openclaw acp speaks ACP over stdio for IDEs and forwards prompts to the Gateway over WebSocket, keeping ACP sessions mapped to Gateway session keys. It is a Gateway-backed ACP bridge, not a full ACP-native editor runtime: it focuses on session routing, prompt delivery, and streaming updates.
If you want an external MCP client to talk directly to OpenClaw channel conversations instead of hosting an ACP harness session, use openclaw mcp serve instead.
What this is not
openclaw acp means OpenClaw acts as an ACP server: an IDE or ACP client connects to OpenClaw, and OpenClaw forwards that work into a Gateway session.
This is different from ACP Agents, where OpenClaw runs an external harness such as Codex or Claude Code through acpx.
Quick rule:
- editor/client wants to talk ACP to OpenClaw: use
openclaw acp - OpenClaw should launch Codex/Claude/Gemini as an ACP harness: use
/acp spawnand ACP Agents
Compatibility matrix
| ACP area | Status | Notes |
|---|---|---|
initialize, newSession, prompt, cancel | Implemented | Core bridge flow over stdio to Gateway chat/send + abort. |
listSessions, slash commands | Implemented | Session list works against Gateway session state with bounded cursor pagination and cwd filtering where Gateway session rows carry workspace metadata; commands are advertised via available_commands_update. |
| Session lineage metadata | Implemented | Session listings and session info snapshots include OpenClaw parent and child lineage in _meta so ACP clients can render subagent graphs without private Gateway side channels. |
resumeSession, closeSession | Implemented | Resume rebinds an ACP session to an existing Gateway session without replaying history. Close cancels active bridge work, resolves pending prompts as cancelled, and releases bridge session state. |
loadSession | Partial | Rebinds the ACP session to a Gateway session key and replays ACP event-ledger history for bridge-created sessions. Older/no-ledger sessions fall back to stored user/assistant text. |
Prompt content (text, embedded resource, images) | Partial | Text/resources flatten into chat input; images become Gateway attachments. |
| Session modes | Partial | session/set_mode is supported; the bridge exposes Gateway-backed session controls for thought level, tool verbosity, reasoning, usage detail, and elevated actions. Broader ACP-native mode/config surfaces are still out of scope. |
| Thought streaming | Implemented | Model thinking content streams as agent_thought_chunk session updates. ACP-native session plans are not emitted. |
| Session info and usage updates | Partial | The bridge emits session_info_update and best-effort usage_update notifications from cached Gateway session snapshots. Usage is approximate and only sent when Gateway token totals are marked fresh. |
| Tool streaming | Partial | tool_call/tool_call_update events include raw I/O, text content, and best-effort file locations when Gateway tool args/results expose them. Embedded terminals and richer diff-native output are not exposed. |
| Exec approvals | Partial | Gateway exec approval prompts during active ACP prompt turns relay to the ACP client with session/request_permission. |
Per-session MCP servers (mcpServers) | Unsupported | Bridge mode rejects per-session MCP server requests. Configure MCP on the OpenClaw Gateway or agent instead. |
Client filesystem methods (fs/read_text_file, fs/write_text_file) | Unsupported | The bridge does not call ACP client filesystem methods. |
Client terminal methods (terminal/*) | Unsupported | The bridge does not create ACP client terminals or stream terminal ids through tool calls. |
Known limitations
loadSessionreplays complete ACP event-ledger history only for bridge-created sessions. Older/no-ledger sessions use transcript fallback and do not reconstruct historic tool calls or system notices.- If multiple ACP clients share the same Gateway session key, event and cancel routing are best-effort rather than strictly isolated per client. Prefer the default isolated
acp-bridge:<uuid>sessions when you need clean editor-local turns. - Gateway stop states translate into ACP stop reasons, but that mapping is less expressive than a fully ACP-native runtime.
- Session controls surface a focused subset of Gateway knobs: thought level, tool verbosity, reasoning, usage detail, and elevated actions. Model selection and exec-host controls are not exposed as ACP config options.
session_info_updateandusage_updatederive from Gateway session snapshots, not live ACP-native runtime accounting. Usage is approximate, carries no cost data, and is only emitted when the Gateway marks total token data as fresh.- Tool follow-along data is best-effort: the bridge surfaces file paths that appear in known tool args/results, but does not emit ACP terminals or structured file diffs.
- Exec approval relay is scoped to the active ACP prompt turn; approvals from other Gateway sessions are ignored.
Usage
ACP client (debug)
Use the built-in ACP client to sanity-check the bridge without an IDE. It spawns the ACP bridge and lets you type prompts interactively.- Auto-approval is allowlist-based and applies only to trusted core tool IDs.
readauto-approval is scoped to the current working directory (--cwdwhen set).- ACP only auto-approves narrow readonly classes: scoped
readcalls under the active cwd, plus readonly search tools (search,web_search,memory_search). Unknown/non-core tools, out-of-scope reads, exec-capable tools, control-plane tools, mutating tools, and interactive flows always require explicit prompt approval. - Server-provided
toolCall.kindis treated as untrusted metadata, not an authorization source. - This ACP bridge policy is separate from ACPX harness permissions. If you run OpenClaw through the
acpxbackend,plugins.entries.acpx.config.permissionMode=approve-allis the break-glass “yolo” switch for that harness session.
Protocol smoke testing
For protocol-level debugging, start a Gateway with isolated state and driveopenclaw acp over stdio with an ACP JSON-RPC client. Cover initialize, session/new, session/list with an absolute cwd, session/resume, session/close, duplicate close, and missing resume.
The proof should include the advertised lifecycle capabilities, a Gateway-backed session row, update notifications, and the Gateway sessions.list log:
openclaw gateway call sessions.list as the only ACP proof. That CLI path may request a fresh-token operator scope upgrade; ACP bridge correctness is proven by ACP stdio frames plus the Gateway sessions.list log.
How to use this
Use ACP when an IDE (or other client) speaks Agent Client Protocol and you want it to drive an OpenClaw Gateway session.- Ensure the Gateway is running (local or remote).
- Configure the Gateway target (config or flags).
- Point your IDE to run
openclaw acpover stdio.
Selecting agents
ACP does not pick agents directly. It routes by the Gateway session key. Use agent-scoped session keys to target a specific agent:acp-bridge:<uuid> session unless you override the key or label.
Per-session mcpServers are not supported in bridge mode. If an ACP client sends them during newSession or loadSession, the bridge returns a clear error instead of silently ignoring them.
If you want ACPX-backed sessions to see OpenClaw plugin tools or selected built-in tools such as cron, enable the gateway-side ACPX MCP bridges instead of trying to pass per-session mcpServers. See ACP Agents and OpenClaw tools MCP bridge.
Use from acpx (Codex, Claude, other ACP clients)
If you want a coding agent such as Codex or Claude Code to talk to your OpenClaw bot over ACP, use acpx with its built-in openclaw target.
Typical flow:
- Run the Gateway and make sure the ACP bridge can reach it.
- Point
acpx openclawatopenclaw acp. - Target the OpenClaw session key you want the coding agent to use.
acpx openclaw to target a specific Gateway and session key every time, override the openclaw agent command in ~/.acpx/config.json:
Zed editor setup
Add a custom ACP agent in~/.config/zed/settings.json (or use Zed’s Settings UI):
Session mapping
By default, ACP bridge sessions get an isolated Gateway session key with anacp-bridge: prefix. These normal-model bridge sessions are synthetic and disposable: they are subject to stale-entry pruning and are not treated as protected human conversation surfaces. To reuse a known session, pass a session key or label:
--session <key>: use a specific Gateway session key.--session-label <label>: resolve an existing session by label.--reset-session: mint a fresh session id for that key (same key, new transcript).
Options
--url <url>: Gateway WebSocket URL (defaults togateway.remote.urlwhen configured).--token <token>: Gateway auth token.--token-file <path>: read Gateway auth token from file.--password <password>: Gateway auth password.--password-file <path>: read Gateway auth password from file.--session <key>: default session key.--session-label <label>: default session label to resolve.--require-existing: fail if the session key/label does not exist.--reset-session: reset the session key before first use.--no-prefix-cwd: do not prefix prompts with the working directory.--provenance <off|meta|meta+receipt>: include ACP provenance metadata or receipts.--verbose, -v: verbose logging to stderr.
--tokenand--passwordcan be visible in local process listings on some systems. Prefer--token-file/--password-fileor environment variables (OPENCLAW_GATEWAY_TOKEN,OPENCLAW_GATEWAY_PASSWORD).- Gateway auth resolution follows the shared contract used by other Gateway clients:
- local mode: env (
OPENCLAW_GATEWAY_*) thengateway.auth.*, falling back togateway.remote.*only whengateway.auth.*is unset (a configured-but-unresolved local SecretRef fails closed instead of silently falling back) - remote mode:
gateway.remote.*with env/config fallback per remote precedence rules --urlis override-safe and does not reuse implicit config/env credentials; pass explicit--token/--password(or file variants)
- local mode: env (
acp client options
--cwd <dir>: working directory for the ACP session.--server <command>: ACP server command (default:openclaw).--server-args <args...>: extra arguments passed to the ACP server.--server-verbose: enable verbose logging on the ACP server.--verbose, -v: verbose client logging.openclaw acp clientsetsOPENCLAW_SHELL=acp-clienton the spawned bridge process, which can be used for context-specific shell/profile rules.