Description
After a successful NemoClaw install on a Brev instance, the installer prints a remote OpenClaw UI URL such as https://openclaw0/-.brevlab.com#token=..., but opening that URL fails with:
origin not allowed (open the Control UI from the gateway host or allow it in gateway.controlUi.allowedOrigins)
Inside the sandbox, the generated ~/.openclaw/openclaw.json shows that gateway.controlUi.allowedOrigins only contains http://127.0.0.1:18789/ and does not include the Brev origin. As a result, the remote UI URL printed by the installer is not actually usable.
{
"allowedOrigins": [
"http://127.0.0.1:18789"
],
"allowInsecureAuth": true,
"dangerouslyDisableDeviceAuth": true
}
Reproduction Steps
- Open https://build.nvidia.com/nemoclaw and click "Try Early Preview" button to open brev launchable like https://brev.nvidia.com/launchable/deploy/now?launchableID=env-3Azt0aYgVNFEuz7opyx3gscmowS
- Click on "Deploy Launchable" button
- Click "Code-Server" when instance is ready
- Observe the terminal output:
https://openclaw0/-<env>.brevlab.com#token=...
NeMoClaw install finished.
CHAT_UI_URL: https://openclaw0-1gfvh46jl.brevlab.com
PATH refresh: starting a new login shell so nemoclaw is available.
- Open that URL in the browser.
- Observe the error:
origin not allowed (open the Control UI from the gateway host or allow it in gateway.controlUi.allowedOrigins)
- Connect to the sandbox and inspect the generated config:
python3 - <<'PY'
import json, os
p = os.path.expanduser("~/.openclaw/openclaw.json")
cfg = json.load(open(p))
print(json.dumps(cfg.get("gateway", {}).get("controlUi", {}), indent=2))
PY
Environment
- Device: Brev instance Ubuntu 22.04.5 LTS
- Node.js: v22.22.1
- Docker: Docker Engine 29.3.0
- OpenShell CLI: 0.0.10
- NemoClaw: v0.1.0 [6e1208c]
- OpenClaw: 2026.3.11 (29dc654)
Debug Output
Logs
Checklist
[NVB#6013831]
Description
After a successful NemoClaw install on a Brev instance, the installer prints a remote OpenClaw UI URL such as https://openclaw0/-.brevlab.com#token=..., but opening that URL fails with:
origin not allowed (open the Control UI from the gateway host or allow it in gateway.controlUi.allowedOrigins)
Inside the sandbox, the generated ~/.openclaw/openclaw.json shows that gateway.controlUi.allowedOrigins only contains http://127.0.0.1:18789/ and does not include the Brev origin. As a result, the remote UI URL printed by the installer is not actually usable.
{
"allowedOrigins": [
"http://127.0.0.1:18789"
],
"allowInsecureAuth": true,
"dangerouslyDisableDeviceAuth": true
}
Reproduction Steps
https://openclaw0/-<env>.brevlab.com#token=...NeMoClaw install finished.
CHAT_UI_URL: https://openclaw0-1gfvh46jl.brevlab.com
PATH refresh: starting a new login shell so nemoclaw is available.
origin not allowed (open the Control UI from the gateway host or allow it in gateway.controlUi.allowedOrigins)python3 - <<'PY'
import json, os
p = os.path.expanduser("~/.openclaw/openclaw.json")
cfg = json.load(open(p))
print(json.dumps(cfg.get("gateway", {}).get("controlUi", {}), indent=2))
PY
Environment
Debug Output
Logs
Checklist
[NVB#6013831]