Feature request: first-class .env / environment-backed secret config UX

[SakenW]

Feature request: first-class .env / environment-backed secret config UX

Summary

OpenClaw already supports environment-backed secrets well enough for runtime, but the UX still nudges users toward storing secrets directly in openclaw.json.

Using .env / environment variables is materially better for:

• security
• migration between machines
• backup hygiene
• separating runtime secrets from shareable config

However, once users move secrets out of config and into environment variables, the Control UI / config experience becomes worse:

• secret fields may appear blank in the config page
• it is hard to tell whether a value is intentionally sourced from env vs actually missing
• users lose confidence about whether the setting is active
• managing secrets becomes split between runtime success and config UI ambiguity

Why this matters

For real-world setups, users commonly want to keep these out of openclaw.json:

• gateway.auth.token
• channel tokens like channels.discord.token
• provider API keys
• search keys
• Notion / integration API keys

That improves security immediately:

• safer backups
• fewer accidental commits / screenshots / config shares
• easier rotation without editing the main config file
• cleaner separation between portable config and local secrets

But the current UX makes env-backed config feel second-class.

Current pain point

Example:

• user moves channels.discord.token, gateway.auth.token, tools.web.search.apiKey, or skills.entries.notion.apiKey to .env
• runtime works
• but the config page may show the field as empty / missing-looking instead of clearly showing that the value is coming from env

This creates a bad tradeoff:

• safer setup => worse visibility
• easier UI editing => more secrets left in config

Proposal

Treat env-backed secrets as a first-class configuration mode in both CLI and Control UI.

1. Secret source awareness

For secret fields, show source metadata in config views:

• config
• env
• unset

In UI, a secret should never look simply empty if it is being resolved from environment.

Suggested display:

• masked value placeholder like ••••••••
• source badge like From env
• optional resolved variable name like DISCORD_BOT_TOKEN

2. Preserve env references in config editing UX

If a field is set as ${DISCORD_BOT_TOKEN} or similar, the UI should recognize it as an env reference rather than flattening it into “blank” or forcing raw secret entry.

Suggested behavior:

• display From env: DISCORD_BOT_TOKEN
• allow switching between:
  • store in config
  • reference env var
  • unset

3. Add a dedicated “Secrets” / “Environment” helper

This could be minimal but still very useful:

• list which env-backed secrets are currently expected
• show whether each one is resolved
• show where it is referenced from config
• optionally point to .env as the recommended local secret file

4. Make migration/security guidance explicit

When the UI detects secrets stored directly in config, it could suggest:

• “Move this to environment for safer local storage”

Even a small affordance here would improve default security posture.

5. Keep values masked, but not invisible

The important point is not to reveal secrets, but to avoid ambiguous emptiness.

Good UX:

• masked
• source-aware
• editable

Bad UX:

• blank field that looks unset even though runtime is working

Expected outcome

This would let users get both:

• safer secret management via .env / environment variables
• confidence and clarity in Control UI / config pages

It would also make multi-machine migration and backup workflows much cleaner, since users can keep:

• openclaw.json as portable config
• .env as local secret material

Suggested scope

Even a small first step would already help a lot:

1. Detect env-backed secret fields in config views
2. Show From env instead of blank
3. Add a source badge in Control UI

That alone would remove most of the current UX penalty for doing the safer thing.

[openclaw-barnacle]

This issue has been automatically marked as stale due to inactivity.
Please add updates or it will be closed.

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve. Reviewed June 8, 2026, 1:08 AM ET / 05:08 UTC.

Summary
Codex review failed: codex execution failed.

Reproducibility: unclear. The review failed before ClawSweeper could establish a reproduction path.

Ways to help us reproduce this

• Add a screenshot or short recording showing the behavior.
• Add expected vs actual behavior.

Next step
Review did not complete, so no work-lane recommendation was made.

Review details

Best possible solution:

Retry the Codex review after fixing the execution failure.

Do we have a high-confidence way to reproduce the issue?

Unclear. The review failed before ClawSweeper could establish a reproduction path.

Is this the best way to solve the issue?

Unclear. Retry the review first so ClawSweeper can evaluate the actual issue and fix direction.

AGENTS.md: unclear because the file could not be read completely.

Remaining risk / open question:

• No close action taken because the review did not complete.

Codex review notes: model gpt-5.5, reasoning high; reviewed against b8adc11977ab.

Label changes

Label changes:

• add issue-rating: 🦪 silver shellfish: Current issue advisory state selects this label.
• add clawsweeper:needs-info: Current issue advisory state selects this label.
• remove P2: Current review triage priority is none.
• remove clawsweeper:no-new-fix-pr: Current issue advisory state no longer selects this label.
• remove clawsweeper:fix-shape-clear: Current issue advisory state no longer selects this label.
• remove clawsweeper:needs-maintainer-review: Current issue advisory state no longer selects this label.
• remove clawsweeper:needs-product-decision: Current issue advisory state no longer selects this label.
• remove clawsweeper:needs-security-review: Current issue advisory state no longer selects this label.
• remove impact:security: Current review selected no impact labels.
• remove impact:auth-provider: Current review selected no impact labels.
• remove issue-rating: 🌊 off-meta tidepool: Current issue advisory state no longer selects this label.

Evidence reviewed

What I checked:

• failure reason: codex execution failed.
• codex failure detail: Codex review failed for this issue with exit 1.
• codex stdout: Per-item Codex failure; continuing with the rest of the shard.

Likely related people:

• unknown: Codex failed before it could trace repository history. (role: review did not complete; confidence: low)

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve.

Keep this issue open. Current main has a solid SecretRef runtime, redaction/restore, CLI, and docs foundation, but the requested source-aware Control UI/config UX is still missing: structured SecretRefs render as read-only generic placeholders, SecretInput unions are normalized to the plain string editor path, and the docs still describe current limitations rather than env/config/unset source badges or resolved status.

Required change / next step:

This is a valid feature request, but it touches secret presentation and needs maintainer product/security decisions about which source metadata and resolution details are safe to expose before an automated fix lane should implement it.

Review details

Best possible solution:

Add a source-aware SecretInput renderer and metadata flow on top of the existing SecretRef contracts: masked display, safe source labels, env variable identity when appropriate, resolved/unresolved status, explicit config/env/unset editing, and docs/tests that align with the current secret target registry and openclaw secrets workflows.

Acceptance criteria:

• pnpm test ui/src/ui/views/config.browser.test.ts ui/src/ui/config-form.browser.test.ts
• pnpm test src/config/redact-snapshot.restore.test.ts src/gateway/server.config-patch.test.ts src/gateway/server-methods/secrets.test.ts
• pnpm exec oxfmt --check --threads=1 ui/src/ui/views/config-form.node.ts ui/src/ui/views/config-form.analyze.ts ui/src/ui/views/config.browser.test.ts docs/web/control-ui.md docs/gateway/secrets.md

What I checked:

• issue-requested-source-aware-secret-ux: The issue asks for secret fields to show config/env/unset source metadata, preserve env references, add a Secrets/Environment helper, and avoid blank-looking fields when a secret is resolved from environment.
• control-ui-structured-secretrefs-still-render-generically: Structured SecretRef values are detected, forced redacted/read-only, rendered with an empty value, and given only generic placeholders such as "Structured value (SecretRef) - use Raw mode to edit"; there is no source badge, env variable label, resolved status, or source switcher. (ui/src/ui/views/config-form.node.ts:680, e46dccb35374)
• schema-analysis-collapses-secretinput-to-string-editor: The schema analyzer recognizes SecretInput unions but normalizes them to the string variant, with an inline comment stating the form only supports editing the string path for now. (ui/src/ui/views/config-form.analyze.ts:147, e46dccb35374)
• tests-lock-current-readonly-placeholder-behavior: The browser test asserts structured SecretRefs are read-only, have an empty input value, and show a generic Structured value placeholder; it does not assert source-aware env/config/unset UX. (ui/src/ui/views/config.browser.test.ts:744, e46dccb35374)
• docs-document-current-control-ui-limitation: The Control UI docs say config writes preflight active SecretRefs and structured SecretRef objects render read-only in form text inputs; they do not describe source badges or env-backed secret editing UX. Public docs: docs/web/control-ui.md. (docs/web/control-ui.md:119, e46dccb35374)
• cli-secretref-foundation-exists: The secrets docs describe the existing CLI helper that configures providers, selects supported secret-bearing fields, captures {source, provider, id}, and runs preflight resolution; useful foundation, but not the requested Control UI clarity. Public docs: docs/gateway/secrets.md. (docs/gateway/secrets.md:488, e46dccb35374)

Likely related people:

• Peter Steinberger: Current-line blame and available local path history for the inspected Control UI form, analyzer, tests, and relevant docs point to Peter on the current main history, including the commit that carries these surfaces in this checkout. (role: recent current-main Control UI/config maintainer; confidence: medium; commits: 34d11d57579d, 2d53b49b20e1, be8c24633aaa; files: ui/src/ui/views/config-form.node.ts, ui/src/ui/views/config-form.analyze.ts, ui/src/ui/views/config.browser.test.ts)
• joshavant: The provided issue timeline shows joshavant was mentioned/subscribed from the prior ClawSweeper review, and the provided related context routes prior external-secrets and SecretRef hardening work to this contributor. (role: adjacent SecretRef foundation contributor; confidence: medium; commits: ea13f59bdc2d; files: src/config/types.secrets.ts, src/config/redact-snapshot.ts, src/cli/secrets-cli.ts)

Remaining risk / open question:

• The safe disclosure boundary for env variable names and resolved/unresolved status needs maintainer/security judgment before UI implementation.
• A partial UI-only change could drift from the existing SecretRef target registry, redaction/restore behavior, and openclaw secrets audit/configure model.

Codex review notes: model gpt-5.5, reasoning high; reviewed against e46dccb35374.