feat(agents): add generic provider api key rotation (#19587)

2026-03-12 07:20:45 +00:00 · 2026-02-18 01:31:11 +01:00
parent 9cce40d123
commit 2e91552f09
8 changed files with 318 additions and 59 deletions
--- a/docs/gateway/authentication.md
+++ b/docs/gateway/authentication.md
@@ -103,6 +103,23 @@ openclaw models status
 openclaw doctor
 ```

+## API key rotation behavior (gateway)
+
+Some providers support retrying a request with alternative keys when an API call
+hits a provider rate limit.
+
+- Priority order:
+  - `OPENCLAW_LIVE_<PROVIDER>_KEY` (single override)
+  - `<PROVIDER>_API_KEYS`
+  - `<PROVIDER>_API_KEY`
+  - `<PROVIDER>_API_KEY_*`
+- Google providers also include `GOOGLE_API_KEY` as an additional fallback.
+- The same key list is deduplicated before use.
+- OpenClaw retries with the next key only for rate-limit errors (for example
+  `429`, `rate_limit`, `quota`, `resource exhausted`).
+- Non-rate-limit errors are not retried with alternate keys.
+- If all keys fail, the final error from the last attempt is returned.
+
 ## Controlling which credential is used

 ### Per-session (chat command)