Problem

Anthropic OAuth authentication repeatedly fails with authentication_error: invalid x-api-key after initial setup.

Root Cause

The Anthropic OAuth profile in ~/.openclaw/agents/main/agent/auth-profiles.json is missing critical fields:

"anthropic:default": {
  "type": "token",
  "provider": "anthropic",
  "token": "sk-ant-oat01-..."
  // Missing: "refresh" field
  // Missing: "expires" field
}

Compare to working OAuth providers:

"openai-codex:default": {
  "type": "oauth",
  "provider": "openai-codex",
  "access": "...",
  "refresh": "rt_...",
  "expires": 1771821456189
}

Impact

• OAuth access tokens expire (typically within hours/days)
• Without refresh token, OpenClaw cannot renew the token
• User must re-authenticate repeatedly (openclaw configure)
• Re-authentication doesn't fix the issue - refresh token still not saved
• Wastes user's Max plan quota or forces fallback to paid API keys

Steps to Reproduce

1. Run openclaw configure
2. Add Anthropic OAuth provider
3. Complete OAuth flow in browser
4. Check ~/.openclaw/agents/main/agent/auth-profiles.json
5. Note missing refresh and expires fields
6. Wait a few hours
7. Anthropic API calls fail with authentication_error

Expected Behavior

Anthropic OAuth profile should include:

• refresh token for automatic token renewal
• expires timestamp for proactive refresh
• Automatic token refresh before expiration

Environment

• OpenClaw version: 2026.2.6-3
• Node version: v22.22.0
• OS: Linux (Ubuntu/Debian)

Workaround

None. User must either:

• Use a different provider (GitHub Copilot, Google, etc.)
• Manually re-authenticate every few hours (unsustainable)

Request

Please update Anthropic OAuth implementation to match OpenAI/Google OAuth patterns - save and use refresh tokens.