Skip to content

[Bug]: store: false is still sent in embedded agent runs despite compat.supportsStore: false, and custom headers are dropped #39086

Open
Open
[Bug]: store: false is still sent in embedded agent runs despite compat.supportsStore: false, and custom headers are dropped#39086
Labels
bugSomething isn't workingbug:behaviorIncorrect behavior without a crash
@wonderful259

Description

@wonderful259
wonderful259
opened on Mar 7, 2026

Bug type

Behavior bug (incorrect output/state without crash)

Summary

When using Google AI Studio (Gemini) via an OpenAI-compatible endpoint (like Cloudflare AI Gateway), OpenClaw throws 400 Bad Request or 401 Unauthorized errors.

After deep debugging via a local proxy, I found two distinct issues in OpenClaw 2026.3.2 during embedded agent runs:

  1. The store parameter is still hardcoded: Even when explicitly configuring the model with "compat": { "supportsStore": false }, the embedded agent (agent/embedded) still injects "store": false into the JSON payload. This causes Gemini (and other strict compatible APIs) to reject the payload with a 400 error: Unknown name "store": Cannot find field.
  2. Custom headers are dropped: When routing traffic through Cloudflare AI Gateway, custom headers defined in the provider config (e.g., "cf-aig-authorization": "...") are occasionally stripped or not passed through correctly by the underlying openai-completions client. This results in a 401 Unauthorized error from Cloudflare.

Steps to reproduce

  1. Configure an OpenAI-compatible provider pointing to Google AI Studio via Cloudflare AI Gateway.
  2. Add custom headers for Cloudflare auth (cf-aig-authorization).
  3. Set "compat": { "supportsStore": false } on the models.
  4. Run openclaw agent --message "test".
  5. Observe the agent fail with either 400 status code (due to the store field) or 401 Unauthorized (due to missing headers).

Expected behavior

  1. The compat.supportsStore: false setting should be strictly respected across all API calls (including embedded agent paths), completely omitting the store property from the payload.
  2. Custom headers defined in the provider configuration should be reliably attached to every outbound HTTP request.

Actual behavior

Workaround Used

Currently, the only way to bypass this is by running a local Node.js proxy server that intercepts OpenClaw's requests, forcefully deletes store from the body, manually injects the missing cf-aig-authorization header, and then forwards the request to Cloudflare.

OpenClaw version

2026.3.2

Operating system

Linux

Install method

npm

Logs, screenshots, and evidence



Impact and severity


No response


Additional information


No response
Metadata
Metadata
Assignees
No one assigned
    Labels
    bugSomething isn't workingbug:behaviorIncorrect behavior without a crash
    Type
    No type
    Fields
    No fields configured for issues without a type.
    Projects
    No projects
    Milestone
    No milestone
    Relationships
    None yet
    Development
    No branches or pull requests
    Issue actions