chore(sync): mirror docs from openclaw/openclaw@219a11d2bd

This commit is contained in:
openclaw-docs-sync[bot] 2026-04-23 20:10:45 +00:00
parent 19412b6759
commit 62f5b835c8
4 changed files with 43 additions and 94 deletions

View File

@ -1,5 +1,5 @@
{
"repository": "openclaw/openclaw",
"sha": "ea25d7ed5bd62b9c1a80f8744ab4acb16c6dcd0d",
"syncedAt": "2026-04-23T20:07:11.193Z"
"sha": "219a11d2bdf7d4110feee2ee751c3b478a82de79",
"syncedAt": "2026-04-23T20:09:11.137Z"
}

View File

@ -35,7 +35,7 @@ Status: ready for DMs + spaces via Google Chat API webhooks (HTTP only).
- Under **Connection settings**, select **HTTP endpoint URL**.
- Under **Triggers**, select **Use a common HTTP endpoint URL for all triggers** and set it to your gateway's public URL followed by `/googlechat`.
- _Tip: Run `openclaw status` to find your gateway's public URL._
- Under **Visibility**, check **Make this Chat app available to specific people and groups in <Your Domain>**.
- Under **Visibility**, check **Make this Chat app available to specific people and groups in `<Your Domain>`**.
- Enter your email address (e.g. `user@example.com`) in the text box.
- Click **Save** at the bottom.
6. **Enable the app status**:

View File

@ -5,11 +5,7 @@ read_when:
title: "Microsoft Teams"
---
# Microsoft Teams
> "Abandon all hope, ye who enter here."
Status: text + DM attachments are supported; channel/group file sending requires `sharePointSiteId` + Graph permissions (see [Sending files in group chats](#sending-files-in-group-chats)). Polls are sent via Adaptive Cards. Message actions expose explicit `upload-file` for file-first sends.
Text and DM attachments are supported; channel and group file sending requires `sharePointSiteId` + Graph permissions (see [Sending files in group chats](#sending-files-in-group-chats)). Polls are sent via Adaptive Cards. Message actions expose explicit `upload-file` for file-first sends.
## Bundled plugin
@ -61,12 +57,6 @@ For production deployments, consider using [federated authentication](#federated
Note: group chats are blocked by default (`channels.msteams.groupPolicy: "allowlist"`). To allow group replies, set `channels.msteams.groupAllowFrom` (or use `groupPolicy: "open"` to allow any member, mention-gated).
## Goals
- Talk to OpenClaw via Teams DMs, group chats, or channels.
- Keep routing deterministic: replies always go back to the channel they arrived on.
- Default to safe channel behavior (mentions required unless configured otherwise).
## Config writes
By default, Microsoft Teams is allowed to write config updates triggered by `/config set|unset` (requires `commands.config: true`).
@ -183,8 +173,6 @@ Before configuring OpenClaw, create an Azure Bot resource and capture its creden
</Step>
</Steps>
<a id="federated-authentication-certificate--managed-identity"></a>
## Federated authentication
> Added in 2026.3.24
@ -374,60 +362,16 @@ This is often easier than hand-editing JSON manifests.
2. Find the bot in Teams and send a DM
3. Check gateway logs for incoming activity
## Setup (minimal text-only)
<Accordion title="Environment variable overrides">
1. **Ensure the Microsoft Teams plugin is available**
- Current packaged OpenClaw releases already bundle it.
- Older/custom installs can add it manually:
- From npm: `openclaw plugins install @openclaw/msteams`
- From a local checkout: `openclaw plugins install ./path/to/local/msteams-plugin`
Any of the bot/auth config keys can also be set via env vars:
2. **Bot registration**
- Create an Azure Bot (see above) and note:
- App ID
- Client secret (App password)
- Tenant ID (single-tenant)
- `MSTEAMS_APP_ID`, `MSTEAMS_APP_PASSWORD`, `MSTEAMS_TENANT_ID`
- `MSTEAMS_AUTH_TYPE` (`"secret"` or `"federated"`)
- `MSTEAMS_CERTIFICATE_PATH`, `MSTEAMS_CERTIFICATE_THUMBPRINT` (federated + certificate)
- `MSTEAMS_USE_MANAGED_IDENTITY`, `MSTEAMS_MANAGED_IDENTITY_CLIENT_ID` (federated + managed identity; client ID only for user-assigned)
3. **Teams app manifest**
- Include a `bot` entry with `botId = <App ID>`.
- Scopes: `personal`, `team`, `groupChat`.
- `supportsFiles: true` (required for personal scope file handling).
- Add RSC permissions (below).
- Create icons: `outline.png` (32x32) and `color.png` (192x192).
- Zip all three files together: `manifest.json`, `outline.png`, `color.png`.
4. **Configure OpenClaw**
```json5
{
channels: {
msteams: {
enabled: true,
appId: "<APP_ID>",
appPassword: "<APP_PASSWORD>",
tenantId: "<TENANT_ID>",
webhook: { port: 3978, path: "/api/messages" },
},
},
}
```
You can also use environment variables instead of config keys:
- `MSTEAMS_APP_ID`
- `MSTEAMS_APP_PASSWORD`
- `MSTEAMS_TENANT_ID`
- `MSTEAMS_AUTH_TYPE` (optional: `"secret"` or `"federated"`)
- `MSTEAMS_CERTIFICATE_PATH` (federated + certificate)
- `MSTEAMS_CERTIFICATE_THUMBPRINT` (optional, not required for auth)
- `MSTEAMS_USE_MANAGED_IDENTITY` (federated + managed identity)
- `MSTEAMS_MANAGED_IDENTITY_CLIENT_ID` (user-assigned MI only)
5. **Bot endpoint**
- Set the Azure Bot Messaging Endpoint to:
- `https://<host>:3978/api/messages` (or your chosen path/port).
6. **Run the gateway**
- The Teams channel starts automatically when the bundled or manually installed plugin is available and `msteams` config exists with credentials.
</Accordion>
## Member info action
@ -956,8 +900,20 @@ Bots have limited support in private channels:
## Related
- [Channels Overview](/channels) — all supported channels
- [Pairing](/channels/pairing) — DM authentication and pairing flow
- [Groups](/channels/groups) — group chat behavior and mention gating
- [Channel Routing](/channels/channel-routing) — session routing for messages
- [Security](/gateway/security) — access model and hardening
<CardGroup cols={2}>
<Card title="Channels overview" icon="list" href="/channels">
All supported channels.
</Card>
<Card title="Pairing" icon="link" href="/channels/pairing">
DM authentication and pairing flow.
</Card>
<Card title="Groups" icon="users" href="/channels/groups">
Group chat behavior and mention gating.
</Card>
<Card title="Channel routing" icon="route" href="/channels/channel-routing">
Session routing for messages.
</Card>
<Card title="Security" icon="shield" href="/gateway/security">
Access model and hardening.
</Card>
</CardGroup>

View File

@ -162,6 +162,20 @@ What to expect:
answers.
- If that is intentional, isolate ports, config/state, and workspace roots per gateway.
Checklist per instance:
- Unique `gateway.port`
- Unique `OPENCLAW_CONFIG_PATH`
- Unique `OPENCLAW_STATE_DIR`
- Unique `agents.defaults.workspace`
Example:
```bash
OPENCLAW_CONFIG_PATH=~/.openclaw/a.json OPENCLAW_STATE_DIR=~/.openclaw-a openclaw gateway --port 19001
OPENCLAW_CONFIG_PATH=~/.openclaw/b.json OPENCLAW_STATE_DIR=~/.openclaw-b openclaw gateway --port 19002
```
Detailed setup: [/gateway/multiple-gateways](/gateway/multiple-gateways).
## Remote access
@ -270,28 +284,7 @@ Use the same service body as the user unit, but install it under
</Tab>
</Tabs>
## Multiple gateways on one host
Most setups should run **one** Gateway.
Use multiple only for strict isolation/redundancy (for example a rescue profile).
Checklist per instance:
- Unique `gateway.port`
- Unique `OPENCLAW_CONFIG_PATH`
- Unique `OPENCLAW_STATE_DIR`
- Unique `agents.defaults.workspace`
Example:
```bash
OPENCLAW_CONFIG_PATH=~/.openclaw/a.json OPENCLAW_STATE_DIR=~/.openclaw-a openclaw gateway --port 19001
OPENCLAW_CONFIG_PATH=~/.openclaw/b.json OPENCLAW_STATE_DIR=~/.openclaw-b openclaw gateway --port 19002
```
See: [Multiple gateways](/gateway/multiple-gateways).
### Dev profile quick path
## Dev profile quick path
```bash
openclaw --dev setup