#Trouble setting up Oauth

1 messages · Page 1 of 1 (latest)

stoic vessel Mar 4, 2026, 12:55 AM

Hi! I'm running OpenClaw 2026.3.2 on a Mac Mini (Apple Silicon, macOS 26.2) using gpt-5.3-codex via ChatGPT OAuth. My gateway and node service are both running, Telegram is connected and responding, and my exec-approvals allowlist has /usr/bin/osascript, /bin/bash, /opt/homebrew/opt/node@22/bin/node, and /opt/homebrew/bin/npx all approved. I've set agents.defaults.sandbox.mode to off and ask to off in exec-approvals.json. AppleScript works when I run it directly in terminal, and my node device is paired. But when I ask the agent to do anything in the TUI it says 'done' without actually executing anything. It even said 'I can't run commands directly from this chat context' when asked to use osascript. What config am I missing to get the agent to actually execute commands on my Mac instead of just describing what it would do?"

fleet echoBOT Mar 4, 2026, 12:55 AM

To help others find answers, you can mark your question as solved via Right click solution message -> Apps -> ✅ Mark Solution

short skiffBOT Mar 4, 2026, 12:58 AM

That symptom (“done” but nothing ran + “I can’t run commands from this chat context”) almost always means the agent never got the exec tool (tool policy), or exec is still targeting host=sandbox while you’ve turned sandboxing off (so it “fails closed”).

Here’s the tight checklist.

1) Make sure `exec` is actually enabled for that agent (tool policy)

Check whether you accidentally put the agent in a restricted tool profile (e.g. minimal/messaging) or an allowlist that doesn’t include runtime tools:

openclaw config get tools.profile
openclaw config get tools.allow
openclaw config get tools.deny
openclaw config get agents.list

What you want is either:

tools.profile: "coding" (includes group:runtime), or
an explicit allow that includes runtime:

{
  tools: {
    allow: ["group:runtime"] // exec, bash, process
  }
}

Docs: https://docs.openclaw.ai/tools (profiles + allow/deny)
Deep dive: https://docs.openclaw.ai/gateway/sandbox-vs-tool-policy-vs-elevated

2) Set the exec target host to `gateway` (or `node`) — this is the big gotcha

Per docs, exec.host defaults to sandbox. And if sandboxing is off, host=sandbox now fails closed (it will not “silently run on the host” anymore).

So in the TUI, run:

/exec host=gateway security=allowlist ask=off

(or set it in config so you don’t have to do it per session)

{
  tools: {
    exec: { host: "gateway" }
  }
}

Docs: https://docs.openclaw.ai/tools/exec

If you specifically want it to execute in the macOS menubar app UI context (often required for UI-ish AppleScript / Automation), use host=node + bind a node:

/exec host=node node=<your-mac-node-name-or-id> security=allowlist ask=off

3) Confirm you’re editing the same config the service is running

On macOS this bites people a lot (CLI vs launchd service using a different profile/state dir):

openclaw gateway status

If it shows Config (cli) and Config (service) are different, fix with:

openclaw gateway install --force
openclaw gateway restart

#Trouble setting up Oauth

1) Make sure exec is actually enabled for that agent (tool policy)

2) Set the exec target host to gateway (or node) — this is the big gotcha

3) Confirm you’re editing the same config the service is running

1) Make sure `exec` is actually enabled for that agent (tool policy)

2) Set the exec target host to `gateway` (or `node`) — this is the big gotcha