Docs / Getting Started

OpenClaw secure launch, rewritten as a gated SaaS rollout.

Use this guide to move from trial runtime to production enforcement with deterministic policy decisions, audit evidence, and rollback safety.

OpenClaw Integration SaaS API Reference Console Guide Fail-Closed Design Open Console

At a glance

Who this is for

Teams running OpenClaw today that need compatibility endpoints with enterprise governance controls.

What this enforces

Pre-execution policy checks, fail-closed behavior, deterministic evidence hashes, and dry-run-safe rollout checks.

Launch outcome

A production runtime with explicit ALLOW/DENY semantics and verifiable release artifacts.

Command bootstrap

curl -sL https://gvner.com/docs/getting-started/openclaw-secure-launch.sh | \
  BASE_URL="http://209.46.122.136/api" \
  TENANT_ID="<TENANT_ID>" \
  TOKEN="<TENANT_TOKEN>" \
  bash

Use tenant-scoped token only; never reuse cross-environment tokens.

Keep this flow in compatibility mode (/openclaw/*) while migrating new workloads to /v1/integrations/*.

Launch sequence (gated)

Gate 1 — Register runtime identity

Create runtime identity with POST /openclaw/register and confirm tenant binding.

Gate 2 — Validate ALLOW/DENY behavior

Run one known-allow intent and one known-deny intent via POST /openclaw/intent.

Gate 3 — Execute fail-closed tests

Simulate timeout, invalid token, and denied scope paths. Side effects must remain blocked.

Gate 4 — Verify evidence packet integrity

Export JSON/PDF evidence and verify decision trace includes both allow and deny outcomes.

Gate 5 — Run production smoke and rollback rehearsal

Run startup health + tenant gate + release bundle checks before enabling production enforcement.

Compatibility API map

POST /openclaw/register

Registers an OpenClaw runtime identity tied to tenant and environment context.

POST /openclaw/intent

Evaluates each tool intent. Runtime must execute only when response is ALLOWED.

GET /runtime/adapters/contracts

Returns compatibility contract checks for OpenClaw, Temporal, and HTTP adapters.

GET /evidence/packet

Exports decision evidence in JSON/PDF for audit and incident reconstruction.

Minimal calls (copy/paste)

# Register runtime
curl -s -X POST "$BASE_URL/openclaw/register" \
  -H "X-Tenant-Token: $TOKEN" \
  -H "Content-Type: application/json" \
  -d "{\"tenant_id\":\"$TENANT_ID\",\"runtime_id\":\"openclaw-01\",\"description\":\"prod runtime\"}" | jq

# Known ALLOW intent
curl -s -X POST "$BASE_URL/openclaw/intent" \
  -H "X-Tenant-Token: $TOKEN" \
  -H "Content-Type: application/json" \
  -d "{\"tenant_id\":\"$TENANT_ID\",\"agent_id\":\"openclaw-01\",\"intent\":\"tool.read_files\",\"requested_scopes\":[\"read_files\"],\"tool\":\"filesystem\",\"context\":{\"source\":\"secure_launch\"},\"requested_budget\":1.0,\"work_type\":\"execution\"}" | jq

# Known DENY intent
curl -s -X POST "$BASE_URL/openclaw/intent" \
  -H "X-Tenant-Token: $TOKEN" \
  -H "Content-Type: application/json" \
  -d "{\"tenant_id\":\"$TENANT_ID\",\"agent_id\":\"openclaw-01\",\"intent\":\"tool.delete_finance\",\"requested_scopes\":[\"delete_finance_records\"],\"tool\":\"filesystem\",\"context\":{\"source\":\"secure_launch\"},\"requested_budget\":1.0,\"work_type\":\"execution\"}" | jq

Hard fail checks before production

If Gvner is unreachable, invalid, or ambiguous: deny execution (fail closed).

If token is invalid or out-of-tenant: deny execution and raise security alert.

If evidence export is missing or hash integrity fails: block release promotion.

Where to operate this in console

Integrations Control

Schema, health, and evaluate/execute views.

Approvals

Manual gate and dual-control operations.

Evidence Ledger

Trace decisions and export audit packets.

Release Bundles

Generate signed artifacts and compliance outputs.