Issue Station
Sign In
Tools hereToolbox

openclaw - 💡(How to fix) Fix [Bug]: request.headers SecretRefs on model providers fail in embedded agent context with "unresolved SecretRef" error [2 comments, 2 participants]

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…
GitHub stats
openclaw/openclaw#77675Fetched 2026-05-06 06:23:10
View on GitHub
Comments
2
Participants
2
Timeline
2
Reactions
2
Author
nickytonlinenickytonline
Participants
clawsweeper[bot]clawsweeper[bot]nickytonlinenickytonline
Timeline (top)
commented ×2

In OpenClaw 2026.5.3, embedded agent turns fail with an "unresolved SecretRef" error for every provider in the model fallback chain — including providers that have no SecretRef configured — when any single provider has a request.headers SecretRef.

Error Message

Error: request.headers.X-Pomerium-Authorization: unresolved SecretRef "file:filemain:/providers/ollama/token". Resolve this command against an active gateway runtime snapshot before reading it.

Root Cause

The gateway transport path works because it runs inside the proper WebSocket request pipeline where a runtime snapshot is always available. The embedded agent pipeline appears to eagerly resolve SecretRefs across all model providers at request-init or diagnostic time, before a snapshot is attached to the execution context.

Fix Action

Fix / Workaround

Workarounds (both have significant downsides):

  1. Remove any provider with request.headers SecretRefs from the fallback chain entirely. This restores embedded agent function but makes those providers permanently unavailable from chat channels.
  2. Replace the SecretRef with a hardcoded plaintext header value. This unblocks embedded agent turns but stores the credential in plain text in openclaw.json, which is not recommended for production deployments.

Code Example

Error: request.headers.X-Pomerium-Authorization: unresolved SecretRef "file:filemain:/providers/ollama/token". Resolve this command against an active gateway runtime snapshot before reading it.

---

{
  "models": {
    "providers": {
      "ollama": {
        "baseUrl": "http://localhost:8080",
        "api": "ollama",
        "request": {
          "headers": {
            "X-Pomerium-Authorization": {
              "source": "file",
              "provider": "filemain",
              "id": "/providers/ollama/token"
            }
          }
        }
      }
    }
  },
  "agents": {
    "defaults": {
      "model": {
        "primary": "openai-codex/gpt-5.5",
        "fallbacks": ["github-copilot/gpt-5.5", "ollama/gemma4:e2b"]
      }
    }
  }
}

---

[diagnostic] lane task error: lane=main durationMs=... error="Error: request.headers.X-Pomerium-Authorization: unresolved SecretRef \"file:filemain:/providers/ollama/token\". Resolve this command against an active gateway runtime snapshot before reading it."
[model-fallback/decision] model fallback decision: decision=candidate_failed requested=openai-codex/gpt-5.5 candidate=openai-codex/gpt-5.5 reason=unknown next=github-copilot/gpt-5.5 detail=request.headers.X-Pomerium-Authorization: unresolved SecretRef "file:filemain:/providers/ollama/token". Resolve this command against an active gateway runtime snapshot before reading it.
[model-fallback/decision] model fallback decision: decision=candidate_failed requested=github-copilot/gpt-5.5 candidate=github-copilot/gpt-5.5 reason=unknown next=ollama/gemma4:e2b detail=request.headers.X-Pomerium-Authorization: unresolved SecretRef "file:filemain:/providers/ollama/token". Resolve this command against an active gateway runtime snapshot before reading it.
RAW_BUFFERClick to expand / collapse

Bug type

Behavior bug (incorrect output/state without crash)

Beta release blocker

No

Summary

In OpenClaw 2026.5.3, embedded agent turns fail with an "unresolved SecretRef" error for every provider in the model fallback chain — including providers that have no SecretRef configured — when any single provider has a request.headers SecretRef.

Steps to reproduce

  1. Configure one model provider (e.g. ollama) with a request.headers SecretRef in openclaw.json under models.providers.ollama.request.headers.
  2. Configure agents.defaults.model.fallbacks with a chain that includes that provider plus at least one provider that has no SecretRef (e.g. openai-codex/gpt-5.5, github-copilot/gpt-5.5).
  3. Start the OpenClaw gateway and confirm openclaw secrets audit --check --json reports zero unresolved refs and openclaw infer model run --model ollama/... --gateway succeeds.
  4. Send an inbound message from any embedded channel (Discord, WhatsApp, chat) to trigger an embedded agent turn.
  5. Observe that the turn fails before any model output with an "unresolved SecretRef" error logged against every provider in the fallback chain, including providers with no SecretRef.

Expected behavior

SecretRefs in models.providers.<name>.request.headers should be resolved lazily, per-provider, only when that provider is actually selected for a request. A SecretRef on provider A should never cause provider B (which has no SecretRef) to fail. The embedded agent pipeline should also attach a runtime snapshot before any config resolution occurs, consistent with the gateway transport path (which works correctly).

Actual behavior

All embedded agent turns fail with an error of the form:

Error: request.headers.X-Pomerium-Authorization: unresolved SecretRef "file:filemain:/providers/ollama/token". Resolve this command against an active gateway runtime snapshot before reading it.

This error fires for every provider in the fallback chain — including openai-codex and github-copilot, which have no request.headers SecretRef at all. The agent fails before producing any reply.

openclaw infer model run --model ollama/gemma4:e2b --gateway works correctly; SecretRefs resolve fine via the gateway WebSocket transport.

OpenClaw version

2026.5.3 (06d46f7)

Operating system

Ubuntu 24.04.4 LTS (GNU/Linux 6.8.0-111-generic x86_64)

Install method

Docker (custom docker-compose deployment)

Model

openai-codex/gpt-5.5 (primary); github-copilot/gpt-5.5, ollama/gemma4:e2b (fallbacks)

Provider / routing chain

embedded agent -> model fallback chain -> openai-codex / github-copilot / ollama

Additional provider/model setup details

Relevant config excerpt:

{
  "models": {
    "providers": {
      "ollama": {
        "baseUrl": "http://localhost:8080",
        "api": "ollama",
        "request": {
          "headers": {
            "X-Pomerium-Authorization": {
              "source": "file",
              "provider": "filemain",
              "id": "/providers/ollama/token"
            }
          }
        }
      }
    }
  },
  "agents": {
    "defaults": {
      "model": {
        "primary": "openai-codex/gpt-5.5",
        "fallbacks": ["github-copilot/gpt-5.5", "ollama/gemma4:e2b"]
      }
    }
  }
}

openclaw secrets audit --check --json reports zero unresolved refs. openclaw secrets reload --json succeeds with no warnings. Only embedded agent turns are affected; the gateway transport path resolves SecretRefs correctly.

Logs, screenshots, and evidence

[diagnostic] lane task error: lane=main durationMs=... error="Error: request.headers.X-Pomerium-Authorization: unresolved SecretRef \"file:filemain:/providers/ollama/token\". Resolve this command against an active gateway runtime snapshot before reading it."
[model-fallback/decision] model fallback decision: decision=candidate_failed requested=openai-codex/gpt-5.5 candidate=openai-codex/gpt-5.5 reason=unknown next=github-copilot/gpt-5.5 detail=request.headers.X-Pomerium-Authorization: unresolved SecretRef "file:filemain:/providers/ollama/token". Resolve this command against an active gateway runtime snapshot before reading it.
[model-fallback/decision] model fallback decision: decision=candidate_failed requested=github-copilot/gpt-5.5 candidate=github-copilot/gpt-5.5 reason=unknown next=ollama/gemma4:e2b detail=request.headers.X-Pomerium-Authorization: unresolved SecretRef "file:filemain:/providers/ollama/token". Resolve this command against an active gateway runtime snapshot before reading it.

The error subsystem logged is diagnostic, not the model provider itself, suggesting the SecretRef is being resolved eagerly at request-init or diagnostic time rather than at the point the ollama provider is actually invoked.

Impact and severity

  • Affected: Any operator using models.providers.<name>.request.headers with a SecretRef and that provider anywhere in agents.defaults.model.fallbacks (or per-agent fallback chains).
  • Severity: High — blocks all embedded agent turns from chat channels entirely, even when the SecretRef provider is last in the fallback chain and would never have been called.
  • Frequency: Reproducible on every embedded agent turn with the above config.
  • Consequence: Agents are completely non-functional from embedded channels (Discord, WhatsApp, etc.) despite the gateway and channel transports being healthy.

Additional information

Workarounds (both have significant downsides):

  1. Remove any provider with request.headers SecretRefs from the fallback chain entirely. This restores embedded agent function but makes those providers permanently unavailable from chat channels.
  2. Replace the SecretRef with a hardcoded plaintext header value. This unblocks embedded agent turns but stores the credential in plain text in openclaw.json, which is not recommended for production deployments.

Related issues with the same root-cause class (eager SecretRef resolution outside a live snapshot in the embedded agent pipeline):

  • #75433 — BUG: Embedded channel reply runs crash on SecretRef-backed Telegram/Discord credentials (channel credentials path)
  • #47519 — message tool crashes on unrelated channel SecretRef failures during schema probing (cross-contamination pattern)

The gateway transport path works because it runs inside the proper WebSocket request pipeline where a runtime snapshot is always available. The embedded agent pipeline appears to eagerly resolve SecretRefs across all model providers at request-init or diagnostic time, before a snapshot is attached to the execution context.

extent analysis

TL;DR

The issue can be fixed by lazily resolving SecretRefs per-provider, only when that provider is actually selected for a request, instead of eagerly resolving them at request-init or diagnostic time.

Guidance

  • Identify the providers in the fallback chain that have request.headers SecretRefs and consider removing them from the chain or replacing the SecretRef with a hardcoded plaintext header value as a temporary workaround.
  • Verify that the openclaw secrets audit --check --json command reports zero unresolved refs and openclaw secrets reload --json succeeds with no warnings to ensure that the SecretRefs are properly configured.
  • Investigate the embedded agent pipeline to determine why SecretRefs are being resolved eagerly, and consider modifying the pipeline to attach a runtime snapshot before resolving SecretRefs.
  • Review related issues (#75433 and #47519) to ensure that the root cause is addressed and the fix does not introduce similar problems in other areas.

Example

No code snippet is provided as the issue is related to the configuration and pipeline of the OpenClaw system, and the fix would require modifications to the underlying code or configuration files.

Notes

The provided workarounds have significant downsides, and a proper fix would require modifying the embedded agent pipeline to lazily resolve SecretRefs. The issue is specific to the OpenClaw 2026.5.3 version and may not be present in other versions.

Recommendation

Apply a workaround, such as removing providers with request.headers SecretRefs from the fallback chain or replacing the SecretRef with a hardcoded plaintext header value, until a proper fix can be implemented to lazily resolve SecretRefs per-provider. This will allow embedded agent turns to function, but it is not a recommended long-term solution due to security concerns.

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…

FAQ

Expected behavior

SecretRefs in models.providers.<name>.request.headers should be resolved lazily, per-provider, only when that provider is actually selected for a request. A SecretRef on provider A should never cause provider B (which has no SecretRef) to fail. The embedded agent pipeline should also attach a runtime snapshot before any config resolution occurs, consistent with the gateway transport path (which works correctly).

#api#conversation history#tool integration#LLM response#prompt template

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING

openclaw - 💡(How to fix) Fix [Bug]: request.headers SecretRefs on model providers fail in embedded agent context with "unresolved SecretRef" error [2 comments, 2 participants]