Issue Station
Sign In
Tools hereToolbox

openclaw - 💡(How to fix) Fix Health endpoint reports running=false for Discord accounts using env SecretRef tokens [1 participants]

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…
GitHub stats
openclaw/openclaw#57269Fetched 2026-04-08 01:51:50
View on GitHub
Comments
0
Participants
1
Timeline
2
Reactions
0
Author
tphibbs92tphibbs92
Participants
tphibbs92tphibbs92
Timeline (top)
closed ×1locked ×1

Root Cause

Traced to inspectConfiguredToken() in setup-core-Dsnd4Ql4.js:

  1. inspectConfiguredToken(accountConfig?.token) calls normalizeSecretInputString(value)
  2. normalizeSecretInputString returns undefined for non-string values (the token is a SecretRef object)
  3. Falls through to hasAccountToken check (true, key exists) → returns {tokenSource: "none", configured: false}
  4. The runtime's resolveDiscordToken() correctly handles SecretRef objects, but the health code path never reaches it

The health endpoint uses static config inspection that doesn't understand the {source: "env"} SecretRef format that the runtime itself resolves correctly.

Fix Action

Workaround

Use openclaw channels status instead of openclaw health --json for Discord account status verification.

Code Example

{
  "channels": {
    "discord": {
      "accounts": {
        "default": {
          "token": {
            "source": "env",
            "provider": "default",
            "id": "DISCORD_BOT_TOKEN"
          }
        }
      }
    }
  }
}

---

{
  "running": false,
  "tokenSource": "none",
  "username": "gordon-Freeclaw"
}

---

Discord default: enabled, configured, running, connected, bot:@gordon-Freeclaw, token:config
RAW_BUFFERClick to expand / collapse

Bug Description

openclaw health --json reports running: false and tokenSource: "none" for all Discord accounts, even when they are actively connected and operational.

Environment

  • OpenClaw v2026.3.24 (cff6dc9)
  • macOS 26.3.1 (Darwin 25.3.0, arm64)
  • Node v24.14.1
  • 4 Discord bot accounts configured via channels.discord.accounts

Token Configuration

Tokens are configured using SecretRef objects (env source):

{
  "channels": {
    "discord": {
      "accounts": {
        "default": {
          "token": {
            "source": "env",
            "provider": "default",
            "id": "DISCORD_BOT_TOKEN"
          }
        }
      }
    }
  }
}

Expected Behavior

openclaw health --json should report running: true and tokenSource: "env" when bots are connected.

Actual Behavior

openclaw health --json reports:

{
  "running": false,
  "tokenSource": "none",
  "username": "gordon-Freeclaw"
}

Meanwhile, openclaw channels status correctly reports:

Discord default: enabled, configured, running, connected, bot:@gordon-Freeclaw, token:config

Root Cause Analysis

Traced to inspectConfiguredToken() in setup-core-Dsnd4Ql4.js:

  1. inspectConfiguredToken(accountConfig?.token) calls normalizeSecretInputString(value)
  2. normalizeSecretInputString returns undefined for non-string values (the token is a SecretRef object)
  3. Falls through to hasAccountToken check (true, key exists) → returns {tokenSource: "none", configured: false}
  4. The runtime's resolveDiscordToken() correctly handles SecretRef objects, but the health code path never reaches it

The health endpoint uses static config inspection that doesn't understand the {source: "env"} SecretRef format that the runtime itself resolves correctly.

Workaround

Use openclaw channels status instead of openclaw health --json for Discord account status verification.

Files

  • dist/setup-core-Dsnd4Ql4.jsinspectConfiguredToken() (line ~10)
  • dist/ref-contract-BFBhfQKU.jsnormalizeSecretInputString() (line ~49)

extent analysis

Fix Plan

To fix the issue, we need to update the inspectConfiguredToken function to correctly handle SecretRef objects. Here are the steps:

  • Update the inspectConfiguredToken function to check if the token is a SecretRef object and resolve it accordingly.
  • Add a check for the source property in the token object to determine if it's an environment variable or a literal string.

Example code:

function inspectConfiguredToken(accountConfig) {
  const token = accountConfig?.token;
  if (token && token.source === 'env') {
    // Resolve the SecretRef object
    const resolvedToken = process.env[token.id];
    return { tokenSource: 'env', configured: true, token: resolvedToken };
  } else if (typeof token === 'string') {
    // Handle literal string tokens
    return { tokenSource: 'literal', configured: true, token };
  } else {
    // Handle unknown token types
    return { tokenSource: 'none', configured: false };
  }
}

Verification

To verify the fix, run the following command:

openclaw health --json

The output should now correctly report running: true and tokenSource: "env" for Discord accounts with SecretRef objects.

Extra Tips

  • Make sure to update the setup-core-Dsnd4Ql4.js file with the corrected inspectConfiguredToken function.
  • If you're using a version control system, commit the changes and test the fix in a staging environment before deploying to production.

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…
#logging issue#authentication issue#prompt issue#agent setup#task chaining

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING

openclaw - 💡(How to fix) Fix Health endpoint reports running=false for Discord accounts using env SecretRef tokens [1 participants]