openclaw dashboard
Open the Control UI using your current auth.
--no-open: print the URL but do not launch a browser.--yes: start/install the Gateway without prompting when needed.
- Resolves configured
gateway.auth.tokenSecretRefs when possible. - Follows
gateway.tls.enabled: TLS-enabled gateways print/openhttps://Control UI URLs and connect overwss://. - For SecretRef-managed tokens (resolved or unresolved), the printed/copied/opened URL never includes the token, so external secrets do not leak into terminal output, clipboard history, or browser-launch arguments.
- If
gateway.auth.tokenis SecretRef-managed but unresolved, the command prints a non-tokenized URL and remediation guidance instead of an invalid token placeholder. - If clipboard/browser delivery fails for a token-authenticated URL, the command logs a safe manual-auth hint naming
OPENCLAW_GATEWAY_TOKEN,gateway.auth.token, and the URL fragment keytoken, without printing the token value.