Using Webhooks in OpenClaw
Turn OpenClaw into a real-time automation layer. With webhooks, outside systems can wake an agent, trigger isolated runs, and route structured events into the right session without waiting for a human to type first.
Updated for current OpenClaw behavior
The core webhook surface is still /hooks/wake, /hooks/agent, and mapped /hooks/<name> routes. What changed in recent OpenClaw releases is the safety model around them: dedicated hook tokens, stricter session-key controls, tighter hook CLI authority, and broader webhook hardening across channel integrations.
Why webhooks matter
Webhooks are how OpenClaw stops being just a chat interface and starts acting like an operations layer. Instead of polling everything manually, external tools can push events into OpenClaw the moment something happens.
What you can do with them
- Wake your main session when a lightweight event arrives
- Trigger isolated agent runs from GitHub, Stripe, forms, or internal tools
- Map noisy third-party payloads into clean prompts for the right agent
- Wire Gmail Pub/Sub into OpenClaw with the built-in helper commands
- Pair inbound hooks with cron jobs for full two-way automation
First, know the two different hook systems
OpenClaw uses the word hooks in two different ways, and that trips people up.
HTTP webhooks
External services POST into your Gateway. This is what you want for GitHub, Gmail, Stripe, forms, sensors, or automation tools.
Internal hooks
Local event handlers inside OpenClaw itself. Useful for lifecycle events, plugin logic, or local automation, but not the same as public HTTP ingress.
For external integrations, you want the HTTP webhook surface under the hooks config block.
Step 1: enable webhook ingress
Edit your OpenClaw config, usually ~/.openclaw/openclaw.json, and add a dedicated hooks section.
{
"hooks": {
"enabled": true,
"token": "replace-with-a-long-random-secret",
"path": "/hooks",
"maxBodyBytes": 262144,
"defaultSessionKey": "hook:ingress",
"allowRequestSessionKey": false,
"allowedSessionKeyPrefixes": ["hook:"],
"allowedAgentIds": ["hooks", "main"],
"presets": ["gmail"],
"transformsDir": "~/.openclaw/hooks/transforms",
"mappings": []
}
}Use a dedicated token
Newer OpenClaw validation explicitly rejects reusing gateway.auth.token as hooks.token. Treat the hook token as its own password.
Keep the path scoped
hooks.path cannot be "/". Use a subpath such as /hooks so your ingress surface stays explicit.
Lock down routing
Keep allowRequestSessionKey off unless you truly need caller-chosen sessions. If you enable it, also limit allowedSessionKeyPrefixes so callers cannot spray arbitrary session IDs.
Constrain which agents can be targeted
Use allowedAgentIds to limit explicit routing. This is one of the easiest ways to prevent a webhook from reaching the wrong agent surface.
Step 2: authenticate requests correctly
OpenClaw accepts the hook token in a header, not the query string.
Authorization: Bearer <token> # or x-openclaw-token: <token>
Important
Query-string hook tokens are rejected. Older webhook habits like ?token=... are not the right pattern here.
Step 3: choose the right endpoint
A) Use /hooks/wake for lightweight nudges
This is the smallest possible webhook pattern. It does not ask an isolated agent to solve a big task. It simply injects an event for the main session.
curl -X POST http://127.0.0.1:18789/hooks/wake -H 'Authorization: Bearer SECRET' -H 'Content-Type: application/json' -d '{"text":"New support ticket received","mode":"now"}'textis requiredmodecan benowornext-heartbeat- Best for simple notifications, not full reasoning workflows
B) Use /hooks/agent for direct isolated runs
This is the endpoint to use when the incoming event should produce an actual agent turn.
curl -X POST http://127.0.0.1:18789/hooks/agent -H 'Authorization: Bearer SECRET' -H 'Content-Type: application/json' -d '{
"message": "Summarize this failed deployment and tell me the likely cause",
"name": "Deploy Alert",
"agentId": "hooks",
"deliver": true,
"channel": "last",
"model": "openai/gpt-5.4-mini",
"thinking": "medium",
"timeoutSeconds": 90
}'Supported fields include message, name, agentId, sessionKey, wakeMode, deliver, channel, to, model, thinking, and timeoutSeconds.
C) Use mapped hooks for real integrations
Mapped hooks are usually the best long-term pattern. They let each sender keep its own payload format while OpenClaw transforms that payload into a clean wake or agent action.
{
"hooks": {
"enabled": true,
"token": "replace-with-a-long-random-secret",
"path": "/hooks",
"defaultSessionKey": "hook:ingress",
"allowedSessionKeyPrefixes": ["hook:"],
"allowedAgentIds": ["hooks"],
"mappings": [
{
"match": { "path": "github-pr" },
"action": "agent",
"agentId": "hooks",
"wakeMode": "now",
"name": "GitHub PR",
"sessionKey": "hook:github:pr:{{pull_request.number}}",
"messageTemplate": "Repository: {{repository.full_name}}
PR: #{{pull_request.number}} {{pull_request.title}}
Action: {{action}}
Author: {{pull_request.user.login}}",
"deliver": true,
"channel": "last",
"model": "openai/gpt-5.4-mini"
}
]
}
}That gives you an endpoint like POST /hooks/github-pr. OpenClaw reads the incoming payload, fills the template, and launches a clean agent run.
Why mapped hooks are better than raw agent calls
- You can keep stable session-key rules per source
- You normalize ugly third-party payloads into readable prompts
- You can constrain routing once in config instead of trusting every sender
- You can later swap templates for transform modules without changing the public URL
Step 4: leverage Gmail Pub/Sub without building it from scratch
OpenClaw already ships with Gmail webhook helpers. If your goal is inbox-triggered automation, use the helper instead of inventing your own bridge first.
openclaw webhooks gmail setup --account [email protected] openclaw webhooks gmail run
Useful setup variations include:
openclaw webhooks gmail setup --account [email protected] --project my-gcp-project --json openclaw webhooks gmail setup --account [email protected] --hook-url https://gateway.example.com/hooks/gmail
The helper supports flags like --topic, --subscription, --hook-token, --push-token, --include-body, --max-bytes, and Tailscale options for public ingress.
Current behavior
When hooks.enabled=true and hooks.gmail.account is configured, the Gateway can auto-start the Gmail watcher on boot. If you need to disable that, set OPENCLAW_SKIP_GMAIL_WATCHER=1.
Step 5: use cron when OpenClaw needs to call out
Webhook workflows are often bidirectional. External systems call OpenClaw, then OpenClaw later needs to POST somewhere else. For scheduled outbound delivery, use cron's webhook delivery mode rather than hacking your own runner.
{
"cron": {
"enabled": true,
"webhookToken": "replace-with-dedicated-outbound-token"
}
}OpenClaw cron jobs support delivery modes of announce, webhook, or none. That means you can combine inbound hooks, isolated agent reasoning, and outbound webhooks into one clean automation chain.
Production patterns that actually hold up
1) Keep ingress narrow
Prefer loopback, a tailnet, or a trusted reverse proxy. Do not expose your raw Gateway port broadly unless you truly understand the blast radius.
2) Treat retries as normal
Webhook senders retry. Design for that. Stable session keys and upstream event IDs matter if you want to avoid duplicate alerts or repeated agent work.
3) Put the transformation at the edge
If the source payload is huge or ugly, normalize it with mappings or transforms before it becomes an expensive prompt. Clean ingress saves tokens and reduces agent confusion.
4) Verify provider signatures when possible
A shared token is your baseline. For high-value sources like billing or source control, signature verification at the proxy or relay layer is even better.
Recent OpenClaw changes worth knowing
If you read an older webhook tutorial, this is the part that may be missing.
- The core endpoints did not change, but validation got stricter. Recent docs and security checks now explicitly reject token reuse with Gateway auth, reject
hooks.path: "/", and warn when request-driven session overrides are too open. - Webhook docs moved. The dedicated webhook docs page now points to the Scheduled Tasks documentation section, so newer webhook guidance lives under the broader automation docs.
- Recent releases hardened the edges around hooks. OpenClaw's April and May 2026 updates mention webhook-driven TaskFlow ingress, untrusted wake-hook owner downgrades, tighter hook CLI authority, stricter webhook parsing, webhook-auth throttling, and rate-limiting fixes on some channel webhook integrations.
- Some hook-related fields are intentionally not SecretRef targets. In current docs,
hooks.token,hooks.gmail.pushToken, andhooks.mappings[].sessionKeyare called out as unsupported SecretRef surfaces.
Troubleshooting
Webhook returns unauthorized
- Confirm you are using a header, not a query-string token
- Make sure
hooks.tokenis non-empty - Verify you did not accidentally reuse the Gateway auth token
Mapped hook hits the endpoint but nothing useful happens
- Check that
match.pathmatches the URL after/hooks - Validate your payload field names against the template variables you reference
- Start with a simple template before adding transforms
Agent routing is too open
Restrict allowedAgentIds and leave allowRequestSessionKey off unless you have a strong reason not to.
Need a quick health check
Use the built-in diagnostics:
openclaw statusopenclaw security auditBest practices
- Use mapped hooks for long-lived integrations instead of stuffing raw JSON into
/hooks/agent - Keep session keys predictable and prefix-scoped
- Use a separate hooks agent when you want cleaner operational boundaries
- Pair inbound webhooks with cron jobs and custom skills for full workflows
- Run a security audit after changes, especially if you opened ingress to the public internet
The practical takeaway
The best OpenClaw webhook setups are not just "an endpoint with a token." They have scoped routing, clean mappings, predictable session keys, and a clear separation between ingress, reasoning, and delivery.
That is what turns webhooks from a neat demo into dependable agent infrastructure.