vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 16:10:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(cli): request admin scope for admin device approvals

Browse Source
This commit is contained in:
Peter Steinberger
2026-05-03 01:37:41 +01:00
parent e1a73d380d
commit e8f13c625e
9 changed files with 303 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/cli/devices.md
View File

@@ -137,7 +137,9 @@ When you set `--url`, the CLI does not fall back to config or environment creden
## Notes
- Token rotation returns a new token (sensitive). Treat it like a secret.
- These commands require `operator.pairing` (or `operator.admin`) scope.
- These commands require `operator.pairing` (or `operator.admin`) scope. Some
approvals also require the caller to hold the operator scopes that the target
device would mint or inherit; see [Operator scopes](/gateway/operator-scopes).
- `gateway.nodes.pairing.autoApproveCidrs` is an opt-in Gateway policy for
fresh node device pairing only; it does not change CLI approval authority.
- Token rotation and revocation stay inside the approved pairing role set and