Documentation Index
Fetch the complete documentation index at: https://agent-vault-roles-unified-instance-tier.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Prerequisites
To get the most out of this guide, you’ll need to:- A deployed Agent Vault instance (see installation guide)
- Have OpenClaw installed
1. Create an agent invite
If you haven’t logged in yet, you’ll be guided through setup automatically.2. Paste the prompt into OpenClaw
Open OpenClaw’s chat and paste the invite prompt. OpenClaw redeems the invite automatically and receives an agent token.3. Start using it
Ask OpenClaw to do something that requires an external API:“Fetch my recent Stripe charges”Here’s what happens — with zero pre-configuration:
- OpenClaw routes a request to
https://api.stripe.com/...(orhttp://internal.example/...) through Agent Vault viaHTTPS_PROXY/HTTP_PROXY - Agent Vault returns a 403 — Stripe isn’t configured yet
- OpenClaw reads the
proposal_hintand creates a proposal requesting Stripe access - OpenClaw presents you with an approval link
- You click the link, paste your Stripe key, and click Allow
- OpenClaw retries — Agent Vault injects your Stripe credentials at the proxy boundary and the request succeeds
Invited agents like OpenClaw build their own
HTTPS_PROXY/HTTP_PROXY from the token + vault returned by the redemption response (both env vars point at the same TLS-wrapped MITM URL so plain http:// upstreams route through the broker via absolute-form forward-proxy requests) and fetch the root CA from {AGENT_VAULT_ADDR}/v1/mitm/ca.pem themselves — the embedded instructions field walks them through it. Local agents you wrap with agent-vault vault run (Claude Code, Cursor, Codex, Hermes) inherit the same env vars automatically.You didn’t pre-configure anything. The agent discovered what it needed, asked for approval, and handled the rest.
Next steps
Agent protocol
Full request lifecycle end-to-end.
Services
Pre-configure services you know the agent will need.