fix(azureopenai): update correct request body format for azure openai endpoints

[kunalk16]

Summary

Describe the problem and fix in 2–5 bullets:

• Problem: Unable to successfully validate Azure OpenAI endpoints. Verification fails with 400 error.
• Why it matters: When we onboard openclaw and want to use a custom provider, while using azure openai endpoints, we get 400 response during endpoint validation due to incorrect header, incorrect request body format. This prevents users from successfully onboarding, people who use azure openai.
• What changed: The validation request body and the headers during azure openai endpoint validation during custom provider onboarding
• What did NOT change (scope boundary): the flow of the custom provider validation didnt change, just the internal validation api call changed.

Change Type (select all)

• Bug fix
• Feature
• Refactor
• Docs
• Security hardening
• Chore/infra

Scope (select all touched areas)

• Gateway / orchestration
• Skills / tool execution
• Auth / tokens
• Memory / storage
• Integrations
• API / contracts
• UI / DX
• CI/CD / infra

Linked Issue/PR

None

• Closes #
• Related #

User-visible / Behavior Changes

List user-visible changes (including defaults/config).
None

Security Impact (required)

• New permissions/capabilities? No
• Secrets/tokens handling changed? No
• New/changed network calls? No
• Command/tool execution surface changed? No
• Data access scope changed? No
• If any Yes, explain risk + mitigation:

Repro + Verification

Verified in my test ubuntu virtual machines
Repro step is to use custom provider for openclaw onboard using a valid openai endpoint, apikey and model deployment. It currently fails with verification failure 400 response
Failure repro:

Successful after fix repro:

Environment

• OS:
• Runtime/container:
• Model/provider:
• Integration/channel (if any):
• Relevant config (redacted):

Steps

1. Install openclaw
2. Openclaw onboard with LLM configuration option custom provider
3. Enter azure openai endpoint, api key, model deployment name, etc and then validate

Expected

Validation to be successful for correct azure openai endpoint, api key, model deployment name

Actual

Current code returns 400 error during validation for azure openai endpoints

Evidence

Attach at least one:

• Failing test/log before + passing after
• Trace/log snippets
• Screenshot/recording
• Perf numbers (if relevant)

Fails before the fix:

Successful after the fix:

Human Verification (required)

What you personally verified (not just CI), and how:

• Verified scenarios: openclaw onboard scenario with custom provider LLM to work(screenshots attached)
• Edge cases checked: Adding slash at the end of the base url, without slash
• What you did not verify:

Compatibility / Migration

• Backward compatible? Not applicable
• Config/env changes? Not applicable
• Migration needed? Not applicable
• If yes, exact upgrade steps:

Failure Recovery (if this breaks)

• How to disable/revert this change quickly: revert my PR
• Files/config to restore: onboard-custom.ts
• Known bad symptoms reviewers should watch for:

Risks and Mitigations

List only real risks for this PR. Add/remove entries as needed. If none, write None.
None

• Risk:
  • Mitigation:

[greptile-apps]

Greptile Summary

This PR attempts to fix Azure OpenAI custom provider validation by adjusting the authentication header and request body format in src/commands/onboard-custom.ts. The problem it addresses is real — Azure OpenAI uses an api-key header (not Authorization: Bearer), places the model in the URL path rather than the request body, and has a slightly different request schema. However, all three changes are applied unconditionally to buildOpenAiHeaders and requestOpenAiVerification, which are shared by all OpenAI-compatible providers, not just Azure.

Key issues found:

• api-key header replaces Authorization: Bearer globally — this breaks standard OpenAI and every other OpenAI-compatible provider (Ollama, LM Studio, Together AI, etc.) that expects Authorization: Bearer <key>. The file already has an isAzureUrl() helper that should be used here.
• model removed from the request body unconditionally — standard OpenAI and virtually all other OpenAI-compatible APIs require model in the body. Only Azure embeds the model in the URL path. This will cause 400/422 errors for all non-Azure providers.
• max_tokens: 1 replaced with max_completion_tokens: DEFAULT_MAX_TOKENS (4096) — max_completion_tokens is an OpenAI v2 parameter not recognised by many third-party OpenAI-compatible providers, and allowing up to 4 096 output tokens for a verification call is unnecessarily costly/slow compared to the original max_tokens: 1.

All three changes need to be made conditional on isAzureUrl(params.baseUrl), which is already available in the file.

Confidence Score: 1/5

• Not safe to merge — the fix solves Azure validation but introduces regressions for all standard OpenAI and OpenAI-compatible providers.
• All three changes in this PR are applied globally but should be conditional on isAzureUrl(). Merging as-is will break endpoint verification for every non-Azure OpenAI-compatible custom provider, which is the majority of users this flow supports.
• src/commands/onboard-custom.ts — all three changed hunks (buildOpenAiHeaders, the request body in requestOpenAiVerification) need to be made Azure-conditional.

_{Last reviewed commit: 96b59ad}

[greptile-apps]

_{1 file reviewed, 3 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

Additional Comments (1)

src/commands/onboard-custom.ts
Removing model breaks all non-Azure OpenAI-compatible providers

For Azure OpenAI the model/deployment is embedded in the request URL, so omitting model from the body is correct there. However, standard OpenAI and virtually every other OpenAI-compatible API (Ollama, Together AI, Fireworks, LM Studio, etc.) require model in the request body — omitting it will yield a 400 or 422 error for all those providers.

The model field should be included conditionally based on whether the URL is an Azure URL:

body: {
  ...(!isAzureUrl(params.baseUrl) ? { model: params.modelId } : {}),
  messages: [{ role: "user", content: "Hi" }],
  temperature: 1,
  max_completion_tokens: DEFAULT_MAX_TOKENS,
  stream: false,
},

Prompt To Fix With AI

This is a comment left during a code review.
Path: src/commands/onboard-custom.ts
Line: 314-323

Comment:
**Removing `model` breaks all non-Azure OpenAI-compatible providers**

For Azure OpenAI the model/deployment is embedded in the request URL, so omitting `model` from the body is correct there. However, standard OpenAI and virtually every other OpenAI-compatible API (Ollama, Together AI, Fireworks, LM Studio, etc.) require `model` in the request body — omitting it will yield a `400` or `422` error for all those providers.

The `model` field should be included conditionally based on whether the URL is an Azure URL:

```ts
body: {
  ...(!isAzureUrl(params.baseUrl) ? { model: params.modelId } : {}),
  messages: [{ role: "user", content: "Hi" }],
  temperature: 1,
  max_completion_tokens: DEFAULT_MAX_TOKENS,
  stream: false,
},
```

How can I resolve this? If you propose a fix, please make it concise.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 96b59ad579

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: f4da4a3ecd

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 4f373411ac

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: bae5810824

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 1c2755c66b

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[obviyus]

Landed via temp rebase onto main.

• Gate: pnpm check && pnpm build && OPENCLAW_TEST_PROFILE=low OPENCLAW_TEST_SERIAL_GATEWAY=1 pnpm test (pnpm check + pnpm build pass; test suite has pre-existing unrelated failures in src/docker-setup.test.ts, src/commands/onboard-non-interactive.provider-auth.test.ts, and test/scripts/ios-team-id.test.ts).
• Supplemental: pnpm test src/commands/onboard-custom.test.ts src/commands/onboard-non-interactive.provider-auth.test.ts (new coverage file passes; existing unrelated failure remains in openrouter ref-mode test).
• Land commit: b118db6
• Merge commit: 89e158f

Thanks @kunalk16!