Docs/Guides/OpenClaw: Prompt-Based Integration

OpenClaw: Prompt-Based Integration

Give autonomous agents access to API providers by pasting vault URLs and a ks_ token directly into the system prompt — no SDK required.

OpenClaw: Prompt-Based Integration

OpenClaw is the simplest way to connect an autonomous agent to Keystore. Instead of installing an SDK or writing integration code, you paste the proxy URLs and the agent's ks_ token directly into the system prompt. The agent uses standard HTTP calls, and the Keystore proxy handles credential injection transparently.

This approach works with any agent framework that can make HTTP requests: AutoGPT, CrewAI, LangGraph, custom loops, or even a plain LLM with tool-use capabilities.

How It Works

  1. You create an agent in the Keystore dashboard and assign provider accounts (OpenAI, Anthropic, Resend, etc.).
  2. Keystore generates a ks_ token for that agent.
  3. You include the proxy base URLs and the token in the agent's system prompt.
  4. When the agent calls a provider, the proxy validates the token, looks up the org's real credentials, decrypts them, and injects them into the outgoing request.

The agent never sees real API keys. It only knows about its ks_ token and the Keystore proxy URLs.

Example System Prompt

Below is a complete system prompt snippet you can adapt. Replace ks_YOUR_AGENT_TOKEN with the actual token from your dashboard.

text
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
You have access to the following API services. Use these base URLs and
include the Authorization header with every request.

=== API Configuration ===

Authorization header (use for ALL requests):
  Authorization: Bearer ks_YOUR_AGENT_TOKEN

OpenAI (chat completions, embeddings, image generation):
  Base URL: https://proxy.keystore.io/v1/openai
  Example: POST https://proxy.keystore.io/v1/openai/v1/chat/completions

Anthropic (Claude messages):
  Base URL: https://proxy.keystore.io/v1/anthropic
  Header: x-api-key: ks_YOUR_AGENT_TOKEN
  Header: anthropic-version: 2023-06-01
  Example: POST https://proxy.keystore.io/v1/anthropic/v1/messages

Resend (transactional email):
  Base URL: https://proxy.keystore.io/v1/resend
  Example: POST https://proxy.keystore.io/v1/resend/emails

=== Rules ===

- Always use the base URLs above. Never attempt to call provider APIs directly.
- Always include the Authorization header (or x-api-key for Anthropic).
- Do not attempt to modify or decode the ks_ token.

Adding More Providers

You can extend the prompt with any provider that has been assigned to the agent, including custom providers. The URL pattern is always:

text
1
https://proxy.keystore.io/v1/{provider-slug}/{original-api-path}

For example, to add Vercel and Neon:

text
1
2
3
4
5
6
7
Vercel (deployments, domains, environment variables):
  Base URL: https://proxy.keystore.io/v1/vercel
  Example: GET https://proxy.keystore.io/v1/vercel/v13/deployments

Neon (serverless Postgres management):
  Base URL: https://proxy.keystore.io/v1/neon
  Example: GET https://proxy.keystore.io/v1/neon/projects

For custom providers registered in your organization:

text
1
2
3
My Internal API:
  Base URL: https://proxy.keystore.io/v1/my-internal-api
  Example: POST https://proxy.keystore.io/v1/my-internal-api/data

Authentication Styles

Most providers use a Bearer token in the Authorization header. The agent can send ks_YOUR_AGENT_TOKEN as the bearer value, and the proxy will replace it with the real credential before forwarding.

Anthropic is the exception -- it expects the key in the x-api-key header. Include that header in the prompt instructions for Anthropic-specific calls.

text
1
2
3
4
5
6
# For most providers:
Authorization: Bearer ks_YOUR_AGENT_TOKEN

# For Anthropic:
x-api-key: ks_YOUR_AGENT_TOKEN
anthropic-version: 2023-06-01

Security Considerations

  • Token scope: each ks_ token is scoped to a single agent with specific provider permissions. Even if the token leaks, it can only access the providers you assigned.
  • Budget enforcement: set a monthly budget on the agent to cap spend. The proxy enforces it on every request.
  • Rate limits: per-agent RPM and RPD limits prevent runaway loops.
  • Kill switch: pause or revoke an agent instantly from the dashboard or CLI. All proxy requests will be rejected immediately.

Tips for Reliable Agent Behavior

  1. Be explicit about response formats. Tell the agent to parse JSON responses and handle HTTP error codes (429 for rate limits, 403 for paused agents).
  2. Include error guidance. Add a line like: "If you receive a 429 status, wait 60 seconds before retrying."
  3. Limit the providers listed. Only include the providers the agent actually needs. Fewer options means fewer mistakes.
  4. Test with the CLI first. Use keystore test --agent-id <id> --provider openai to verify the proxy is working before handing control to the agent.
Previous
Frameworks
Next
Security Model