Complete Guide to Deploying OpenClaw on Alibaba Cloud
Covers Alibaba Cloud Bailian model configuration, full-platform access for Feishu / DingTalk (traditional bot + DEAP advanced solution) / QQ / Discord, Qoder CLI integration, as well as advanced configuration and O&M.
⚠️ Security Warning
Before you start, please read the following precautions carefully:
- Never deploy OpenClaw on your primary personal computer - it has high file system and command execution permissions
- Be sure to use a cloud server (such as Alibaba Cloud ECS) for deployment to isolate it from your local environment
- Protect your API keys properly - use environment variables or secret vaults, do not hardcode them in code
- Use strong random tokens to restrict Gateway access, avoid using simple passwords
- Rotate credentials regularly - especially application keys for platforms such as DingTalk/Feishu/QQ
Usage Scenarios
- Deploy OpenClaw AI assistant from scratch on Alibaba Cloud ECS server
- Talk to AI through DingTalk (Stream bot or DEAP advanced solution)
- Access OpenClaw through Feishu, QQ or Discord
- Configure Alibaba Cloud Bailian Coding Plan as the AI inference backend
- Register Qoder CLI as ACP Agent to implement code development in DingTalk/Feishu
Examples
bash
# Install OpenClaw
curl -fsSL https://clawd.bot/install.sh | bash
# Start Gateway
openclaw gateway --port 18789 --verbose
# Interactive configuration of models and channels
openclaw onboard
# View all channel status
openclaw channel list
# View real-time logs
tail -f /tmp/openclaw-gateway.log
Precautions
- Never deploy on your primary local computer, be sure to use a cloud server (such as Alibaba Cloud ECS)
- DingTalk applications must complete the "version release" process, saving configuration only will not take effect
- DingTalk Client Secret, Bailian API Key, QQ bot key are only displayed once, please save them immediately
- Feishu integration requires the "WebSocket persistent connection" mode, do not use HTTP callbacks
- DingTalk DEAP solution requires running Connector on the same server, ensure port 18789 is locally accessible
- It is recommended to configure random strong token authentication for Gateway ()
Overview
This guide will walk you through a complete cloud deployment of OpenClaw, enabling conversations with the AI assistant through multiple IM platforms, and optional access to Qoder CLI for code development.
Overall Architecture:
┌────────────────────────────────────────────────────────────┐
│ User Layer │
│ ┌────────┐ ┌────────┐ ┌──────┐ ┌─────────┐ │
│ │ Feishu │ │DingTalk│ │ QQ │ │ Discord │ │
│ └───┬────┘ └───┬────┘ └──┬───┘ └────┬────┘ │
└──────┼───────────┼──────────┼───────────┼─────────────────┘
│ │ │ │
└───────────┴──────────┴───────────┘
│
Stream / WebSocket
│
┌─────────────────────────────▼──────────────────────────────┐
│ OpenClaw Gateway :18789 │
│ ┌──────────────────────────────────────────────────────┐ │
│ │ ACP Protocol Layer │ │
│ │ ┌──────────┐ ┌──────────┐ ┌──────────┐ │ │
│ │ │ acpx │ │ Scheduler│ │Session Mgmt│ │ │
│ │ └──────────┘ └──────────┘ └──────────┘ │ │
│ └──────────────────────────────────────────────────────┘ │
│ ┌──────────────────────────────────────────────────────┐ │
│ │ Channel Connector Layer (Feishu / DingTalk / QQ / Discord) │ │
│ └──────────────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────┘
│
Alibaba Cloud Bailian API / Qoder CLI
Deployment Steps Overview:
- Purchase and configure Alibaba Cloud ECS server
- Install Node.js and OpenClaw
- Configure Alibaba Cloud Bailian model (Coding Plan)
- Configure Gateway external access and authentication
- Configure ACP protocol support
- Install and configure Qoder CLI (optional)
- Access IM platforms (Feishu / DingTalk / QQ / Discord)
Prerequisites
Required Accounts and Permissions
- Alibaba Cloud account
- Alibaba Cloud Bailian account (for model API)
- Developer/Administrator account for the target IM platform
Required Software (Local)
- SSH client
- Modern browser (for accessing each platform's developer console)
Phase 1: Alibaba Cloud Server Purchase and Configuration
1.1 Recommended Server Configuration
| Configuration Item | Minimum Requirement | Recommended Configuration |
|---|
| CPU | 2 vCPU | 2 vCPU |
| Memory | 2 GiB | 4 GiB |
| Disk | 20 GB SSD | 40 GB ESSD |
| Bandwidth | 1 Mbps | 20 Mbps+ |
| Operating System | Ubuntu 22.04 / CentOS 8 | Alibaba Cloud Linux 3 |
| Region | Any | Northern Virginia, USA / Hong Kong, China (low latency for accessing AI services) |
1.2 Purchase Method
Method 1: Quick deployment via Compute Nest (recommended for beginners)
Visit Alibaba Cloud Compute Nest to deploy the pre-configured environment with one click:
Follow the page guide: Select region → Select instance specification → Configure network and security group → Confirm creation.
Method 2: Manually purchase ECS instance
- Visit Alibaba Cloud ECS Console
- Click "Create Instance"
- Key options:
- Image: Alibaba Cloud Linux 3 / Ubuntu 22.04 (you can directly select the OpenClaw application image if available)
- Instance specification: (2 vCPU 4 GiB) or higher
- System disk: 40 GB ESSD
- Public IP: Allocate public IPv4
- Bandwidth: Pay-by-traffic or fixed bandwidth (at least 1 Mbps)
- Configure security group (see below)
- Set login credentials (key pair is recommended)
- Confirm and create
1.3 Configure Security Group Rules
| Port | Protocol | Purpose | Authorization Object |
|---|
| 22 | TCP | SSH remote connection | Your IP address |
| 18789 | TCP | OpenClaw Gateway | 0.0.0.0/0 |
Configuration Steps:
- ECS Console → Find the instance → Click "Security Group"
- "Configure Rules" → "Inbound Direction" → "Add Manually" the above rules
1.4 Connect to the Server
bash
# Login with password
ssh root@<your server public IP>
# Login with key
ssh -i /path/to/your-key.pem root@<your server public IP>
# Or via Alibaba Cloud Console web terminal:
# ECS Console → Instance Details → Remote Connection
Phase 2: Install Node.js and OpenClaw
2.1 Install Node.js (nvm recommended)
bash
# Install nvm
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash
source ~/.bashrc
# Install Node.js 22 LTS
nvm install 22
nvm use 22
node -v # Verification: should output v22.x.x
2.2 Install OpenClaw
Method 1: Via official installation script (recommended)
bash
curl -fsSL https://clawd.bot/install.sh | bash
Method 2: Global installation via npm
Verify installation:
bash
openclaw --version
# Expected output: version number such as "2026.1.x"
# If the command is not found, try the old name: clawdbot --version
2.3 Start OpenClaw Gateway
bash
# Method 1: Start in foreground (for debugging)
openclaw gateway --port 18789 --verbose
# Method 2: Start in background
nohup setsid openclaw gateway --port 18789 --verbose > /tmp/openclaw-gateway.log 2>&1 &
# Check status
systemctl --user status openclaw-gateway.service
# Or
openclaw gateway status
Phase 3: Configure Alibaba Cloud Bailian Model (Coding Plan)
3.1 Purchase Coding Plan Package
| Package | First Month Price | Subsequent Monthly Price | Monthly Requests |
|---|
| Lite Basic Version | ¥7.9 | ¥40/month | 18,000 times |
| Pro Advanced Version | ¥39.9 | ¥200/month | 90,000 times |
- Visit Alibaba Cloud Bailian Console
- Navigate to "Coding Plan" or "Subscription Packages"
- Select Lite or Pro to complete payment
3.2 Obtain API Credentials
- Base URL (fixed):
https://coding.dashscope.aliyuncs.com/v1
- API Key Format:
Obtainment Steps:
- Log in to Alibaba Cloud Bailian Console
- Go to "Key Management" or "API Keys"
- Click "Create API Key"
- Copy and save immediately - you cannot view it again after closing the page
Supported Models:
- - General scenarios (recommended for beginners)
- - Advanced reasoning
- - Code generation (if available)
- - Chinese optimized
3.3 Configure OpenClaw to Use Bailian
Method 1: Interactive Guide
Follow the prompts:
- Select "Add custom model provider"
- Provider ID:
- Base URL:
https://coding.dashscope.aliyuncs.com/v1
- API Key: Paste
- API Type:
- Add model:
- Set as default model
Method 2: Manually edit configuration file
Edit
~/.openclaw/openclaw.json
:
json
{
"models": {
"providers": {
"bailian": {
"baseUrl": "https://coding.dashscope.aliyuncs.com/v1",
"apiKey": "sk-sp-YOUR_KEY_HERE",
"api": "openai-completions",
"models": [
{
"id": "qwen3.5-plus",
"name": "Qwen 3.5 Plus",
"reasoning": true,
"input": ["text"],
"contextWindow": 32000,
"maxTokens": 4096
}
]
}
}
},
"agents": {
"defaults": {
"model": {
"primary": "bailian/qwen3.5-plus"
}
}
}
}
Phase 4: Configure Gateway External Access and Authentication
When you need to access the Gateway through DingTalk DEAP or other external services, you need to configure authentication and HTTP endpoints.
4.1 Generate Strong Authentication Token
bash
openssl rand -hex 24
# Example output: a3f7c2e1d4b5a6c7d8e9f0a1b2c3d4e5f6a7b8c9d0e1f2a3
4.2 Update Gateway Configuration
Edit
~/.openclaw/openclaw.json
, add the
section:
json
{
"gateway": {
"port": 18789,
"mode": "local",
"bind": "loopback",
"controlUI": {
"allowInsecureAuth": false
},
"auth": {
"mode": "token",
"token": "Fill in the strong token generated in the previous step here"
},
"http": {
"endpoints": {
"chatCompletions": {
"enabled": true
}
}
}
}
}
4.3 Restart Gateway
bash
openclaw gateway restart
# Or manual restart:
pkill -f "openclaw gateway"
nohup setsid openclaw gateway --port 18789 --verbose > /tmp/openclaw-gateway.log 2>&1 &
4.4 Verify Gateway is Running Properly
bash
curl http://127.0.0.1:18789/health
# Should return {"status":"ok"} or similar response
Phase 5: Configure ACP Protocol Support
ACP (Agent Client Protocol) allows OpenClaw to schedule multiple AI Agents.
5.1 Install and Enable ACPX Plugin
bash
# Install ACPX plugin
openclaw plugins install @openclaw/acpx
# Enable plugin
openclaw config set plugins.entries.acpx.enabled true
5.2 Configure ACP Parameters
bash
# Enable ACP
openclaw config set acp.enabled true
# Enable ACP dispatch
openclaw config set acp.dispatch.enabled true
# Set backend to acpx
openclaw config set acp.backend "acpx"
# Set default Agent
openclaw config set acp.defaultAgent "openclaw"
# Set allowed Agents
openclaw config set acp.allowedAgents '["openclaw","claude","codex","opencode","gemini"]'
# Set maximum concurrent sessions
openclaw config set acp.maxConcurrentSessions 8
5.3 Restart Gateway for Configuration to Take Effect
5.4 Verify ACP Configuration
bash
openclaw config get acp --raw
# Should output:
# {
# "enabled": true,
# "dispatch": { "enabled": true },
# "backend": "acpx",
# "defaultAgent": "openclaw",
# "allowedAgents": [...]
# }
Phase 6: Install and Configure Qoder CLI (Optional)
If you want to develop code through Qoder, you can install Qoder CLI and register it as an ACP Agent.
6.1 Install Qoder CLI
bash
npm install -g @qoder-ai/qodercli
# Verify installation
qodercli --version
6.2 Configure Qoder CLI Authentication
Method 1: Environment variable (temporary)
bash
export QODER_PERSONAL_ACCESS_TOKEN="your-api-key-here"
qodercli status # Verify login
Method 2: Persistent configuration file
bash
mkdir -p ~/.config/qoder
cat > ~/.config/qoder/config.json << 'EOF'
{
"api_key": "your-api-key-here"
}
EOF
6.3 Configure acpx to Support Qoder
bash
mkdir -p ~/.acpx
cat > ~/.acpx/config.json << 'EOF'
{
"agents": {
"qoder": {
"command": "env QODER_PERSONAL_ACCESS_TOKEN=your-api-key-here qodercli --acp"
}
},
"defaultAgent": "qoder",
"defaultPermissions": "approve-all"
}
EOF
6.4 Register Qoder to ACP
bash
# Add qoder to allowed Agents list
openclaw config set acp.allowedAgents '["openclaw","qoder","claude","codex","opencode","gemini"]'
# Optional: Set qoder as default Agent
openclaw config set acp.defaultAgent "qoder"
# Restart Gateway
openclaw gateway restart
6.5 Test Qoder CLI
bash
qodercli -p "hello" --max-turns 1
# If a result is returned, Qoder CLI is working properly
Phase 7: Feishu Bot Integration
7.1 Create Feishu Enterprise Self-built Application
- Visit Feishu Open Platform
- Click "Create Application" → Select "Enterprise Self-built"
- Fill in the application name (such as "OpenClaw Assistant") and description
- Record App ID and App Secret immediately
7.2 Configure Required Permissions
Go to the application "Permission Management" and enable the following permissions:
contact:user.base:readonly Get basic user information
im:message Read messages
im:message:send_as_bot Send messages (as Bot)
im:resource Get resources in messages
Confirm all 4 permissions are activated.
7.3 Enable Bot and Configure Event Subscription
- Go to "Application Capabilities" → Add "Robot"
- Event subscription: Select "Use persistent connection to receive events" (WebSocket, no public URL required)
- Add event: (message receiving event)
- Save and create a version
- Publish the application (only internal enterprise approval required)
7.4 Configure OpenClaw to Access Feishu
Run the guide:
Follow the prompts:
- Accept risk: Yes
- Configuration method: Quick Start
- Model provider: Select the configured Bailian
- Channel: Select Feishu
- Enter credentials: App ID, App Secret (from step 7.1)
- Enable skills: Yes
- Select hook: session-memory
- Restart Gateway: Yes
7.5 Use Feishu Bot
- Workbench: Feishu → Workbench → Find the application → Start chatting
- Global Search: Search for the application name to enter directly
- Group Chat: Add the bot to the group → @mention the bot to interact
Phase 8: DingTalk Integration
DingTalk provides two access solutions, choose according to your needs:
| Solution | Complexity | Features |
|---|
| Solution A: Traditional Bot (Stream Mode) | Low | Direct configuration, no additional components required |
| Solution B: DEAP Agent (Advanced) | High | Richer functions through Connector tunnel |
Solution A: DingTalk Bot (Stream Mode)
A-1: Install DingTalk Plugin
bash
openclaw plugins install https://github.com/soimy/openclaw-channel-dingtalk.git
# Verify installation
openclaw plugins list
A-2: Create Enterprise Internal Application on DingTalk Open Platform
- Visit DingTalk Open Platform
- Log in with enterprise administrator account
- Click "Create Application" → Select "Enterprise Internal Application"
- Fill in application information (name, description, icon)
- Click "Confirm Creation"
- Record Client ID (AppKey) and Client Secret (AppSecret) in "Credentials and Basic Information"
⚠️ Client Secret is only displayed once, please save it properly immediately.
A-3: Configure Application Permissions
Go to "Permission Management" and apply for the following permissions:
Address Book Permissions:
- - Get enterprise member information
qyapi_get_department_list
Bot Permissions:
Click "Batch Apply" and wait for administrator approval.
A-4: Configure and Publish Bot
- Go to "Robot" page → Add Robot → Select "Custom Robot"
- Message receiving mode: Stream Mode (WebSocket, no public IP required)
- Go to "Version Management and Release" → Create new version (1.0.0) → Apply for release
A-5: Configure OpenClaw to Connect to DingTalk
Edit
~/.openclaw/openclaw.json
, add in
:
json
{
"channels": {
"dingtalk": {
"enabled": true,
"clientId": "YOUR_APPKEY",
"clientSecret": "YOUR_APPSECRET",
"robotCode": "YOUR_APPKEY",
"corpId": "YOUR_CORPID",
"agentId": "YOUR_AGENTID",
"dmPolicy": "open",
"groupPolicy": "open",
"messageType": "markdown",
"streamMode": true,
"autoReply": true,
"debug": false
}
}
}
Or use command line configuration:
bash
openclaw config set channels.dingtalk.enabled true
openclaw config set channels.dingtalk.clientId "YOUR_CLIENT_ID"
openclaw config set channels.dingtalk.clientSecret "YOUR_CLIENT_SECRET"
openclaw config set channels.dingtalk.sessionTimeout 1800000
openclaw gateway restart
A-6: Add Bot to Group Chat
- Open the target DingTalk group → Group Settings → Smart Group Assistant
- Add Robot → Enterprise Internal Robot → Find your robot → Add
Verification: Send
@OpenClaw Assistant Hello
in the group chat, the bot should reply.
Solution B: DingTalk DEAP Agent (Advanced Solution)
Architecture: DingTalk App → DEAP Cloud → Connector Tunnel → Your Server Gateway
B-1: Obtain DEAP Credentials
- CorpId: DingTalk Open Platform → Enterprise Information
- DEAP API Key: DingTalk DEAP Platform → Security and Permissions → API-Key Management → Create Key
B-2: Install and Run Connector on Server
bash
# Check server architecture
uname -m # x86_64 or aarch64
# Download the corresponding version from:
# https://github.com/DingTalk-Real-AI/dingtalk-moltbot-connector/releases
cd ~
wget [download link] -O connector.zip
unzip -o connector.zip
cd connector-linux-amd64 # Adjust according to actual directory name
chmod +x connector-linux
# Run Connector in background
nohup ./connector-linux \
-deapCorpId YOUR_CORPID \
-deapApiKey YOUR_DEAP_APIKEY \
> /tmp/dingtalk-connector.log 2>&1 &
# Verify running status
ps aux | grep connector
tail -20 /tmp/dingtalk-connector.log
B-3: Create Agent on DEAP Platform
- Visit DingTalk DEAP Platform
- Create new Agent
- Add skill: Search for "OpenClaw" or "OpenClaw Gateway"
- Configure skill parameters:
- apikey: Your DEAP API Key
- apihost:
- gatewayToken: Gateway authentication token configured in Phase 4
- Publish Agent
B-4: Use DEAP Agent in DingTalk
- Search for the Agent name in DingTalk App
- Send tasks directly in natural language, commands are executed on Alibaba Cloud server through the tunnel
Phase 9: QQ Bot Integration
9.1 Create QQ Bot
- Visit QQ Open Platform
- Important: You need to register an account (cannot log in directly with QQ account)
- Log in → "Robot" → "Create Robot"
- Fill in name and description
- Record robot ID and robot secret immediately (cannot be viewed again after closing the page)
9.2 Configure IP Whitelist
- QQ Open Platform → Bot Details → IP Whitelist
- Add the public IP of your Alibaba Cloud server to the whitelist
9.3 Configure OpenClaw
Select QQ as the channel, enter:
Complete the remaining steps (model selection, skills, hooks).
Phase 10: Discord Bot Integration
10.1 Create Discord Bot
- Visit Discord Developer Portal
- "New Application" → Enter application name
- Go to "Bot" tab
- Click "Reset Token" → Copy and save Bot Token immediately
- Enable "Message Content Intent" (message content intent permission)
10.2 Generate Invite Link and Join Server
- Go to "OAuth2" → "URL Generator"
- Scope select:
- Bot Permissions check:
- Send Messages
- Read Message History
- Copy the generated URL, open it in a browser
- Select your Discord server → Authorize
10.3 Configure OpenClaw
Select Discord as the channel, enter Bot Token (from step 10.1).
Legacy Note: Some old documents use
, please use
uniformly.
Verification and Usage Examples
General Test Messages for All Platforms
What model are you using now?
Summarize what OpenClaw is in three sentences
Create a work daily report template
Check Gateway Status
bash
# View Gateway running logs
tail -50 /tmp/openclaw-gateway.log
# View all channel status
openclaw channel list
# View ACP sessions
openclaw sessions list
DingTalk Usage Examples
text
# Daily conversation
@OpenClaw Assistant Hello, please introduce yourself
# Code requirement
@OpenClaw Assistant Help me write a Python crawler code to grab web page titles
# Specify specific Agent
@OpenClaw Assistant /acp spawn claude Analyze the bugs in this code
# If Qoder CLI is installed
@OpenClaw Assistant Use qoder to develop a TODO application
# Multi-turn conversation
@OpenClaw Assistant I want to develop a personal blog (using Next.js and TypeScript)
Parallel Task Execution Example
Send multiple tasks at once to improve efficiency:
Please handle the following tasks:
1. Summarize OpenClaw in three sentences
2. Create a weekly to-do template with 5 items
3. Recommend a small tip to improve efficiency
Advanced Configuration
Configure Multiple Agents
bash
# Set allowed Agents list
openclaw config set acp.allowedAgents '["openclaw","qoder","claude","codex","opencode","gemini"]'
# Use specific Agent in chat
# /acp spawn codex --mode persistent Use Codex
# /acp spawn claude --mode persistent Use Claude
# /acp spawn qoder --mode persistent Use Qoder
Configure Persistent Sessions
bash
# Enable session binding (continue using the same Agent for the same topic)
openclaw config set session.threadBindings.enabled true
openclaw config set session.threadBindings.ttlHours 24
openclaw gateway restart
Configure Security Policy
bash
# Set execution permission level
# strict: Strict restriction moderate: Moderate restriction approve-all: Approve all
openclaw config set acp.permissions "strict"
# Set task timeout (seconds)
openclaw config set acp.timeout 300
Configure Message Reply Template
Create
~/.openclaw/dingtalk-templates.json
:
json
{
"welcome": "Hello! I am OpenClaw AI Assistant, how can I help you?",
"error": "Sorry, an error occurred while processing your request, please try again later.",
"thinking": "Thinking...",
"timeout": "Processing timed out, please simplify your question and try again."
}
Performance Optimization and O&M
Configure systemd System Service (Recommended for Production Environment)
bash
# Increase system file descriptor limit
echo "fs.file-max = 65535" >> /etc/sysctl.conf
sysctl -p
# Create systemd service
cat > /etc/systemd/system/openclaw.service << 'EOF'
[Unit]
Description=OpenClaw Gateway
After=network.target
[Service]
Type=simple
User=root
ExecStart=/root/.nvm/versions/node/v22.22.0/bin/openclaw gateway
Restart=always
RestartSec=5
Environment="PATH=/root/.nvm/versions/node/v22.22.0/bin:/usr/bin:/usr/local/bin"
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable openclaw
systemctl start openclaw
systemctl status openclaw
Monitoring and Log Management
bash
# View Gateway logs in real time
tail -f /tmp/openclaw-gateway.log
# View ACP status
openclaw acp status
# View all sessions
openclaw sessions list
# View DingTalk channel metrics
openclaw channel metrics dingtalk
# View logs via systemd
journalctl -u openclaw -f
DingTalk DEAP Connector Daemon
bash
# Configure Connector to start on boot
cat > /etc/systemd/system/dingtalk-connector.service << 'EOF'
[Unit]
Description=DingTalk DEAP Connector
After=network.target openclaw.service
[Service]
Type=simple
User=root
WorkingDirectory=/root/connector-linux-amd64
ExecStart=/root/connector-linux-amd64/connector-linux \
-deapCorpId YOUR_CORPID \
-deapApiKey YOUR_DEAP_APIKEY
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
EOF
systemctl enable dingtalk-connector
systemctl start dingtalk-connector
Common Problem Troubleshooting
Troubleshooting Cheat Sheet
| Phenomenon | Possible Cause | Solution |
|---|
| Gateway Token mismatch | Check that the token in is consistent with DEAP/bot configuration |
| HTTP endpoint not enabled | Ensure gateway.http.endpoints.chatCompletions.enabled: true
|
| Bot does not respond at all | Application not published / missing permissions | Check application publication status and permission approval |
| DEAP Connector disconnected | Firewall / port issue | Ensure port 18789 is locally accessible, check firewall rules |
| Bot replies slowly | Insufficient server resources | Check CPU/memory, view ACP session count |
| DingTalk permissions not approved | Reapply for permissions and wait for approval |
Problem 1: Gateway Startup Failed
bash
# Check port occupation
netstat -tlnp | grep 18789
# View detailed logs
openclaw logs
# Force restart
openclaw gateway restart --force
Problem 2: DingTalk Bot Does Not Respond
Troubleshooting Steps:
- Confirm the application has been officially published in "Version Management and Release" (saving only is not enough)
- Confirm all bot permissions have been applied for and approved
- Verify that Client ID and Client Secret are correct
- View connector logs:
openclaw logs dingtalk -f
- Confirm Stream mode is enabled
- Confirm the bot has been added to the target group chat
Problem 3: Cannot Add Bot to Group Chat
Troubleshooting Steps:
- Confirm you are the group administrator or owner
- Confirm the application has been published and approved by the administrator
- Confirm the bot status is "Enabled" on the "Robot" page
Problem 4: Stream Mode / WebSocket Connection Failed
bash
# Check if the server can access external services
ping oapi.dingtalk.com
ping open.feishu.cn
# Check if the firewall blocks outbound connections
# Try restarting the corresponding channel connector
openclaw channel restart dingtalk
Problem 5: Bot Replies Slowly or Times Out Midway
bash
# Check server resources
top
free -h
# View ACP session status
openclaw sessions list
# Check OpenClaw error logs
openclaw logs --tail 200
Quick Reference Card
| Platform | Key Credentials | Connection Mode | Special Requirements |
|---|
| Feishu | App ID, App Secret | WebSocket persistent connection | 4 permissions, event |
| DingTalk (Traditional Bot) | AppKey, AppSecret, CorpId, AgentId | Stream Mode | , permissions |
| DingTalk (DEAP) | CorpId, DEAP API Key, Gateway Token | Connector tunnel | Connector must be on the same server as Gateway |
| QQ | Robot ID, Robot Secret | HTTP API | Server public IP added to whitelist |
| Discord | Bot Token | WebSocket Gateway | Enable Message Content Intent |
Environment Variable Reference
Use environment variables instead of hardcoded tokens in configuration files (recommended):
bash
# Add to ~/.bashrc or ~/.zshrc
export OPENCLAW_GATEWAY_TOKEN="your_gateway_token"
export DINGTALK_CLIENT_SECRET="your_dingtalk_secret"
export FEISHU_APP_SECRET="your_feishu_secret"
export BAILIAN_API_KEY="sk-sp-YOUR_KEY_HERE"
export QODER_PERSONAL_ACCESS_TOKEN="your_qoder_api_key"
Then execute
for the configuration to take effect. Some versions of OpenClaw support using
syntax in
to reference environment variables.
Daily Maintenance Commands
Restart Gateway:
bash
systemctl restart openclaw
# Or manual method:
pkill -f "openclaw gateway" && nohup setsid openclaw gateway --port 18789 --verbose > /tmp/openclaw-gateway.log 2>&1 &
Update OpenClaw:
bash
openclaw update
# Or re-run the installation script:
curl -fsSL https://clawd.bot/install.sh | bash
Manage Plugins:
bash
openclaw plugins list
openclaw plugins update [plugin name]
openclaw plugins install [plugin name or Git URL]
View Running Logs:
bash
# Gateway main log
tail -f /tmp/openclaw-gateway.log
# DingTalk DEAP Connector log
tail -f /tmp/dingtalk-connector.log
# Specific channel logs
openclaw logs dingtalk -f
openclaw logs feishu -f
Troubleshooting Entry:
bash
openclaw gateway status # Gateway status
openclaw channel list # All channel status
openclaw sessions list # ACP session list
openclaw channel status dingtalk # Specific channel status
References