Registration API
Register self-hosted (Home) and linked (Link) agent installations. These endpoints are backend-only and support the Home and Link deployment modes alongside the default Cloud mode.Home mode runs the agent container on your own hardware via Docker. Link mode connects an existing OpenClaw instance to the Agentbot platform. Cloud mode (the default) runs the agent on Agentbot infrastructure.
Install script
text/plain.
This script automates the setup of a self-hosted agent container. Pipe it to your shell to begin the Home mode installation:
Link script
text/plain.
This script connects an existing OpenClaw instance to the Agentbot platform. Pipe it to your shell to begin the Link mode setup:
Validate API key
api_keys database table. Raw keys are never stored or compared directly. No session authentication is required — the API key is passed in the Authorization header.
The web application’s key validation endpoint uses a separate bcrypt-based lookup with the
sk_ prefix convention. The backend endpoint documented here uses SHA-256 hashing and does not require the sk_ prefix.Headers
Response
Errors
Register Home installation
x-user-email, x-user-id, x-user-role) set by the authenticated frontend. The backend middleware extracts these headers but does not independently verify a bearer token on this route.
The web proxy forwards identity headers from the active session. The backend
authenticate middleware reads these headers and attaches them to the request context. If no headers are provided, userId defaults to anonymous.Request body
Response
Errors
Register Link installation
x-user-email, x-user-id, x-user-role) set by the authenticated frontend.
The web proxy forwards identity headers from the active session. The backend
authenticate middleware reads these headers and attaches them to the request context. If no headers are provided, userId defaults to anonymous.Request body
Response
Errors
List installations
x-user-email, x-user-id, x-user-role) set by the authenticated frontend.
Response
Errors
Registration heartbeat
userId matches a known registration, the last_seen timestamp is updated and the status is set to active. Requires authentication.
This is a backend registration heartbeat for Home and Link installations. It is separate from the web heartbeat settings endpoint, which configures heartbeat scheduling for the web dashboard.
Authentication
This endpoint uses theauthenticate middleware which reads identity headers (x-user-email, x-user-id, x-user-role) from the request. If no headers are provided, the middleware assigns default values (userId defaults to anonymous) and the request proceeds. The middleware does not reject unauthenticated requests.