[Bug]:ontrol UI auto-pairs on loopback but is granted only admin/approvals/pairing scopes, then fails all read RPCs with `missing scope: operator.read`

[babafetta888]

Bug type

Behavior bug (incorrect output/state without crash)

Summary

n a macOS local-loopback install, the OpenClaw Control UI/dashboard successfully connects and is auto-paired as an operator device, but the paired device is granted only these scopes:

• operator.admin
• operator.approvals
• operator.pairing

It is not granted:

• operator.read
• operator.write

As a result, the dashboard immediately fails on normal read-path RPCs such as:

• status
• system-presence
• config.get

with errors like:

• missing scope: operator.read
  The CLI on the same machine gets the correct operator scopes, so this appears to be specific to the Control UI / webchat pairing path.# Environment

• OpenClaw version: 2026.3.13

• Install method: pnpm global install

• OS: macOS 26.1 (arm64)

• Node: 22.22.1

• Gateway mode: local

• Gateway bind: loopback

• Gateway auth: token

• Dashboard URL: http://127.0.0.1:18789/

• Browser: Chrome on the local Mac mini

Relevant config (redacted)

{
  "commands": {
    "allowFrom": {
      "discord": [
        "user:654359695682961418"
      ]
    }
  },
  "channels": {
    "discord": {
      "enabled": true,
      "token": "REDACTED",
      "groupPolicy": "allowlist",
      "guilds": {
        "1482145574177476620": {
          "channels": {
            "1482145575582302301": {
              "allow": true
            }
          },
          "users": [
            "654359695682961418"
          ]
        }
      },
      "streaming": "off"
    }
  },
  "gateway": {
    "port": 18789,
    "mode": "local",
    "bind": "loopback",
    "auth": {
      "mode": "token",
      "token": "REDACTED"
    },
    "tailscale": {
      "mode": "off",
      "resetOnExit": false
    }
  }
}

Steps to reproduce

Reproduction steps

1. Install/configure OpenClaw locally on macOS with:
   • gateway.mode: "local"
   • gateway.bind: "loopback"
   • gateway.auth.mode: "token"
2. Start the gateway normally.
3. Open the Control UI on:
   • http://127.0.0.1:18789/
   • or use openclaw dashboard --no-open and open the generated tokenized URL.
4. Let the Control UI auto-pair on loopback.
5. Observe that the UI connects, but subsequent RPCs fail.

Expected behavior

Expected behavior

The Control UI should receive the normal operator scope bundle required for dashboard usage, including at least:

• operator.read
• operator.write

So that the dashboard can successfully call:

• status
• system-presence
• config.get
• other standard Control UI read/write methods

Actual behavior

Actual behavior

The Control UI device is auto-paired with only:

• operator.admin
• operator.approvals
• operator.pairing

and then all standard read RPCs fail with:

• missing scope: operator.read

OpenClaw version

OpenClaw 2026.3.13

Operating system

macOS 26.1 (25B78)

Install method

npm global install

Model

openai-codex/gpt-5.4

Provider / routing chain

Discord → OpenClaw gateway (local, loopback) → main agent → openai-codex → gpt-5.4

Config file / key location

No response

Additional provider/model setup details

No response

Logs, screenshots, and evidence

## Evidence

### `openclaw status --all`

Shows gateway degraded/unreachable for detail RPC due to missing `operator.read`:


Gateway         local · ws://127.0.0.1:18789 (local loopback) · unreachable (missing scope: operator.read)


### Paired devices

The Control UI devices repeatedly pair with the wrong scope baseline:


{
  "deviceId": "7580e92bacc1fa8c87f2c164148dd26935cfcbc14e2036d99391aaf088bfca51",
  "clientId": "openclaw-control-ui",
  "clientMode": "webchat",
  "role": "operator",
  "scopes": [
    "operator.admin",
    "operator.approvals",
    "operator.pairing"
  ]
}


Meanwhile the local CLI device on the same machine gets the expected scopes:


{
  "clientId": "cli",
  "clientMode": "cli",
  "role": "operator",
  "scopes": [
    "operator.read",
    "operator.admin",
    "operator.write",
    "operator.approvals",
    "operator.pairing"
  ]
}


### Gateway log lines

Examples:


[ws] webchat connected ... client=openclaw-control-ui webchat v2026.3.13
[ws] ⇄ res ✗ status 0ms errorCode=INVALID_REQUEST errorMessage=missing scope: operator.read
[ws] ⇄ res ✗ system-presence 0ms errorCode=INVALID_REQUEST errorMessage=missing scope: operator.read
[ws] ⇄ res ✗ config.get 0ms errorCode=INVALID_REQUEST errorMessage=missing scope: operator.read


And fresh browser/device re-pair attempts still auto-approve with the wrong scope set.

## Troubleshooting already attempted

The following were all tried and did **not** fix the issue:

1. Clearing browser site data for `127.0.0.1:18789`
2. Closing/reopening dashboard tabs
3. Using fresh tokenized dashboard URLs
4. Removing and re-pairing the Control UI device
5. Rotating the Control UI device token to include read/write
6. Restarting the gateway after token rotation
7. Full OpenClaw reinstall via `pnpm add -g openclaw@2026.3.13`

After reinstall, the issue persisted unchanged.

## Why this appears to be a bug/regression

Recent OpenClaw changelog entries suggest the Control UI / operator scope path is intended to include read/write behavior for Control UI clients, and there have been multiple recent fixes in this area around:

- Control UI auth / bypass behavior
- requested operator scope preservation
- default operator connect scope bundles across CLI / Control UI / macOS clients

In this case, the behavior still appears wrong specifically for `openclaw-control-ui` on loopback.

## Impact

- Discord and CLI continue to work
- Gateway itself is healthy
- But the **local dashboard is effectively unusable** for normal status/config/presence operations

## Request

Please investigate the Control UI pairing/default-scope path for loopback/local dashboard connections on `2026.3.13`, especially why `openclaw-control-ui` is being auto-approved without `operator.read` / `operator.write` while the local CLI gets the expected scope bundle.

Impact and severity

No response

Additional information

No response

[michaelkim33]

Confirming this bug is still present on version 2026.3.13 (61d171a).

We've tried:

1. Removing and re-pairing the Control UI device
2. Token rotation via openclaw devices rotate
3. Full gateway restart

The Control UI device still gets only [admin, approvals, pairing] scopes on re-pair, never operator.read.

Workaround accepted: Everything else works (Telegram, cron, agent spawning, gateway RPC calls via openclaw gateway call status, etc). Only the openclaw status command shows the cosmetic 'limited' message.

Please prioritize this fix as it affects the basic user experience of the local dashboard.

[tarshalas]

Reproduced on OpenClaw 2026.3.13 on macOS arm64 with a local loopback gateway (gateway.bind=loopback, gateway.auth.mode=token).

What I observed very consistently:

• The CLI operator device is paired with the expected full scopes:
  • operator.admin
  • operator.read
  • operator.write
  • operator.approvals
  • operator.pairing
• The Control UI browser devices (clientId: openclaw-control-ui, clientMode: webchat) are auto-approved with only:
  • operator.admin
  • operator.approvals
  • operator.pairing
• They are missing:
  • operator.read
  • operator.write

As a result, the dashboard immediately fails read RPCs like:

• status
• system-presence
• config.get

Gateway log excerpts are the expected pattern:

• errorMessage=missing scope: operator.read

Important details from debugging:

1. This is not just stale browser cache.

   • I fully cleared Chrome site data and restarted Chrome.
   • On reconnect, the gateway auto-approved a brand new openclaw-control-ui device.
   • That brand new device was again created with only operator.admin, operator.approvals, operator.pairing.

2. This is not the CLI/local device being broken.

   • ~/.openclaw/identity/device-auth.json points to the CLI device, which has the full expected scope set including operator.read and operator.write.

3. Hand-editing older paired.json entries was not a real fix.

   • I manually patched old browser device entries so their stored scopes included operator.read/operator.write.
   • After restart and fresh browser reconnect, OpenClaw simply created a new browser device with the reduced/broken scope set again.
   • That strongly suggests the bug is in the auto-pair/default scope assignment path for openclaw-control-ui webchat devices, not just stale state on disk.

Concrete evidence from ~/.openclaw/devices/paired.json:

• clientId: cli, clientMode: cli -> full scopes including read/write
• clientId: openclaw-control-ui, clientMode: webchat -> repeatedly auto-paired without read/write

So this looks like a reproducible regression where new Control UI webchat/operator devices on loopback are being auto-approved with the wrong default scope bundle.

If useful, I can also provide a sanitized paired.json diff showing the CLI device vs the freshly auto-created browser device.

[steipete]

Closing this as implemented after Codex review.

Current main already carries the Control UI scope-bundle behavior this issue asks for: the browser client requests operator.read and operator.write, local first-pairing remains silently auto-approved, and only later scope upgrades require approval.

What I checked:

• Control UI requests full operator scope bundle: CONTROL_UI_OPERATOR_SCOPES includes operator.admin, operator.read, operator.write, operator.approvals, and operator.pairing. buildConnectPlan() uses that bundle for every Control UI connect. (ui/src/ui/gateway.ts:147, 56fe2aab9c87)
• Regression test locks the Control UI connect scopes: Node-side UI test asserts the connect frame sends the full Control UI operator scope bundle. (ui/src/ui/gateway.node.test.ts:225, 56fe2aab9c87)
• Loopback first-pairing is still silently auto-approved: Handshake helper allows silent local pairing for not-paired, scope-upgrade, and role-upgrade on local connections; the dedicated test covers that behavior. (src/gateway/server/ws-connection/handshake-auth-helpers.ts:75, 56fe2aab9c87)
• Server only makes scope upgrades interactive: When a pairing request is created during connect, scope-upgrade is forced non-silent, but other local pairing reasons remain silent. Silent approvals pass callerScopes: scopes, i.e. the scopes requested by the connecting client. (src/gateway/server/ws-connection/message-handler.ts:944, 56fe2aab9c87)
• Device pairing approval preserves requested scopes: approveDevicePairing() validates the requested operator scopes against the caller scopes instead of replacing them with an admin-only baseline. (src/infra/device-pairing.ts:560, 56fe2aab9c87)
• Control UI loopback upgrade behavior is covered: Current gateway suite explicitly verifies that a loopback Control UI client with an existing read-scoped pairing must request approval for a later operator.admin scope upgrade, which matches the intended post-fix behavior. (src/gateway/server.auth.control-ui.suite.ts:706, 56fe2aab9c87)

So I’m closing this as already implemented rather than keeping a duplicate issue open.

Review notes: reviewed against 56fe2aab9c87.