Issue Station
Sign In
Tools hereToolbox

openclaw - 💡(How to fix) Fix cli-backend dispatch regression in 2026.4.24: claude-cli/* models route through synthetic-OAuth API transport instead of spawning subprocess [1 comments, 2 participants]

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…
GitHub stats
openclaw/openclaw#71982Fetched 2026-04-27 05:36:29
View on GitHub
Comments
1
Participants
2
Timeline
2
Reactions
0
Author
darrenfondarrenfon
Participants
darrenfondarrenfonsteipetesteipete
Timeline (top)
closed ×1commented ×1

In OpenClaw 2026.4.24, agents.defaults.model.primary = "claude-cli/claude-sonnet-4-6" no longer triggers the cli-backend subprocess (claude -p). Instead the request is routed through the regular Anthropic provider transport using synthetic-OAuth auth (reading ~/.claude/.credentials.json and calling Anthropic's API directly). Anthropic correctly identifies that as a third-party app and returns a billing error, falling the request back through the configured fallbacks to OpenRouter.

The same configuration on 2026.4.23 spawns the actual claude -p subprocess and the request is served via the user's Claude Max subscription quota (no billing error).

Error Message

In OpenClaw 2026.4.24, agents.defaults.model.primary = "claude-cli/claude-sonnet-4-6" no longer triggers the cli-backend subprocess (claude -p). Instead the request is routed through the regular Anthropic provider transport using synthetic-OAuth auth (reading ~/.claude/.credentials.json and calling Anthropic's API directly). Anthropic correctly identifies that as a third-party app and returns a billing error, falling the request back through the configured fallbacks to OpenRouter. The same configuration on 2026.4.23 spawns the actual claude -p subprocess and the request is served via the user's Claude Max subscription quota (no billing error). error=LLM request rejected: "Third-party apps now draw from your extra usage, not your plan limits. rawError=400 {"type":"error","error":{"type":"invalid_request_error",...}}

Root Cause

In OpenClaw 2026.4.24, agents.defaults.model.primary = "claude-cli/claude-sonnet-4-6" no longer triggers the cli-backend subprocess (claude -p). Instead the request is routed through the regular Anthropic provider transport using synthetic-OAuth auth (reading ~/.claude/.credentials.json and calling Anthropic's API directly). Anthropic correctly identifies that as a third-party app and returns a billing error, falling the request back through the configured fallbacks to OpenRouter.

The same configuration on 2026.4.23 spawns the actual claude -p subprocess and the request is served via the user's Claude Max subscription quota (no billing error).

Fix Action

Workaround

Downgrade to 2026.4.23: npm install -g [email protected].

Code Example

{
  "agents": {
    "defaults": {
      "model": {"primary": "claude-cli/claude-sonnet-4-6", "fallbacks": []},
      "models": {"claude-cli/claude-sonnet-4-6": {}},
      "cliBackends": {"claude-cli": {"command": "claude"}},
      "embeddedHarness": {"runtime": "auto"}
    }
  }
}

---

[agent/cli-backend] cli exec: provider=claude-cli model=sonnet promptChars=45
[agent/cli-backend] claude live session start: provider=claude-cli model=claude-sonnet-4-6 activeSessions=1
[agent/cli-backend] claude live session turn: provider=claude-cli model=claude-sonnet-4-6 durationMs=13206 rawLines=13

---

[agent/embedded] embedded run agent end: runId=... provider=anthropic
  error=LLM request rejected: "Third-party apps now draw from your extra usage, not your plan limits.
                                Add more at claude.ai/settings/usage and keep going."
  rawError=400 {"type":"error","error":{"type":"invalid_request_error",...}}
[agent/embedded] auth profile failure state updated: profile=sha256:462c5b50d98c provider=claude-cli reason=billing
RAW_BUFFERClick to expand / collapse

Summary

In OpenClaw 2026.4.24, agents.defaults.model.primary = "claude-cli/claude-sonnet-4-6" no longer triggers the cli-backend subprocess (claude -p). Instead the request is routed through the regular Anthropic provider transport using synthetic-OAuth auth (reading ~/.claude/.credentials.json and calling Anthropic's API directly). Anthropic correctly identifies that as a third-party app and returns a billing error, falling the request back through the configured fallbacks to OpenRouter.

The same configuration on 2026.4.23 spawns the actual claude -p subprocess and the request is served via the user's Claude Max subscription quota (no billing error).

Reproduction (same machine, same ~/.claude/ Max OAuth, only OpenClaw version changes)

Config (~/.openclaw-test-old/openclaw.json):

{
  "agents": {
    "defaults": {
      "model": {"primary": "claude-cli/claude-sonnet-4-6", "fallbacks": []},
      "models": {"claude-cli/claude-sonnet-4-6": {}},
      "cliBackends": {"claude-cli": {"command": "claude"}},
      "embeddedHarness": {"runtime": "auto"}
    }
  }
}

claude auth status reports loggedIn: true, authMethod: claude.ai, subscriptionType: max.

On 2026.4.23 (works)

[agent/cli-backend] cli exec: provider=claude-cli model=sonnet promptChars=45
[agent/cli-backend] claude live session start: provider=claude-cli model=claude-sonnet-4-6 activeSessions=1
[agent/cli-backend] claude live session turn: provider=claude-cli model=claude-sonnet-4-6 durationMs=13206 rawLines=13

Session JSONL records {"api":"cli","provider":"claude-cli","model":"claude-sonnet-4-6","usage":{"input":3,"output":13,"cacheRead":11639,...}}.

On 2026.4.24 (fails)

[agent/embedded] embedded run agent end: runId=... provider=anthropic
  error=LLM request rejected: "Third-party apps now draw from your extra usage, not your plan limits.
                                Add more at claude.ai/settings/usage and keep going."
  rawError=400 {"type":"error","error":{"type":"invalid_request_error",...}}
[agent/embedded] auth profile failure state updated: profile=sha256:462c5b50d98c provider=claude-cli reason=billing

No [agent/cli-backend] lines emitted. Subprocess never spawned. Provider attempted is anthropic (not claude-cli).

Suspected cause

openclaw models auth login --provider anthropic --method cli --set-default (the documented onboarding command) writes:

  • agents.defaults.model.primary = "anthropic/<model>" (NOT claude-cli/<model>)
  • agents.defaults.embeddedHarness.runtime = "claude-cli" (which is invalid — claude-cli is a cli-backend ID registered via api.registerCliBackend() in dist/extensions/anthropic/register.runtime.js, not a harness id; fails registry lookup with "harness 'claude-cli' is not registered" and falls back to Pi)

Even when the user manually overrides primary to claude-cli/claude-sonnet-4-6 on 2026.4.24, the cli-backend dispatch in attempt-execution.runtime does not fire — the request is handled by the regular Anthropic provider transport using synthetic OAuth via resolveClaudeCliSyntheticAuth (register.runtime.js:240). Anthropic now identifies this path as a third-party app and rejects.

Files involved (paths in 2026.4.24)

  • dist/extensions/anthropic/cli-migration.js--method cli --set-default logic; writes the inconsistent config
  • dist/extensions/anthropic/register.runtime.js (lines ~147, 240, 282, 417) — synthetic-OAuth path + cliBackend registration + hookAlias
  • dist/attempt-execution.runtime-*.js (~line 314) — isCliProvider check that should dispatch to subprocess
  • dist/model-selection-cli-*.js (~lines 82-89) — isCliProvider predicate
  • dist/extensions/anthropic/cli-backend.js — subprocess invocation logic

Workaround

Downgrade to 2026.4.23: npm install -g [email protected].

Environment

  • OpenClaw 2026.4.24 (cbcfdf6)
  • Node 22.22.1
  • macOS Darwin 25.3.0 arm64
  • claude CLI: official install at /opt/homebrew/bin/claude, Max OAuth via claude login

extent analysis

TL;DR

The most likely fix is to revert the changes in attempt-execution.runtime.js and register.runtime.js that caused the cli-backend dispatch to fail, or to wait for an official patch for OpenClaw version 2026.4.24.

Guidance

  • Review the changes in dist/extensions/anthropic/cli-migration.js, register.runtime.js, and attempt-execution.runtime.js to understand how the cli-backend dispatch logic was altered.
  • Verify that the isCliProvider check in attempt-execution.runtime.js and model-selection-cli-*.js is correctly identifying the claude-cli provider.
  • Consider downgrading to OpenClaw version 2026.4.23 as a temporary workaround, as suggested in the issue.
  • Investigate the resolveClaudeCliSyntheticAuth function in register.runtime.js to see if it's correctly handling the synthetic OAuth auth for the claude-cli provider.

Example

No code snippet is provided as the issue is more related to the logic and configuration of the OpenClaw system rather than a specific code error.

Notes

The issue seems to be related to changes in the OpenClaw system that affect how the cli-backend dispatch is handled, particularly with the claude-cli provider. The exact fix may require a deeper understanding of the OpenClaw codebase and the changes made in version 2026.4.24.

Recommendation

Apply the workaround by downgrading to OpenClaw version 2026.4.23 using npm install -g [email protected], as this is the most straightforward solution provided in the issue.

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…
#api#indexing error#inference speed#output truncation#response parsing

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING

openclaw - 💡(How to fix) Fix cli-backend dispatch regression in 2026.4.24: claude-cli/* models route through synthetic-OAuth API transport instead of spawning subprocess [1 comments, 2 participants]