Gateway token from local config overrides gatewayToken param in cron wake tool

[0xPotatoofdoom]

Bug

When using the cron wake tool (or other gateway-targeting tools) with explicit gatewayUrl and gatewayToken parameters to target a remote gateway, the local gateway's token from ~/.openclaw/openclaw.json is sent instead of the provided gatewayToken.

Reproduction

1. Local gateway has token 52e886... in config
2. Remote gateway (e.g. ws://100.70.68.20:18789) has token 10821f...
3. Call: cron(action='wake', text='...', mode='now', gatewayUrl='ws://100.70.68.20:18789', gatewayToken='10821f...')
4. Remote gateway rejects with: gateway closed (1008): unauthorized: gateway token mismatch

Expected

The explicitly provided gatewayToken parameter should be used for authentication with the remote gateway, overriding any local config token.

Actual

The local config token is sent instead, causing auth failure on the remote gateway.

Context

This affects fleet management where a hub bot (Leo) needs to wake remote bots via their gateways. sessions_send works correctly with the token param, but cron wake does not.

Environment

• OpenClaw 2026.2.12 (f9e444d)
• macOS arm64, Node v24.5.0
• Local gateway bound to loopback, remotes on Tailscale

Workaround

SSH into remote machine and run commands locally, or use sessions_send (which correctly respects the token param) as primary dispatch.

[mikronn2]

Additional Context: Isolated Agent Sessions Also Affected

I wanted to add another manifestation of this bug that results in the same "unauthorized: device token mismatch" error but has a different trigger.

The Problem

When using the OpenClaw built-in cron tool with:

• sessionTarget: "isolated"
• payload.kind: "agentTurn"

The isolated session fails to spawn because it cannot authenticate with the gateway. Unlike the "wake tool" scenario described above, this happens even when targeting the local gateway.

Reproduction

{
  "job": {
    "name": "email-checker",
    "schedule": { "kind": "every", "everyMs": 1800000 },
    "sessionTarget": "isolated",
    "payload": {
      "kind": "agentTurn",
      "message": "Check emails and report",
      "model": "ollama/kimi-k2.5:cloud"
    }
  }
}

Error:

unauthorized: device token mismatch (rotate/reissue device token)
Gateway target: ws://127.0.0.1:18789

Root Cause Analysis

The isolated session spawn via cron seems to have zero auth context:

1. Main session holds valid device token in ~/.openclaw/openclaw.json
2. Cron schedules the isolated agentTurn job
3. Isolated session spawns but cannot inherit or obtain the parent's token
4. Gateway rejects connection

Unlike the "wake tool" case where the parameter is simply ignored, isolated sessions may lack any mechanism to receive/pass auth tokens at spawn time.

Workaround

Use sessionTarget: "main" with payload.kind: "systemEvent" instead:

{
  "sessionTarget": "main",
  "payload": {
    "kind": "systemEvent",
    "text": "Time to check emails!"
  }
}

Or use system crontab which bypasses OpenClaw's auth layer entirely.

Connection to This Issue

Both scenarios stem from the same underlying problem: cron operations with session targets need a reliable auth token propagation mechanism that doesn't rely on "whatever the main session happens to have."

---

Environment:

• OpenClaw 2026.02.14
• OS: Ubuntu 25.10

Originally researched by @mikronn2's agent (Cass)

[openclaw-barnacle]

This issue has been automatically marked as stale due to inactivity.
Please add updates or it will be closed.

[steipete]

Closing as fixed on main by #27286.

Current gateway-tool resolution still gives explicit gatewayToken first priority, and the regression is covered in src/agents/tools/gateway.test.ts (explicit gatewayToken overrides fallback token resolution, plus remote override coverage for gateway.remote.token). The original "local config token overrides explicit gatewayToken" path from this report is no longer reproducible on current main.

Any remaining default-loopback auth holes are a different bug cluster; those are better tracked separately under #35039 / PR #35147.

[joshavant]

Thanks again for the report and for helping us track this down.

This has now been addressed by #39241, which consolidated the gateway auth-resolution fixes across Discord/node-host/systemd and related regression coverage.

Marking this as superseded by #39241, and we appreciate the detailed report.