Description

When the OAuth access token expires, the Anthropic provider enters a "cooldown" state and all models fail with:

All models failed (3): anthropic/claude-opus-4-6: Provider anthropic is in cooldown 
(all profiles unavailable) (rate_limit) | anthropic/claude-opus-4-5: Provider anthropic 
is in cooldown (all profiles unavailable) (rate_limit) | anthropic/claude-sonnet-4-5: 
Provider anthropic is in cooldown (all profiles unavailable) (rate_limit)

The auth-profiles.json file contains a valid refresh token, but it does not appear to be used to obtain a new access token. The gateway becomes completely non-functional until the process is restarted with fresh tokens.

Steps to reproduce

1. Set up gateway with OAuth auth profile (access + refresh tokens)
2. Wait for the access token to expire (or set a short expiry)
3. Send a message to the bot
4. All models fail with "provider in cooldown" error
5. Check auth-profiles.json — refresh token is still present, access token unchanged (not refreshed)

Expected behavior

When the access token expires:

1. The gateway should use the refresh token to obtain a new access token
2. The new tokens should be persisted to auth-profiles.json
3. The request should be retried transparently

Actual behavior

• The provider enters "cooldown" permanently
• No refresh attempt is visible in logs
• The only recovery is manually replacing tokens and restarting the gateway

Impact

Critical for headless/Docker deployments where there is no interactive openclaw auth flow available. The gateway silently stops responding to all messages until someone manually intervenes.

Workaround

External cron job or script that monitors token expiry and injects fresh tokens into auth-profiles.json.

Environment

• OpenClaw: 2026.2.15
• Node: 22.22.0
• Platform: Ubuntu 22.04 (Docker)
• Auth: OAuth (Anthropic provider)