{ "schemaVersion": "1.0", "item": { "slug": "codex-multi-subscription-auth-fallbacks", "name": "Codex Multi Subscription Auth Fallbacks", "source": "tencent", "type": "skill", "category": "开发工具", "sourceUrl": "https://clawhub.ai/Markeljan/codex-multi-subscription-auth-fallbacks", "canonicalUrl": "https://clawhub.ai/Markeljan/codex-multi-subscription-auth-fallbacks", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/codex-multi-subscription-auth-fallbacks", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=codex-multi-subscription-auth-fallbacks", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md", "scripts/codex-add-profile.sh", "references/config-templates.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-30T16:55:25.780Z", "expiresAt": "2026-05-07T16:55:25.780Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/codex-multi-subscription-auth-fallbacks" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/codex-multi-subscription-auth-fallbacks", "agentPageUrl": "https://openagent3.xyz/skills/codex-multi-subscription-auth-fallbacks/agent", "manifestUrl": "https://openagent3.xyz/skills/codex-multi-subscription-auth-fallbacks/agent.json", "briefUrl": "https://openagent3.xyz/skills/codex-multi-subscription-auth-fallbacks/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Codex Auth Fallback", "body": "Multi-provider auth setup for OpenClaw with automatic failover between Anthropic and multiple OpenAI Codex OAuth sessions." }, { "title": "Overview", "body": "OpenClaw supports multiple auth profiles per provider. When one profile hits a rate limit, the platform can fail over to another. This skill covers:\n\nAdding Codex OAuth profiles via device-flow login\nConfiguring openclaw.json for provider fallback order\nSetting up auth-profiles.json with multiple profiles\nDeploying a cron job to auto-switch models on cooldown" }, { "title": "Prerequisites", "body": "OpenClaw instance running\ncodex CLI installed (npm i -g @openai/codex) — this also ensures node is available\nOne or more OpenAI accounts with Codex access" }, { "title": "Security & Safety", "body": "What this skill accesses:\n\nFileAccessPurpose~/.codex/auth.jsonRead + Temporary WriteTemporarily cleared to force a fresh device-flow login, then restored from backup. Original tokens are never deleted — a timestamped backup is created first.~/.openclaw/agents/main/agent/auth-profiles.jsonRead + WriteImported OAuth tokens (access + refresh) are written here. A timestamped backup is created before any modification.\n\nImportant safety notes:\n\nTokens stay local. No tokens are sent to any external endpoint. The script reads tokens from the local Codex CLI auth file and writes them to the local OpenClaw auth-profiles file.\nBackups are always created. Both files are backed up with timestamps before any modification. If login fails or the script is interrupted, a trap handler restores the original Codex CLI auth automatically.\nInteractive confirmation. The script prompts for confirmation before clearing the Codex CLI auth file, so you can abort if needed.\nNo elevated privileges. The script runs as your user and does not require sudo or any special permissions.\nBack up manually first. Despite the automatic backups, it is recommended to manually back up ~/.codex/auth.json and your OpenClaw configs before running, especially on first use.\nTest with a non-production account. For initial testing, consider using a throwaway or non-production OpenAI account." }, { "title": "Step 1: Add Codex OAuth Profiles", "body": "Run the bundled script for each OpenAI account:\n\n./scripts/codex-add-profile.sh \n\nThe script:\n\nBacks up ~/.codex/auth.json and auth-profiles.json\nClears Codex CLI auth to force fresh device-flow login\nRuns codex auth login (opens browser for OAuth)\nExtracts tokens and imports them into OpenClaw's auth-profiles.json\nRestores the original Codex CLI auth\n\nRepeat for each account. Profile names should be short identifiers (e.g., the OpenAI username)." }, { "title": "Step 2: Configure openclaw.json", "body": "Add auth profile declarations and fallback model config. See references/config-templates.md for the exact JSON blocks to add to openclaw.json.\n\nKey sections:\n\nauth.profiles — Declare each profile with provider and mode\nauth.order — Set failover priority per provider\nagents.defaults.model — Set primary model + fallbacks" }, { "title": "Step 3: Auth Profiles JSON Structure", "body": "OpenClaw stores live tokens in agents/main/agent/auth-profiles.json. See references/config-templates.md for the schema.\n\nEach Codex profile contains:\n\ntype: \"oauth\"\nprovider: \"openai-codex\"\naccess: JWT access token (auto-populated by the add-profile script)\nrefresh: Refresh token (auto-populated)\nexpires: Token expiry in ms (parsed from JWT)\naccountId: OpenAI account ID (parsed from JWT)\n\nThe order object controls which profile is tried first per provider. The usageStats object tracks rate limits and cooldowns automatically." }, { "title": "Step 4: Model Cooldown Auto-Switch Cron (Optional)", "body": "This step is entirely optional. The auth profiles from Steps 1-3 work on their own with OpenClaw's built-in failover. This cron job adds automatic model switching, which means your active model may change without manual intervention. Only enable it if you understand and want this behavior.\n\nDeploy a cron job that checks cooldown state every 10 minutes and switches the active model. See references/config-templates.md for the full cron job definition.\n\nThe cron job:\n\nRuns openclaw models status to check cooldown state\nPicks the best available model (priority: opus > codex profiles in order)\nUpdates the session model override if needed\nLogs state to a local memory file; only notifies on change\n\nBefore enabling:\n\nTest manually first: run openclaw models status to verify your profiles are working\nReview the cron job template in references/config-templates.md — the job only runs local commands and writes to a local state file\nThe job runs in an isolated session and does not affect your main chat unless a model switch occurs\n\nAdd the job to cron/jobs.json using the template in the references." }, { "title": "File Layout", "body": "codex-auth-fallback/\n├── SKILL.md # This file\n├── scripts/\n│ └── codex-add-profile.sh # Device-flow profile importer\n└── references/\n └── config-templates.md # openclaw.json, auth-profiles, cron templates" } ], "body": "Codex Auth Fallback\n\nMulti-provider auth setup for OpenClaw with automatic failover between Anthropic and multiple OpenAI Codex OAuth sessions.\n\nOverview\n\nOpenClaw supports multiple auth profiles per provider. When one profile hits a rate limit, the platform can fail over to another. This skill covers:\n\nAdding Codex OAuth profiles via device-flow login\nConfiguring openclaw.json for provider fallback order\nSetting up auth-profiles.json with multiple profiles\nDeploying a cron job to auto-switch models on cooldown\nPrerequisites\nOpenClaw instance running\ncodex CLI installed (npm i -g @openai/codex) — this also ensures node is available\nOne or more OpenAI accounts with Codex access\nSecurity & Safety\n\nWhat this skill accesses:\n\nFile\tAccess\tPurpose\n~/.codex/auth.json\tRead + Temporary Write\tTemporarily cleared to force a fresh device-flow login, then restored from backup. Original tokens are never deleted — a timestamped backup is created first.\n~/.openclaw/agents/main/agent/auth-profiles.json\tRead + Write\tImported OAuth tokens (access + refresh) are written here. A timestamped backup is created before any modification.\n\nImportant safety notes:\n\nTokens stay local. No tokens are sent to any external endpoint. The script reads tokens from the local Codex CLI auth file and writes them to the local OpenClaw auth-profiles file.\nBackups are always created. Both files are backed up with timestamps before any modification. If login fails or the script is interrupted, a trap handler restores the original Codex CLI auth automatically.\nInteractive confirmation. The script prompts for confirmation before clearing the Codex CLI auth file, so you can abort if needed.\nNo elevated privileges. The script runs as your user and does not require sudo or any special permissions.\nBack up manually first. Despite the automatic backups, it is recommended to manually back up ~/.codex/auth.json and your OpenClaw configs before running, especially on first use.\nTest with a non-production account. For initial testing, consider using a throwaway or non-production OpenAI account.\nStep 1: Add Codex OAuth Profiles\n\nRun the bundled script for each OpenAI account:\n\n./scripts/codex-add-profile.sh \n\n\nThe script:\n\nBacks up ~/.codex/auth.json and auth-profiles.json\nClears Codex CLI auth to force fresh device-flow login\nRuns codex auth login (opens browser for OAuth)\nExtracts tokens and imports them into OpenClaw's auth-profiles.json\nRestores the original Codex CLI auth\n\nRepeat for each account. Profile names should be short identifiers (e.g., the OpenAI username).\n\nStep 2: Configure openclaw.json\n\nAdd auth profile declarations and fallback model config. See references/config-templates.md for the exact JSON blocks to add to openclaw.json.\n\nKey sections:\n\nauth.profiles — Declare each profile with provider and mode\nauth.order — Set failover priority per provider\nagents.defaults.model — Set primary model + fallbacks\nStep 3: Auth Profiles JSON Structure\n\nOpenClaw stores live tokens in agents/main/agent/auth-profiles.json. See references/config-templates.md for the schema.\n\nEach Codex profile contains:\n\ntype: \"oauth\"\nprovider: \"openai-codex\"\naccess: JWT access token (auto-populated by the add-profile script)\nrefresh: Refresh token (auto-populated)\nexpires: Token expiry in ms (parsed from JWT)\naccountId: OpenAI account ID (parsed from JWT)\n\nThe order object controls which profile is tried first per provider. The usageStats object tracks rate limits and cooldowns automatically.\n\nStep 4: Model Cooldown Auto-Switch Cron (Optional)\n\nThis step is entirely optional. The auth profiles from Steps 1-3 work on their own with OpenClaw's built-in failover. This cron job adds automatic model switching, which means your active model may change without manual intervention. Only enable it if you understand and want this behavior.\n\nDeploy a cron job that checks cooldown state every 10 minutes and switches the active model. See references/config-templates.md for the full cron job definition.\n\nThe cron job:\n\nRuns openclaw models status to check cooldown state\nPicks the best available model (priority: opus > codex profiles in order)\nUpdates the session model override if needed\nLogs state to a local memory file; only notifies on change\n\nBefore enabling:\n\nTest manually first: run openclaw models status to verify your profiles are working\nReview the cron job template in references/config-templates.md — the job only runs local commands and writes to a local state file\nThe job runs in an isolated session and does not affect your main chat unless a model switch occurs\n\nAdd the job to cron/jobs.json using the template in the references.\n\nFile Layout\ncodex-auth-fallback/\n├── SKILL.md # This file\n├── scripts/\n│ └── codex-add-profile.sh # Device-flow profile importer\n└── references/\n └── config-templates.md # openclaw.json, auth-profiles, cron templates" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/Markeljan/codex-multi-subscription-auth-fallbacks", "publisherUrl": "https://clawhub.ai/Markeljan/codex-multi-subscription-auth-fallbacks", "owner": "Markeljan", "version": "1.1.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/codex-multi-subscription-auth-fallbacks", "downloadUrl": "https://openagent3.xyz/downloads/codex-multi-subscription-auth-fallbacks", "agentUrl": "https://openagent3.xyz/skills/codex-multi-subscription-auth-fallbacks/agent", "manifestUrl": "https://openagent3.xyz/skills/codex-multi-subscription-auth-fallbacks/agent.json", "briefUrl": "https://openagent3.xyz/skills/codex-multi-subscription-auth-fallbacks/agent.md" } }