Bug type

Behavior bug (incorrect output/state without crash)

Summary

The OpenClaw dashboard/webchat can surface “Your authentication token has been invalidated” in scenarios where the underlying failure does not appear to be a literally invalid token, but another layer such as gateway token mismatch, Control UI origin rejection, browser pairing state, or stale runtime auth state; this can mislead users toward the wrong remediation path.

Steps to reproduce

1. Run OpenClaw in a setup where multiple auth-adjacent layers can fail independently (for example WSL2 gateway + Windows browser/dashboard).
2. Create or encounter a state involving one or more of:
   • gateway token mismatch / stale gateway service state
   • Control UI origin mismatch
   • browser pairing not yet approved
   • provider/runtime auth state that requires re-login
3. Open the dashboard/webchat and attempt to send a message.
4. Observe that the UI may show “Your authentication token has been invalidated,” even when the eventual fix suggests a different or broader root cause.

Expected behavior

If the real failing layer is not actually an invalid auth token, the dashboard/webchat should avoid collapsing the outcome into “Your authentication token has been invalidated.” It should either surface the specific failing layer or use a more neutral message when root cause is ambiguous.

Actual behavior

In this real WSL2 + Windows troubleshooting case, the visible dashboard/webchat error suggested an invalidated auth token, but the eventual remediation required correcting multiple other layers: repairing/syncing gateway service state (including desynced or mixed service/manual gateway state), opening the Control UI from the correct localhost origin, approving browser pairing, and redoing provider login/onboarding cleanly. Because of that, the visible message appears too broad or misleading for at least some failure paths.

OpenClaw version

The OpenClaw dashboard/webchat can surface “Your authentication token has been invalidated” in scenarios where the underlying failure does not appear to be a literally invalid token, but another layer such as gateway token mismatch, Control UI origin rejection, browser pairing state, or stale runtime auth state; this can mislead users toward the wrong remediation path.

Operating system

The OpenClaw dashboard/webchat can surface “Your authentication token has been invalidated” in scenarios where the underlying failure does not appear to be a literally invalid token, but another layer such as gateway token mismatch, Control UI origin rejection, browser pairing state, or stale runtime auth state; this can mislead users toward the wrong remediation path.x

Install method

No response

Logs, screenshots, and evidence

Impact and severity

No response

Additional information

No response