
  • Whether fallback models are available when one provider fails

A wrong API key does not only break chat replies. It can break browser actions, scheduled workflows, coding agents, research tasks, and tool-based automation. That is why setting up API keys properly matters before running serious OpenClaw workflows.

API Key Setup Is Different for Every Provider

Not every provider uses the same setup. Some only need an API key. Others need a base URL, model name, billing access, or project-level permission.

Provider TypeWhat You Usually Need
OpenAI-compatible APIsAPI key, base URL, model name
Claude / AnthropicAPI key, billing, model access
GeminiAPI key, project access, model name
OpenRouterAPI key, model slug, route access
GroqAPI key and supported model
Local modelsLocal host URL, port, installed model

This is where many users make mistakes. They add a key, forget the model name or base URL, then wonder why OpenClaw behaves like a haunted calculator.

Before You Add API Keys

Before connecting any provider, check these basics:

  • Create an account with the provider
  • Generate a fresh API key
  • Confirm billing or free credits are active
  • Check that your selected model is available
  • Copy the key without extra spaces
  • Keep the key private
  • Never commit API keys to GitHub
  • Use .env or environment variables where possible

Add your .env file to .gitignore:

echo ".env" >> .gitignore

This prevents your API keys from being pushed to a public repository. Simple, boring, and it protects paid credentials from strangers on the internet.

Recommended API Key Format for OpenClaw

A clean .env file keeps provider setup easier to manage.

Example:

OPENAI_API_KEY=your_openai_key ANTHROPIC_API_KEY=your_anthropic_key GEMINI_API_KEY=your_gemini_key OPENROUTER_API_KEY=your_openrouter_key GROQ_API_KEY=your_groq_key

For OpenAI-compatible providers, you may also need a base URL and model name:

CUSTOM_PROVIDER_API_KEY=your_provider_key CUSTOM_PROVIDER_BASE_URL=https://api.provider.com/v1 CUSTOM_PROVIDER_MODEL=model-name
ValuePurpose
API keyProves your account has access
Base URLTells OpenClaw where to send requests
Model nameTells OpenClaw which model to use

If any one of these is wrong, OpenClaw may return no output, model errors, or authentication failures. For deeper no-output debugging, see our model not responding fix guide.

How to Add API Keys in OpenClaw

You can add API keys through the OpenClaw dashboard or through environment variables, depending on your setup.

Option 1: Add API Keys Through OpenClaw Settings

Use this method if your OpenClaw setup has a dashboard or provider settings page.

Steps:

  1. Open the OpenClaw dashboard
  2. Go to model or provider settings
  3. Select your provider
  4. Paste the API key
  5. Add the base URL if required
  6. Select the model
  7. Save the configuration
  8. Test the provider before running workflows
Option 2: Add API Keys Through Environment Variables

Use this method if you are running OpenClaw on a VPS, local machine, or server setup.

Open your .env file:

nano ~/.openclaw/.env

Add your provider keys:

OPENAI_API_KEY=your_openai_key ANTHROPIC_API_KEY=your_anthropic_key GEMINI_API_KEY=your_gemini_key OPENROUTER_API_KEY=your_openrouter_key GROQ_API_KEY=your_groq_key

Save the file, then restart the OpenClaw gateway so it picks up the new values:

openclaw gateway restart

If your setup runs OpenClaw as a systemd service, restart the service instead:

sudo systemctl restart openclaw

After restart, OpenClaw should load the new provider keys.

Set the Default Provider and Model

Adding API keys is not enough. You also need to make sure OpenClaw knows which model to use by default.

List available models:

openclaw models list

Set your default model with openclaw config set:

openclaw config set agents.defaults.model.primary <provider>/<model-name>

Example:

openclaw config set agents.defaults.model.primary anthropic/claude-opus-4-6

Verify the change:

openclaw config get agents.defaults.model

The default model is used when a workflow does not specify a model manually.

For better results, use different models for different tasks:

TaskRecommended Model Type
Simple chatFast, low-cost model
SummariesMid-range model
CodingStrong reasoning model
ResearchLarge-context model
Browser automationReliable tool-calling model

This helps reduce cost and improves workflow quality. See our switch AI model guide for a deeper walkthrough of changing the default model, and our best AI model for OpenClaw comparison for concrete picks.

Set Provider Fallbacks

A fallback provider helps OpenClaw continue working when the primary provider fails.

Provider failures can happen because of:

  • Rate limits
  • Billing problems
  • Expired API keys
  • Temporary provider outage
  • Wrong model name
  • Region restrictions
  • Permission errors

Example fallback strategy:

Workflow TypePrimary ProviderFallback Provider
Coding agentClaude or OpenAIOpenRouter
Fast chat tasksGroqOpenAI-compatible provider
Research workflowsGemini or OpenAIClaude
Low-cost automationSmall modelLarger model only when needed

A fallback provider prevents one failed key from killing the full workflow. It is a small setup step that saves you from very stupid debugging sessions later. If you keep hitting quota errors, see our API rate limit fix guide.

Tired of juggling provider keys and restarts?

Ampere.sh runs OpenClaw with provider auth already wired up. Add your key or use pooled credits, no gateway restarts, no env file editing.

How to Test Every API Key

Do not assume a provider works just because you pasted a key. Test it.

Test 1: Check Available Models
openclaw models list

This checks whether OpenClaw can detect your provider and available models.

Test 2: Confirm Provider Auth
openclaw models status

This shows which providers are authenticated and where each key is loaded from (env, config, or profile).

Test 3: Run a Simple Reply Test

Send a one-line prompt to OpenClaw:

Reply with the active provider name and model name in one sentence.

This confirms the API key and model are working end to end.

Test 4: Run a Tool-Calling Test

Use this prompt:

Create a short task plan with 3 steps and ask for approval before taking action.

This checks whether the selected model can follow agent-style instructions.

Test 5: Run a Long Context Test

Use this prompt:

Summarize this long input into 5 bullets and keep the original meaning.

This helps test whether the model handles longer inputs correctly.

TestWhat It Checks
Model listProvider connection
Models statusAuth source and validity
Simple replyAPI key validity
Tool-calling testAgent reliability
Long context testContext handling

Common API Key Problems and Fixes

ProblemWhat It MeansFix
Invalid API keyKey is wrong, expired, or copied badlyRegenerate the key and paste it again
No outputProvider is connected but model failedCheck model name and logs
Model not foundWrong model IDUse the exact provider model name
401 errorAuthentication failedCheck API key and account access
403 errorKey exists but lacks permissionEnable API access or billing
429 rate limitToo many requestsUse fallback or upgrade limits
Billing requiredProvider requires payment methodAdd billing or use another provider
Empty tool outputModel is weak at tool useSwitch to a better tool-capable model

If OpenClaw still fails after fixing the key, check logs:

openclaw logs --follow

Or, if OpenClaw runs as a systemd service:

journalctl -u openclaw -f

Logs usually show whether the issue is authentication, billing, rate limit, or wrong model name.

Provider-Specific Notes

OpenAI

OpenAI-compatible setup usually needs:

  • API key
  • Correct model name
  • Billing enabled
  • Supported endpoint

Use OpenAI for general tasks, tool workflows, coding, and automation.

Claude / Anthropic

Claude is useful for reasoning, coding, writing, and agent workflows.

Check:

  • API key is active
  • Billing is enabled
  • Your account has access to the selected model
  • Model name is correct

Claude may fail if your key is valid but model access is not enabled.

Gemini

Gemini is useful for research, long-context work, and multimodal tasks.

Check:

  • API key is active
  • API access is enabled
  • Project permissions are correct
  • Model name matches the provider documentation

Wrong project setup can cause errors even when the key looks valid.

OpenRouter

OpenRouter is useful when you want access to many models through one API key.

Check:

  • OpenRouter API key is valid
  • Model slug is correct
  • Selected model is available
  • Credits or billing are active

OpenRouter is good for fallback routing, but model quality can vary depending on the selected provider.

Groq

Groq is useful for fast responses and low-latency workflows.

Check:

  • API key is valid
  • Model is supported
  • Workflow does not require advanced reasoning beyond the model's strength

Groq is fast, but not every fast model is ideal for complex agent workflows.

Local Models / Ollama

Local models usually do not need external API keys.

Check:

  • Ollama or local runtime is running
  • Model is installed
  • Host URL and port are correct
  • Model can handle OpenClaw workflow requirements

Example Ollama check:

ollama list

Run a model manually:

ollama run model-name

Local models can reduce API cost, but weaker models may fail at tool calling. Free is nice until your agent starts producing nonsense with confidence. For a full walkthrough, see our set up Ollama with OpenClaw guide.

API Key Security Best Practices

API keys are sensitive. Treat them like passwords.

Follow these rules:

  • Never paste keys in public chats
  • Never commit .env files
  • Use separate keys for development and production
  • Rotate leaked keys immediately
  • Delete unused keys
  • Use provider spending limits
  • Review usage logs regularly

Before pushing code, check staged files:

git status

Check what will be committed:

git diff --cached

If .env appears, stop and remove it from Git tracking:

git rm --cached .env

Then commit again after confirming the key file is not included.

Cost Control When Using Multiple Providers

Using multiple providers gives OpenClaw more flexibility, but it can also increase cost if you route everything to expensive models.

Use this simple strategy:

WorkflowBest Model Choice
RemindersLow-cost fast model
Short summariesMid-range model
Coding / debuggingStrong reasoning model
Browser automationReliable tool-calling model
Long researchLarge-context model
Final reviewStronger model

Cost control tips:

  • Use cheap models for simple tasks
  • Use stronger models only when needed
  • Set spending limits in provider dashboards
  • Avoid sending huge context to expensive models
  • Use fallback models carefully
  • Review provider usage weekly

The goal is not to use the strongest model for everything. That is how people turn a simple automation into a billing crime scene. For a deeper look at token usage and cost, see our token usage and cost control guide.

When Manual API Key Setup Becomes Annoying

Manual setup is fine if you want full control. But it can become painful when you need to manage:

  • Multiple .env files
  • Provider-specific settings
  • Server restarts
  • Gateway issues
  • Expired keys
  • Failed workflows
  • Rate limits
  • Uptime
  • Logs and monitoring

This is where many users stop building workflows and start debugging infrastructure instead. Very productive, if your goal is sadness.

Easier Option: Run OpenClaw on Ampere.sh

If you want OpenClaw running without managing servers, ports, gateway setup, uptime, or manual provider configuration, use Ampere.sh.

With Ampere.sh, you can deploy OpenClaw in a managed environment, connect model providers, and start running workflows without spending hours fixing setup issues.

Use Ampere.sh if you want:

  • Managed OpenClaw hosting
  • Faster setup
  • Easier provider configuration
  • Always-on workflows
  • Less server maintenance
  • Fewer gateway and port issues
  • A cleaner path from setup to real automation

Run OpenClaw on Ampere.sh and spend less time fixing keys, configs, and failed provider connections.

Frequently Asked Questions

What API keys do I need for OpenClaw?
You need API keys for the model providers you want to use, such as OpenAI, Claude, Gemini, OpenRouter, Groq, or other OpenAI-compatible providers.
Can I use multiple API providers in OpenClaw?
Yes. Using multiple providers can improve reliability, reduce cost, and give OpenClaw fallback options when one provider fails.
Why is my OpenClaw API key not working?
Common reasons include a wrong key, expired key, missing billing, wrong model name, missing base URL, or provider permission issues.
Can I use OpenRouter with OpenClaw?
Yes. OpenRouter can be useful when you want access to many models through one API key. Make sure you use the correct model slug.
How do I safely store OpenClaw API keys?
Store keys in environment variables or a .env file. Never commit keys to GitHub, and rotate keys immediately if they leak.
Do I need to restart OpenClaw after adding an API key?
Usually yes. If OpenClaw loads keys from environment variables or the .env file at startup, restart the gateway so it picks up the new value.
Which provider should I pick first?
Start with whichever provider you already have credits or an account on. Anthropic Claude and OpenAI are good defaults for agent workflows. Add OpenRouter or Groq later for fallback or low-cost tasks.

Also Read

How to Switch AI Models in OpenClaw Easily
Guide

How to Switch AI Models in OpenClaw Easily

OpenClaw Model Not Responding: Fix No Output & Empty Replies
Troubleshooting

OpenClaw Model Not Responding: Fix No Output & Empty Replies

Best AI Model for OpenClaw: Compare Pricing & Features
Guide

Best AI Model for OpenClaw: Compare Pricing & Features

Michael Park

Written by

Michael Park

Senior Technical Writer & DevRel

Michael creates comprehensive installation and setup guides for developers and system administrators. With experience across Linux, macOS, Windows, and embedded systems, he has written over 200 technical tutorials used by millions of developers. He focuses on clear, step-by-step instructions that work the first time, covering everything from Raspberry Pi to enterprise servers.

Skip the provider key juggling

Managed OpenClaw on Ampere.sh handles API keys, gateways, and restarts so you can focus on real workflows. 7-day free trial.

Start Free Trial