Bug type
Behavior bug (incorrect output/state without crash)
Summary
The OpenClaw dashboard/webchat can surface “Your authentication token has been invalidated” in scenarios where the underlying failure does not appear to be a literally invalid token, but another layer such as gateway token mismatch, Control UI origin rejection, browser pairing state, or stale runtime auth state; this can mislead users toward the wrong remediation path.
Steps to reproduce
- Run OpenClaw in a setup where multiple auth-adjacent layers can fail independently (for example WSL2 gateway + Windows browser/dashboard).
- Create or encounter a state involving one or more of:
- gateway token mismatch / stale gateway service state
- Control UI origin mismatch
- browser pairing not yet approved
- provider/runtime auth state that requires re-login
- Open the dashboard/webchat and attempt to send a message.
- Observe that the UI may show “Your authentication token has been invalidated,” even when the eventual fix suggests a different or broader root cause.
Expected behavior
If the real failing layer is not actually an invalid auth token, the dashboard/webchat should avoid collapsing the outcome into “Your authentication token has been invalidated.” It should either surface the specific failing layer or use a more neutral message when root cause is ambiguous.
Actual behavior
In this real WSL2 + Windows troubleshooting case, the visible dashboard/webchat error suggested an invalidated auth token, but the eventual remediation required correcting multiple other layers: repairing/syncing gateway service state (including desynced or mixed service/manual gateway state), opening the Control UI from the correct localhost origin, approving browser pairing, and redoing provider login/onboarding cleanly. Because of that, the visible message appears too broad or misleading for at least some failure paths.
OpenClaw version
The OpenClaw dashboard/webchat can surface “Your authentication token has been invalidated” in scenarios where the underlying failure does not appear to be a literally invalid token, but another layer such as gateway token mismatch, Control UI origin rejection, browser pairing state, or stale runtime auth state; this can mislead users toward the wrong remediation path.
Operating system
The OpenClaw dashboard/webchat can surface “Your authentication token has been invalidated” in scenarios where the underlying failure does not appear to be a literally invalid token, but another layer such as gateway token mismatch, Control UI origin rejection, browser pairing state, or stale runtime auth state; this can mislead users toward the wrong remediation path.x
Install method
No response
Logs, screenshots, and evidence
Impact and severity
No response
Additional information
No response
Bug type
Behavior bug (incorrect output/state without crash)
Summary
The OpenClaw dashboard/webchat can surface “Your authentication token has been invalidated” in scenarios where the underlying failure does not appear to be a literally invalid token, but another layer such as gateway token mismatch, Control UI origin rejection, browser pairing state, or stale runtime auth state; this can mislead users toward the wrong remediation path.
Steps to reproduce
Expected behavior
If the real failing layer is not actually an invalid auth token, the dashboard/webchat should avoid collapsing the outcome into “Your authentication token has been invalidated.” It should either surface the specific failing layer or use a more neutral message when root cause is ambiguous.
Actual behavior
In this real WSL2 + Windows troubleshooting case, the visible dashboard/webchat error suggested an invalidated auth token, but the eventual remediation required correcting multiple other layers: repairing/syncing gateway service state (including desynced or mixed service/manual gateway state), opening the Control UI from the correct localhost origin, approving browser pairing, and redoing provider login/onboarding cleanly. Because of that, the visible message appears too broad or misleading for at least some failure paths.
OpenClaw version
The OpenClaw dashboard/webchat can surface “Your authentication token has been invalidated” in scenarios where the underlying failure does not appear to be a literally invalid token, but another layer such as gateway token mismatch, Control UI origin rejection, browser pairing state, or stale runtime auth state; this can mislead users toward the wrong remediation path.
Operating system
The OpenClaw dashboard/webchat can surface “Your authentication token has been invalidated” in scenarios where the underlying failure does not appear to be a literally invalid token, but another layer such as gateway token mismatch, Control UI origin rejection, browser pairing state, or stale runtime auth state; this can mislead users toward the wrong remediation path.x
Install method
No response
Logs, screenshots, and evidence
Impact and severity
No response
Additional information
No response