OpenClaw MCP Server Configuration 2026 — Complete Setup Guide

Updated June 2026  •  16 min read  •  All commands verified against docs.openclaw.ai  •  API pricing verified from official provider pages, June 2026

This OpenClaw setup tutorial takes you from an empty terminal to a working personal AI agent that answers you on WhatsApp and Telegram — with every command verified against the official OpenClaw documentation in June 2026. If you have tried following older guides, you have probably hit broken commands, because this project has changed names twice and shipped breaking changes almost weekly. This guide reflects how OpenClaw actually works right now.

One thing most Indian tech blogs covering OpenClaw will not tell you: this software has had more than 60 CVEs disclosed since January 2026, and security firms have publicly recommended against running it on your main machine. We will cover the honest version — what it can do, what it costs in rupees per month, and how to run it without handing a stranger the keys to your laptop.

I have run OpenClaw on a ₹460/month Hetzner VPS and on a spare home machine since February 2026, restarted it through three breaking updates, and burned real API credits finding out which model is actually economical for Indian users. Everything below comes from that experience plus the official docs — not from the project’s marketing.

Table of Contents

  1. What Is OpenClaw? (And Why It Was Called Clawdbot)
  2. Should You Run OpenClaw? Read This First
  3. Prerequisites: What You Need Before This OpenClaw Setup Tutorial
  4. Step 1: Install OpenClaw
  5. Step 2: Run the Onboarding Wizard
  6. Step 3: Verify the Gateway Is Running
  7. Step 4: Connect Telegram
  8. Step 5: Connect WhatsApp
  9. Step 6: Choose Your Model — India Cost Comparison
  10. Step 7: Security Hardening Checklist
  11. Common Errors in This OpenClaw Setup Tutorial (and Fixes)
  12. OpenClaw Setup Tutorial FAQ

What Is OpenClaw? (And Why It Was Called Clawdbot)

OpenClaw is an open-source, self-hosted AI agent created by Peter Steinberger, the Austrian engineer who founded PSPDFKit. Unlike ChatGPT or Gemini, which live in a browser tab, OpenClaw runs as a gateway process on your own machine and connects to the chat apps you already use — WhatsApp, Telegram, Slack, Discord, Signal, iMessage, Microsoft Teams, Matrix, and more.

The important difference: OpenClaw does things. It can run shell commands, manage files, browse the web, and send messages on your behalf. You text it “find the PDF I downloaded last week and email it to Ramesh” and it actually executes those steps on your computer. That power is exactly why the security section of this guide is not optional reading.

If the name sounds unfamiliar, you may know it by its older names. The project launched as Clawdbot, was renamed to Moltbot on 27 January 2026 after Anthropic requested a change over the phonetic similarity to “Claude”, and then renamed again to OpenClaw on 30 January 2026 — the fastest triple rebrand in open-source history, as CNBC reported. During the chaos, crypto scammers hijacked the abandoned social media accounts to push fake tokens. If you see “Clawdbot” or “Moltbot” tutorials or coins anywhere today, treat them as outdated at best and scams at worst.

The project is MIT-licensed and lives at github.com/openclaw/openclaw. OpenClaw itself is free. The AI model behind it is not — more on that in Step 6.

Should You Run OpenClaw? Read This First

Before any commands, an honest gut-check. Two things should make you pause.

The security record is genuinely bad

This is not the usual “be careful with open source” disclaimer. Since late January 2026:

  • Researchers at Oasis Security disclosed “ClawJacked” — a vulnerability chain that let any website open in your browser silently take full control of your agent, with no plugins and no user interaction. The OpenClaw team rated it High severity and patched it within 24 hours, but anyone running a version older than 2026.2.25 remained exposed.
  • In May 2026, The Hacker News reported four more flaws enabling data theft, privilege escalation, and persistence.
  • More than 60 CVEs have been disclosed in total, tracked publicly in the OpenClawCVEs repository.
  • ClawHub, the community skill marketplace, has hosted over 1,100 identified malicious skills. Independent audits found roughly one in twelve packages carried a malicious payload. Do not install random skills.
Bottom line: Run OpenClaw on a separate machine or VPS, never on the laptop where you do banking and store work files. Always run the latest version. Never install ClawHub skills you have not read the source of. If you cannot commit to updating within a day of security releases, this project is not for you yet.

The API costs are real, and they are in dollars

OpenClaw is free software, but every message it processes calls a paid AI model API billed in USD. Light personal use can stay under ₹100/month. A heavy automation habit — long agent loops, browser sessions, big files — can quietly cross ₹8,000–12,000/month on a premium model. Step 6 has the full table; the short version is: start with a cheap model, watch your usage dashboard for a week, then upgrade only if you need to.

Who should run it: developers and tinkerers who want a genuinely personal assistant, are comfortable in a terminal, and will treat it as a security-sensitive service. Who should not: anyone looking for a set-and-forget WhatsApp chatbot. For that, a plain ChatGPT or Gemini subscription is safer and cheaper — see our ChatGPT guide.

Prerequisites: What You Need Before This OpenClaw Setup Tutorial

Everything in this OpenClaw setup tutorial was tested on Ubuntu 24.04 and Windows 11 (via PowerShell and WSL2) in June 2026. You need:

  • A machine to host it. macOS, Linux, or Windows. A 2-core CPU and 4 GB RAM is comfortable. Options for Indian users:
    • A spare PC or old laptop at home — ₹0/month, but it must stay on.
    • Hetzner CX22 VPS (2 vCPU / 4 GB) — about ₹460/month, with 40–60 ms latency from India, which is irrelevant for a chat bot.
    • Hostinger KVM (India) — promotional pricing from roughly ₹370–400/month for 4 GB, renewing near ₹999/month. Indian providers like HostAsia and Host IT Smart offer budget plans in the ₹299–599 range; check renewal prices before committing.
  • Node.js 24 (recommended) or Node 22 LTS, version 22.19 or newer. The installer script can handle this for you.
  • An API key from at least one model provider — Anthropic, OpenAI, or Google. Gemini’s free tier works for testing (Step 6).
  • For WhatsApp: ideally a separate SIM/number for the bot. The official docs recommend a dedicated number, and WhatsApp has been known to flag automated personal accounts.
  • For Telegram: just your existing account — bot creation is free via @BotFather.
  • About 30 minutes.

Step 1: Install OpenClaw

The fastest path is the official installer script, which installs OpenClaw and launches the onboarding wizard in one go.

On macOS, Linux, or Windows WSL2:

curl -fsSL https://openclaw.ai/install.sh | bash

On Windows PowerShell (native):

iwr -useb https://openclaw.ai/install.ps1 | iex

Prefer managing it through npm? That works too, and is what I use on servers because it makes version pinning explicit:

npm install -g openclaw@latest
openclaw onboard --install-daemon

The --install-daemon flag registers OpenClaw as a system service so the gateway restarts automatically after a reboot — essential on a VPS. If you want to install now and configure later, the script accepts a no-onboarding flag:

curl -fsSL https://openclaw.ai/install.sh | bash -s -- --no-onboard
Tip: Piping a script from the internet into bash is itself a small act of trust. If that bothers you (it should, a little), download install.sh first, read it, then run it. Source: docs.openclaw.ai/install.

Step 2: Run the Onboarding Wizard

If the installer did not launch it automatically, start onboarding manually:

openclaw onboard --install-daemon

The wizard walks you through four things in order: the gateway (the always-on process that routes messages), your workspace (the folder the agent is allowed to work in), channels (chat apps — you can skip these for now, we do them in Steps 4–5), and skills.

When it asks for a model provider, paste the API key you created in the prerequisites. You can change providers anytime later with openclaw models set, so do not agonise over the choice here — pick the cheap option and read Step 6 before committing real money.

Step 3: Verify the Gateway Is Running

Three commands confirm a healthy install:

openclaw --version
openclaw doctor
openclaw gateway status

openclaw doctor is the one to remember — it diagnoses bad file permissions, Node version mismatches, and broken configs, and it can fix most of them itself. If the gateway is not running, start it in the foreground to watch the logs:

openclaw gateway

There is also a local web dashboard for poking around your sessions and config:

openclaw dashboard

By default everything binds to localhost only. Keep it that way — exposing the gateway to the internet is how several of those 60+ CVEs became remote exploits.

Step 4: Connect Telegram

Telegram is the easiest channel and the best one to start with, because it uses an official bot API — nothing about it violates Telegram’s terms.

4.1 — Create a bot. In Telegram, message @BotFather, send /newbot, follow the prompts, and copy the token it gives you (it looks like 123456:ABC-xyz...).

4.2 — Add the token to your OpenClaw config (~/.openclaw/openclaw.json):

{
  channels: {
    telegram: {
      enabled: true,
      botToken: "123:abc",
      dmPolicy: "pairing",
      groups: { "*": { requireMention: true } },
    },
  },
}

Two settings here matter for security. dmPolicy: "pairing" means strangers who find your bot cannot use it — new senders get a pairing code that you must approve. requireMention: true stops the bot replying to every message in any group it gets added to.

4.3 — Restart the gateway and approve yourself:

openclaw gateway
openclaw pairing list telegram
openclaw pairing approve telegram <CODE>

Send your bot a DM, run pairing list to see your code, approve it, and you are talking to your agent. Pairing codes expire after one hour, so approve promptly. Full reference: docs.openclaw.ai/channels/telegram.

Step 5: Connect WhatsApp

WhatsApp is the channel most Indian users actually want, and it is also the most fragile. OpenClaw connects via WhatsApp Web’s multi-device pairing — the same mechanism as linking a browser — not the official Business API.

Use a dedicated number. The official docs recommend a separate phone number for the bot rather than your personal one. A ₹99 prepaid SIM is cheap insurance against having your main WhatsApp account flagged for automation.

5.1 — Configure access policy first, so the bot is locked down before it ever goes online. In ~/.openclaw/openclaw.json:

{
  channels: {
    whatsapp: {
      dmPolicy: "pairing",
      allowFrom: ["+919876543210"],
      groupPolicy: "allowlist",
      groupAllowFrom: ["+919876543210"],
    },
  },
}

Put your own number (with the +91 country code) in allowFrom. This is an allowlist — only listed numbers can talk to the agent at all.

5.2 — Link the WhatsApp account. The flow is QR-only: the command prints a QR code in your terminal, and you scan it from the bot phone via WhatsApp → Linked Devices → Link a Device.

openclaw channels login --channel whatsapp

If you are installing on a remote VPS over SSH, scan the QR quickly — terminal-rendered QR codes expire, and relaying screenshots of them often fails. Run the login command in a terminal window sized large enough to show the whole code.

5.3 — Start the gateway and approve pairing requests:

openclaw gateway
openclaw pairing list whatsapp
openclaw pairing approve whatsapp <CODE>

Note that pending pairing requests are capped at three per channel and expire after an hour. If outbound messages fail, check that the gateway is actually running — sends require an active WhatsApp listener. Full reference: docs.openclaw.ai/channels/whatsapp.

Step 6: Choose Your Model — India Cost Comparison (₹)

This is the step that determines your monthly bill. OpenClaw supports Anthropic and OpenAI natively, plus any OpenAI-compatible endpoint as a custom provider — which covers Google Gemini, OpenRouter, and local models via Ollama, vLLM, or LM Studio. Switch models anytime:

openclaw models list
openclaw models set anthropic/claude-sonnet-4-6

Here is what a moderate personal-assistant workload — roughly 50–80 messages a day with some file and web tasks, landing around 5 million input and 0.5 million output tokens a month — costs per provider. Prices verified from official pages in June 2026, converted at ₹86/USD:

ModelInput / Output per 1M tokensEst. ₹/month (moderate use)Best for
Gemini 3 Flash (source)$0.50 / $3.00₹0–350Testing — free tier covers light use
Claude Haiku 4.5 (source)$1.00 / $5.00~₹650Budget daily driver, fast replies
GPT-5.2 (source)$1.75 / $14.00~₹1,350Strong all-rounder, big context
Claude Sonnet 4.6 (source)$3.00 / $15.00~₹1,950Recommended for agent tasks
Claude Opus 4.8 (source)$5.00 / $25.00~₹3,250+Heavy reasoning; overkill for chat
Ollama (local, e.g. Llama / Qwen)Free₹0 APIPrivacy; needs 16 GB+ RAM hardware

Three notes from real usage. First, agent workloads are input-heavy — every tool call re-sends context — so input price matters more than output price. Prompt caching, which OpenClaw uses automatically with Anthropic models, can cut effective input costs by up to 90%, which is why my actual Sonnet bills run well under the naive estimate. Second, Google removed Pro models from the Gemini free tier on 1 April 2026 — only Flash and Flash-Lite still have free quotas. Third, heavy users routinely report $50–150 (₹4,300–13,000) months on premium models, so set a billing alert on day one.

For local models, OpenClaw auto-detects Ollama at http://127.0.0.1:11434 once you opt in by setting the OLLAMA_API_KEY environment variable, after which Ollama appears directly in the model picker. Tempting for privacy, but be realistic: small local models follow OpenClaw’s tool-calling instructions far less reliably than the frontier models, and the official docs themselves advise using the strongest model you can — weaker models are also easier targets for prompt-injection. Provider reference: docs.openclaw.ai/providers.

Step 7: Security Hardening Checklist

Given the project’s CVE history, treat this step as part of the install, not an optional extra. OpenClaw ships a built-in auditor — run it now and after every config change:

openclaw security audit
openclaw security audit --fix

The --fix flag tightens file permissions and repairs common misconfigurations automatically. Then work through this checklist:

  • Update immediately, always. You must be on version 2026.2.25 or later (the ClawJacked fix); in practice, update weekly: npm update -g openclaw.
  • Keep the gateway on loopback with token auth, in openclaw.json:
    {
  gateway: {
    mode: "local",
    bind: "loopback",
    auth: { mode: "token", token: "replace-with-long-random-token" }
  }
}

    Generate a proper token with openclaw doctor --generate-gateway-token. Never port-forward the gateway; if you need remote access, use an SSH tunnel or Tailscale.

  • Pairing mode on every channel (dmPolicy: "pairing") plus explicit allowFrom lists — already done if you followed Steps 4–5.
  • Require mentions in groups (groups: { "*": { requireMention: true } }) so the agent cannot be puppeted by anyone in a group chat.
  • Sandbox tool execution with Docker so the agent cannot touch your host filesystem: agents: { defaults: { sandbox: { mode: "all", scope: "agent" } } }.
  • Deny dangerous tools by default: tools: { deny: ["group:automation", "group:runtime"], exec: { security: "deny", ask: "always" } } — the agent then asks before running anything.
  • Lock down config files: chmod 700 ~/.openclaw and chmod 600 ~/.openclaw/openclaw.json. The audit’s --fix does this for you.
  • No untrusted ClawHub skills. Roughly 1 in 12 audited packages carried malicious payloads. Read the source of any skill before installing it.
  • If you suspect compromise: rotate the gateway token, rotate all provider API keys in auth-profiles.json, and re-run openclaw security audit --deep.

The official model is “one trusted operator per gateway” — OpenClaw is a single-user system. Never share one gateway between people you would not give shell access to. Full guidance: docs.openclaw.ai/gateway/security.

Common Errors in This OpenClaw Setup Tutorial (and Fixes)

“Unsupported Node version” or install fails immediately

OpenClaw needs Node 24, or Node 22.19+. Ubuntu’s default repos often ship older Node. Check with node --version; if it is old, install Node 24 via nodesource or nvm, then reinstall OpenClaw.

Telegram bot never replies

Ninety percent of the time this is an unapproved pairing. Run openclaw pairing list telegram — if your code expired (they last one hour), DM the bot again to generate a fresh one. Also confirm enabled: true is set and the gateway restarted after you edited the config.

WhatsApp QR code expired or unreadable over SSH

Re-run openclaw channels login --channel whatsapp and scan within seconds; maximize your terminal first. On a VPS, a tmux session with a large window works better than a cramped SSH client. Do not try to screenshot and relay the QR — they expire in transit.

WhatsApp connects, then messages stop sending

Outbound sends need an active listener — check openclaw gateway status. If the gateway died, openclaw doctor usually names the cause. If WhatsApp unlinked the device (it does this occasionally), repeat the QR login.

Replies are extremely slow or your bill spikes

Check which model is active with openclaw models list. A common mistake is leaving an expensive reasoning model as default for casual chat. Set a cheap default and switch up only for hard tasks. Set billing alerts in your provider console — Anthropic, OpenAI, and Google all support them.

openclaw doctor complains about permissions

Run openclaw security audit --fix, which restores 700/600 permissions on the config directory. This commonly breaks when people edit configs as root over SSH.

OpenClaw Setup Tutorial FAQ

Is OpenClaw free to use?

The software is free and MIT-licensed. The running costs are not: you pay your model provider per token (₹0–3,250+/month depending on model and usage — see the table in Step 6) and optionally a VPS (₹300–1,000/month). A realistic all-in budget for a daily-use setup is ₹1,000–2,500/month.

Is OpenClaw safe to run in 2026?

Only with precautions. It has had 60+ CVEs since January 2026, including the ClawJacked browser-takeover flaw, and its skill marketplace has hosted over a thousand malicious packages. Run it on a separate machine or VPS, keep it updated, use pairing mode and allowlists, and run openclaw security audit --fix after every change. Security firms like Immersive advise against running it on corporate machines at all.

What is the best model for OpenClaw for Indian users?

Start on Gemini 3 Flash’s free tier to learn the ropes at ₹0. For daily use, Claude Haiku 4.5 (~₹650/month moderate use) is the value pick, and Claude Sonnet 4.6 (~₹1,950/month) is the sweet spot if you rely on multi-step agent tasks. Reserve Opus-class models for occasional hard problems.

Will connecting OpenClaw get my WhatsApp number banned?

It uses WhatsApp Web’s linked-device mechanism rather than the official Business API, which puts automated personal accounts in a grey zone. Bans are not common for low-volume personal use, but they happen. Use a dedicated ₹99 prepaid number for the bot, keep volumes human-like, and never use it for bulk messaging. Telegram, by contrast, is fully sanctioned via its bot API.

Can I run OpenClaw without any API costs using a local model?

Yes — set OLLAMA_API_KEY and OpenClaw detects Ollama at 127.0.0.1:11434, putting local models in the picker. But you need 16 GB+ RAM for a model competent enough to follow tool-calling instructions, and even then reliability is noticeably below Claude or GPT. Most users end up hybrid: local for casual chat, a paid API for real tasks.

Is OpenClaw the same as Clawdbot and Moltbot?

Yes — one project, three names in one week of January 2026. Clawdbot became Moltbot on 27 January after an Anthropic trademark request, then OpenClaw on 30 January. Any “Clawdbot token” or “Moltbot coin” you see is a scam riding on hijacked accounts from the rename chaos; the project has no cryptocurrency.

Related Articles

All installation commands verified against docs.openclaw.ai and the official GitHub repository in June 2026. API pricing verified from official Anthropic, OpenAI, and Google pricing pages, June 2026, converted at ₹86/USD. OpenClaw ships breaking changes frequently — if a command fails, check the official docs for the current syntax before debugging.

Leave a Reply

Your email address will not be published. Required fields are marked *