Help Center/Getting Started/Adding API Keys Securely
Back to Help Center
Getting Started

Adding API Keys Securely

Learn how to securely add and manage API keys with encryption

Security Overview

AgentClaw takes API key security seriously. All environment variables, including API keys, are:

  • Encrypted at rest using AES-256-GCM encryption
  • Never logged in plain text
  • Transmitted securely over HTTPS
  • Isolated per instance - each agent has its own encrypted storage

How to Add API Keys

Method 1: During Instance Creation

  1. Navigate to /dashboard/instances/new
  2. Fill out the instance configuration form
  3. In the "Environment Variables" section, click "Add Variable"
  4. Enter the variable name (e.g., OPENAI_API_KEY)
  5. Paste your API key in the value field
  6. Click "Create Instance"

Method 2: Update Existing Instance

  1. Go to your instance details page
  2. Click the "Configuration" tab
  3. In the "Environment Variables" section, click "Add Variable"
  4. Enter the variable name and value
  5. Click "Save Changes"
  6. Restart your instance for changes to take effect

Common API Key Variables

AI Providers

  • OPENAI_API_KEY - Your OpenAI API key
  • ANTHROPIC_API_KEY - Your Anthropic API key
  • OPENROUTER_API_KEY - Your OpenRouter API key

Messaging Platforms

  • TELEGRAM_BOT_TOKEN - Your Telegram bot token from @BotFather
  • DISCORD_BOT_TOKEN - Your Discord bot token
  • WHATSAPP_API_KEY - Your WhatsApp Business API key

Optional Configuration

  • AI_MODEL - Specify the AI model to use (e.g., gpt-4, claude-4.5-sonnet)
  • SYSTEM_PROMPT - Custom system prompt for your agent
  • MAX_TOKENS - Maximum response length

Best Practices

  • Never share API keys: Keep your keys private and never commit them to version control
  • Use separate keys: Create separate API keys for development and production
  • Rotate regularly: Change your API keys periodically for security
  • Monitor usage: Check your AI provider's dashboard for unexpected usage
  • Set spending limits: Configure budget alerts in your AI provider account

Viewing and Editing Keys

For security reasons, API key values are never displayed after being saved. You can see the variable names but not the actual values.

To update an API key:

  1. Go to the Configuration tab
  2. Find the variable you want to update
  3. Click the "Edit" button
  4. Enter the new value
  5. Save and restart your instance

Deleting API Keys

To remove an API key:

  1. Navigate to your instance configuration
  2. Find the variable you want to delete
  3. Click the "Delete" button
  4. Confirm the deletion
  5. Restart your instance

Deleted keys are permanently removed from our encrypted storage.

Troubleshooting

Instance won't start after adding keys

  • Check the logs for authentication errors
  • Verify your API key is correct (no extra spaces or characters)
  • Ensure your API key has the correct permissions

API key not working

  • Make sure you restarted the instance after updating
  • Check if your API key has sufficient credits/quota
  • Verify the variable name matches what OpenClaw expects

Next Steps

Still need help?

Our support team is ready to assist you with any questions.

Contact Support