x402 paywalls.
By installing this plugin, your agent gains access to the Delegare tool suite, allowing it to spend funds safely using a pre-authorized AP2 Intent Mandate (SD-JWT-VC) without needing you to approve every transaction.
1. Installation
The Delegare plugin is a native OpenClaw extension. Install it directly using the OpenClaw CLI:2. Configuration & Authentication
OpenClaw operates as a secure, headless execution environment. Because it cannot natively intercept web-based OAuth redirects, Delegare uses Long-Lived Access Tokens specifically designed for Agent configuration. Getting your agent connected is a simple, one-time setup:-
Ask your Agent to Connect
Simply tell your OpenClaw agent: “Connect to Delegare.”
The agent will invoke the
delegare_connecttool, which will instantly reply with a secure, self-service setup link. -
Generate your Token
Click the link the agent provides (or visit app.delegare.dev/connect/agent?platform=openclaw).
- Log in securely using your standard Google/Apple account.
- Delegare will instantly provision a 90-day secure access token for your agent.
-
Update your Config
The dashboard will provide a pre-formatted JSON snippet. Open your OpenClaw gateway configuration file (usually located at
~/.openclaw/openclaw.json) and paste it into yourpluginsblock:
~/.openclaw/openclaw.json
"*" in the tools array with specific names like "delegare_fetch" or "setup_spending_mandate" if you prefer strict capability scoping.
Restart your OpenClaw gateway to apply the new configuration. Your agent is now fully authenticated!
3. 🧪 Testing in the Sandbox
If you are developing a local e-commerce backend and want to test the plugin without using real money, you can easily point your agent to the Delegare Sandbox API. Simply update yourconfig block in ~/.openclaw/openclaw.json to include the Sandbox baseUrl:
~/.openclaw/openclaw.json
app.sandbox.delegare.dev if you use the Sandbox API!)
4. Usage
Your agent is now economically enabled! Start a new chat session in OpenClaw (so it loads the updated tool context) and try prompting it with tasks that require payment or data retrieval:Security Features
- Zero Popups: Once limits are set, the agent handles transaction signing server-side. No wallet popups will interrupt its workflow.
- Non-Custodial: Your master private key never leaves your device. The agent only receives a tightly scoped, easily revokable session key.
- Strict Bounds: Every transaction is verified by the Vault backend against the human-defined per-transaction and monthly limits.