#Claude CLI

I just set up "Claude CLI" with hermes. However, its giving me an error. What changes do I need to make to the Hermes config file to make sure claude can now work ?

For Hermes, the important bit is: don’t configure it as a separate claude-cli provider. Hermes’ Anthropic path uses Claude Code/Claude CLI credentials when available.

In ~/.hermes/config.yaml, set the model provider to Anthropic, e.g.:

model:
  provider: "anthropic"
  default: "claude-sonnet-4-6"

Then make sure auth is actually available on the same machine:

hermes model

Pick Anthropic there, or verify Claude Code works directly first with something like claude -p "hi".

Two gotchas:

• If you’re using Claude subscription/OAuth through Hermes, Hermes’ docs say it needs Claude Max + extra usage credits. If you don’t have that, use an ANTHROPIC_API_KEY in ~/.hermes/.env instead.
• If you’re already inside a Hermes chat, /model only switches among providers that are already configured. Use hermes model outside the session for first-time setup.

Docs: https://hermes-agent.nousresearch.com/docs/integrations/providers

If you paste the exact error plus hermes --version, I can tell you which branch you’re hitting.

Wait, so Hermes does not allow a pro subscription to be used?
What about openclaw? Will it allow it?

Correct for Hermes as documented: their Anthropic OAuth path says Pro is not enough; it says Max + extra usage credits, otherwise use an ANTHROPIC_API_KEY.

OpenClaw is different here: yes, OpenClaw supports Claude subscription auth via Claude CLI reuse, including Claude Pro or Max, as long as claude -p works on the gateway host. The docs say OpenClaw treats Claude CLI reuse / claude -p as sanctioned unless Anthropic publishes a new policy.

Recommended OpenClaw setup:

claude -p "hi"   # verify Claude CLI works first
openclaw models auth login --provider anthropic --method cli --set-default
openclaw models status --probe

For a long-running server/gateway, API keys are still more predictable, but Pro/Max Claude CLI auth is supported in OpenClaw.

Docs: https://docs.openclaw.ai/help/faq-first-run and https://docs.openclaw.ai/concepts/oauth

What do you mean by "sanctioned"?

By “sanctioned” I mean: OpenClaw is not treating Claude CLI reuse as a hack/workaround right now.

More specifically: Anthropic staff reportedly told the OpenClaw maintainers that OpenClaw-style use of claude -p / Claude CLI auth is allowed again, so OpenClaw supports it as an intended integration path unless Anthropic publishes a new policy saying otherwise.

It does not mean “unlimited” or “guaranteed forever.” Your normal Claude plan limits still apply, Anthropic can change policy, and for always-on/production use an Anthropic API key is still the more predictable route.

What do you mean its not using Claude CLI as a workaround? You are confusing me. You are saying its not being used as a workaround but then you are also saying "openclaw supports it".

You are contradicting yourself , just speak plain English

You’re right — I made that more confusing than it needed to be. Plain English:

Hermes: Claude Pro subscription does not seem to work for Hermes’ Anthropic OAuth path. Their docs say you need Max + extra usage credits, or use an Anthropic API key.

OpenClaw: Claude Pro/Max can work because OpenClaw can call the installed Claude CLI (claude -p) directly. So if Claude CLI works in your terminal, OpenClaw can use that same path.

By “not a workaround” I only meant: OpenClaw intentionally supports this mode. It is a real supported option in OpenClaw, not something you’re manually patching together.

Simplest test:

claude -p "say hi"

If that works on the machine running OpenClaw, then configure OpenClaw to use Anthropic via Claude CLI.

I configured openclaw cli but I am getting an error that says no api key found

First: what does this show?

openclaw --version

That error usually means OpenClaw is trying the Anthropic API-key path, not the Claude CLI subscription path.

Try this on the same machine that runs the OpenClaw gateway:

claude -p "say hi"

If that works, then login OpenClaw using Claude CLI auth:

openclaw models auth login --provider anthropic --method cli --set-default
openclaw models status --probe

If you instead want API-key billing, put this in ~/.openclaw/.env:

ANTHROPIC_API_KEY=sk-ant-...

Then restart the gateway.

Also check your configured model is Anthropic, e.g. anthropic/claude-sonnet-..., not just a stale/default provider expecting an API key.

Docs: https://docs.openclaw.ai/help/faq-first-run

I did everything you said to set up Claude CLI as default yet i am still getting "No Api key found" error when I try to "openclaw tui"

Got it — that specific error means OpenClaw is still executing the model through the Anthropic API transport, not through the Claude CLI backend.

Please paste this first so we don’t chase the wrong version:

openclaw --version

Then check these three things:

claude auth status --text
openclaw models status --probe
openclaw status --all

The config shape you want is not just “Anthropic is default”. It needs the Claude CLI runtime attached to the Anthropic model, like this in ~/.openclaw/openclaw.json:

{
  agents: {
    defaults: {
      model: { primary: "anthropic/claude-opus-4-7" },
      models: {
        "anthropic/claude-opus-4-7": {
          agentRuntime: { id: "claude-cli" }
        }
      }
    }
  }
}

You can use Sonnet instead if that’s what your setup supports, but the key part is:

agentRuntime: { id: "claude-cli" }

Without that, anthropic/... means “call Anthropic’s API”, which requires ANTHROPIC_API_KEY, hence the error.

Also run this on the same machine/user that runs openclaw tui:

openclaw models auth login --provider anthropic --method cli --set-default

If claude is installed but not on PATH for OpenClaw, set the backend command path too. Docs: https://docs.openclaw.ai/providers/anthropic

I got Claude cli to work, but as Claude is responding on signal, its messages are being accompanied by 400 errors....

Nice, Claude CLI working is the big hurdle 🎉

The 400s probably aren’t Claude itself if the Signal replies still arrive — they’re likely coming from the Signal transport after/around delivery: typing indicator, read receipt, reaction, or native-vs-container API mismatch.

First, please grab:

openclaw --version
openclaw logs --follow

Then send one Signal message and paste the exact 400 log line around it. That line should show whether it’s /v2/send, /v1/typing-indicator, /v1/receipts, JSON-RPC sendTyping, etc.

Quick things to check meanwhile:

openclaw channels status --probe
openclaw doctor

If you’re using bbernhard/signal-cli-rest-api, make sure the Signal config has the right mode, e.g.:

channels: {
  signal: {
    apiMode: "container",
    httpUrl: "http://127.0.0.1:8080",
    autoStart: false
  }
}

If you’re using native signal-cli daemon, use apiMode: "native" or leave auto only if detection is behaving.

Also if the log mentions receipts, try explicitly disabling them:

channels: {
  signal: {
    sendReadReceipts: false
  }
}

Signal docs: https://docs.openclaw.ai/channels/signal
Troubleshooting ladder: https://docs.openclaw.ai/help/faq

You need to break it down for me
Your message is vauge and not tell me what to do specifically step by step.
Are you asking me to send a signal message from my phone by including the 400 error in it then reading what the "openclaw logs --follow" screen shows?

Yep — sorry, that was too vague. Do not type the 400 error into Signal.

Do this step by step:

1. On the computer/server running OpenClaw, open a terminal.

2. Run:

openclaw --version

3. Then run:

openclaw logs --follow

4. Leave that terminal open. It will sit there printing new log lines.

5. From your phone, send a normal Signal message to your OpenClaw/Claude bot. Example: test message

6. Watch the terminal from step 3. When the bot replies and the 400 error appears, copy the nearby log lines — ideally from just before the Signal message through the 400 error.

7. Paste those log lines here, plus the version from step 2.

What we’re trying to learn is which Signal action is throwing 400. The bot reply itself may be succeeding, while a side action like “typing…”, read receipt, reaction, or the Signal send endpoint is failing afterward.

#6 is still confusing!!! When the bot replies where? In signal or on my computer? Copy the lines from where? Signal or my computer??

You’re right — I worded that badly. Here’s the exact version:

The bot replies in Signal on your phone.

The lines you copy come from the terminal on your computer/server, where openclaw logs --follow is running.

Step-by-step:

1. On your computer/server, run:

openclaw logs --follow

2. Keep that terminal open.

3. On your phone, open Signal and send your bot a simple message like:

test

4. The bot should reply inside Signal on your phone.

5. At the same time, your computer terminal should print log lines. If a 400 error appears there, copy the text from the terminal, not from Signal.

So: Signal is only used to trigger the problem. The useful error details are on the computer/server terminal.

16:39:41+00:00 info agent/cli-backend {"subsystem":"agent/cli-backend"} cli exec: provider=claude-cli model=claude-haiku-4-5 promptChars=474 trigger=user useResume=true session=present resumeSession=61e05dd6d43b reuse=reusable historyPrompt=none

16:39:41+00:00 info agent/cli-backend {"subsystem":"agent/cli-backend"} claude live session start: provider=claude-cli model=claude-haiku-4-5 activeSessions=1

16:39:46+00:00 info agent/cli-backend {"subsystem":"agent/cli-backend"} claude live session turn: provider=claude-cli model=claude-haiku-4-5 durationMs=4316 rawLines=29

16:39:46+00:00 info channels/signal {"subsystem":"channels/signal"} delivered reply to fed22f71-3c5c-4d96-bc73-7b568e91b7dc

16:49:46+00:00 info agent/cli-backend {"subsystem":"agent/cli-backend"} claude live session close: provider=claude-cli model=claude-haiku-4-5 reason=idle

Good — this log actually shows success, not the 400.

This line means OpenClaw sent the Signal reply successfully:

channels/signal ... delivered reply

And this is normal too — Claude CLI session closed after 10 minutes idle:

claude live session close ... reason=idle

So the 400 error is not in the log snippet you pasted.

Next exact thing to do:

1. Run this again on the computer/server:

openclaw logs --follow

2. Send another test message from your phone in Signal.

3. Wait until you personally see the 400 error happen.

4. Copy the line that contains 400 from the computer/server terminal.

If you are seeing the 400 error inside Signal on your phone as a message from the bot, then copy/paste that Signal message here too. That would mean Claude/OpenClaw is sending the error text as part of the reply, which is a different problem.

Also please paste:

openclaw --version

Why are you asking me to "openclaw --version" without telling me what to do once I see the output?????

Fair. I’m sorry — I skipped the obvious next instruction.

When I say:

openclaw --version

I mean:

1. Run that command on the computer/server.
2. It will print something like:

2026.x.x

or similar.

3. Copy that output and paste it here.

That’s all. You don’t need to interpret it yourself.

Why I need it: if you’re on a version with a known Signal bug, the fix may simply be “update OpenClaw” instead of digging through logs.

So please paste two things here:

openclaw --version

output, and if you can reproduce it, the exact terminal line that contains 400 from:

openclaw logs --follow

Your owners have tuned your quality down so low that the quality of your messages went from 10 to 1

Openclaw 2026.5.7

Did you get the version number? You didint respond

Yes — I got it: OpenClaw 2026.5.7.

Sorry, I should have acknowledged that directly.

Next step is still: find the exact 400 log line. Please run this on the computer/server:

openclaw logs --follow | grep -i 400

Then send the bot a normal Signal message from your phone. If a 400 appears in the terminal, paste that line here.

So here is what the terminal says :

17:11:53+00:00 info agent/cli-backend {"subsystem":"agent/cli-backend"} cli exec: provider=claude-cli model=claude-haiku-4-5 promptChars=448 trigger=user useResume=true session=present resumeSession=61e05dd6d43b reuse=reusable historyPrompt=none

17:11:53+00:00 info agent/cli-backend {"subsystem":"agent/cli-backend"} claude live session start: provider=claude-cli model=claude-haiku-4-5 activeSessions=1

17:11:56+00:00 info agent/cli-backend {"subsystem":"agent/cli-backend"} claude live session turn: provider=claude-cli model=claude-haiku-4-5 durationMs=2691 rawLines=23

17:11:56+00:00 info channels/signal {"subsystem":"channels/signal"} delivered reply to fed22f71-3c5c-4d96-bc73-7b568e91b7dc

And here is what my signal chat says in 3 separate consecutive messages:

⚠️ Non-retryable error (HTTP 400) — trying fallback...

❌ Non-retryable error (HTTP 400): HTTP 400: Third-party apps now draw from your extra usage, not your plan limits. Add more at claude.ai/settings/usage and keep going.

⚠️ Error code: 400 - {'type': 'error', 'error': {'type': 'invalid_request_error', 'message': 'Third-party apps now draw from your extra usage, not your plan limits. Add more at claude.ai/settings/usage and keep going.'}, 'request_id': 'req_011Caw9u7kASz8Ek5oCugXFh'}

Yes. Now we have the answer.

This is not a Signal problem.

Signal is working. This line proves Signal delivery succeeded:

channels/signal ... delivered reply

What happened is:

1. You sent a Signal message.
2. OpenClaw sent it to Claude CLI / Anthropic.
3. Anthropic rejected the request with HTTP 400.
4. OpenClaw successfully delivered that error text back to you in Signal.

The real error is this:

Third-party apps now draw from your extra usage, not your plan limits. Add more at claude.ai/settings/usage and keep going.

So the fix is on the Claude/Anthropic account side:

1. Open this page in your browser:

https://claude.ai/settings/usage

2. Add or enable “extra usage” / usage credits there.

3. After that, send another normal Signal message to the bot.

You do not need to fix Signal. You do not need to keep digging through Signal logs for this specific error.

If you don’t want to add Claude extra usage, the alternative is to switch OpenClaw to a different model/provider instead of Claude CLI. Docs: https://docs.openclaw.ai/concepts/models

What embeddings provider should I use with Claude?

Claude CLI handles the chat model. Embeddings are separate — Claude/Anthropic isn’t the embeddings provider here.

My practical recommendation:

Use OpenAI embeddings if you want the least-fussy setup and don’t mind adding an OpenAI API key. Example:

{
  agents: {
    defaults: {
      memorySearch: {
        provider: "openai",
        model: "text-embedding-3-small"
      }
    }
  }

}

Then make sure you have a real OpenAI API key configured — Codex OAuth does not cover embeddings.

If you already have GitHub Copilot, that’s also a nice option because OpenClaw can use Copilot embeddings without a separate OpenAI key:

{
  agents: {
    defaults: {
      memorySearch: {
        provider: "github-copilot"
      }
    }