#How to bypass approval every time?

11 messages Β· Page 1 of 1 (latest)

haughty vector
#

Since my last update it always Asks for my approval, i m running in a safe environment i don’t need to approve every time especially night cronjobs

viral slateBOT
gloomy breachBOT
#

To help others find answers, you can mark your question as solved via Right click solution message -> Apps -> βœ… Mark Solution

viral slateBOT
random pondBOT
#

I’m checking the docs and the actual approval settings, because this usually comes from one layer changing while the other stayed strict.

#

First, what does openclaw --version show?

This is usually exec approvals, not cron itself. There are two layers now, and the stricter one wins:

  • tools.exec.* in OpenClaw config
  • host/node approvals in exec-approvals.json

If your Gateway is on the same machine and you really want no prompts, the quick fix is:

openclaw exec-policy preset yolo
openclaw gateway restart

If you want to inspect it first:

# 
openclaw approvals get --gateway

If your cron runs on a node, you also need to open that node’s policy, for example:

openclaw approvals get --node <id-or-name>

and set that node to security: "full" + ask: "off" too.

One more gotcha, if your cron launches Codex / Claude Code / ACP sessions, that is a separate permission layer. Then also set:

openclaw config set plugins.entries.acpx.config.permissionMode approve-all
haughty vector
#

Openclaw 2026.3.30

🦞 OpenClaw 2026.3.30 (3ad747e) β€” No $999 stand required.

β”‚
β—‡
Approvals
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ Field β”‚ Value β”‚
β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€
β”‚ Target β”‚ gateway β”‚
β”‚ Path β”‚ ~/.openclaw/exec-approvals.json β”‚
β”‚ Exists β”‚ yes β”‚

random pondBOT
#

Yep, that points at the gateway-side approvals file.

Since you want no approval prompts on a trusted box, the easiest fix is:

openclaw exec-policy preset yolo
openclaw gateway restart

That should sync both layers to the no-prompt setup.

If exec-policy gives you trouble on 2026.3.30, do it manually:

openclaw config set tools.exec.host gateway
openclaw config set tools.exec.security full
# 
openclaw config set tools.exec.ask off
openclaw approvals set --gateway --stdin <<'EOF'
{
  version: 1,
  defaults: {
    security: "full",
    ask: "off",
    askFallback: "full"
  }
}
EOF
openclaw gateway restart

If it still asks after that, then your night cron is probably going through an ACP harness (Codex / Claude Code style), which has its own permission layer. Then also run: