v3.7.0 — Anonymous Key Allowlist + Zero-Config Client

Ships the zero-config LAN experience: OCP admins opt in to a public anonymous access key, and ocp-connect clients auto-discover and use it. Plus a structural fix for OpenClaw multi-agent deployments, and a from-scratch rewrite of IDE detection in ocp-connect.

The headline change: ./ocp-connect <server-ip> (zero args) on a fresh client machine now fully configures OpenClaw to work with OCP, without any admin coordination or per-user key issuance.

✨ New

Server-side

• PROXY_ANONYMOUS_KEY allowlist (#15). New env var lets admins designate a single well-known "anonymous" key that bypasses validateKey() in multi mode. Exposed via GET /health.anonymousKey for client self-discovery. Opt-in, survives rotation, admin controls the policy.
• /health.anonymousKey field — new response field (null when not set) so clients can auto-discover the allowlist key without out-of-band coordination.

Client-side (ocp-connect)

• Zero-config auto-discovery (#16). ocp-connect <server-ip> without --key now reads /health.anonymousKey and uses it automatically when present. Compatible with pre-v3.7.0 servers (falls through to existing behavior when field is absent).
• Per-agent auth-profiles.json seeding (#13). ocp-connect now writes ~/.openclaw/agents/<id>/agent/auth-profiles.json for every agent in agents.list, including the default main agent (implicit agentDir). This fixes the silent 100% failure rate of OpenClaw multi-agent deployments.
• Improved IDE detection + hint density (#14). Detection hit rate went from ~25% to ~100% for the 4 supported IDEs:
  • Cline: now matches the real extension ID saoudrizwan.claude-dev instead of the obsolete grep -qi cline pattern
  • Continue.dev: checks both config.yaml (v1.x) and config.json (legacy), plus the installed VSCode extension
  • Cursor: adds /Applications/Cursor.app fallback so dmg-installed Cursors are detected even without the optional shell command
  • opencode (new): detects ~/.opencode/bin/opencode / ~/.local/share/opencode/ / command -v opencode
• Each IDE hint now prints the base URL, truncated API key, model IDs, and the exact menu path or config file location — paste-ready.

🐛 Fixed

• OpenClaw silent 100% failure (#13). Multi-agent OpenClaw setups were reporting No API key found for provider X on every chat message because ocp-connect only wrote the root openclaw.json, while OpenClaw's per-agent loader only reads <agentDir>/auth-profiles.json. Now fixed at the ocp-connect layer.
• /dev/tty stderr leakage (#13). ocp-connect was exposing Device not configured shell errors in CI/SSH/no-tty environments even though the fallback path worked correctly. Read calls are now wrapped with { read ... </dev/tty; } 2>/dev/null.
• Misleading smoke test (#13). ✓ Smoke test passed only verified OCP direct connectivity, not the IDE/agent → OCP path. It now prints an explicit caveat instructing users to restart OpenClaw and test via the bot before assuming end-to-end works.
• Help text "configures IDEs" (#13). ocp-connect --help previously claimed to "configure" Cline/Continue.dev/Cursor, but it only prints manual setup hints. The wording is now accurate.
• Anonymous warning (#13). Running ocp-connect in anonymous mode on an OpenClaw multi-agent setup now prints a clear warning instead of silently writing empty-key profiles that OpenClaw would reject.
• Corrupt auth-profiles.json (#13). If the target file is malformed JSON, ocp-connect now backs it up to .bak and rebuilds fresh, preserving user intent without losing data on unexpected disk errors.

📝 Docs

• README sync to v3.7.0 (#17). Banner, Client Setup example output, model IDs, and Environment Variables table all updated. New Zero-config paragraph + PROXY_ANONYMOUS_KEY row.
• Anonymous Access section (#15). New README section covering the opt-in enable flow, client auto-discovery via /health, and the "not a secret" guidance (/health is unauthenticated by design).

🔧 Internal

• Version bumps: package.json 3.6.0 → 3.7.0, ocp-connect 1.0 → 1.3.0
• All changes stay inside ocp-connect / server.mjs / README.md — no OpenClaw modifications (OpenClaw's npm package lifecycle makes upstream patches fragile; fixes are bolt-on at the OCP boundary)

🔬 End-to-end verification

Verified on macOS 13 with real OpenClaw 2026.4.11 + Telegram bot + 172.16.2.30 OCP server:

1. Cold install (fresh ~/.openclaw state)
2. ocp-connect 172.16.2.30 (zero args)
3. OpenClaw gateway restart
4. Real Telegram message to a bot → Claude Sonnet reply
5. auth-state.json: errorCount: 0, lastUsed updated, lastGood: ocp:default
6. Zero 401 errors, zero "No API key found" lane errors

Plus cross-IDE testing: 4/5 IDEs pass end-to-end (OpenClaw, opencode, Cline, Continue.dev). Cursor is blocked by a Cursor 3.x product-design issue (Custom OpenAI Models field doesn't route through the Override URL) that is outside OCP's control — tracked in #12 comments for upstream feedback.

📋 Upgrade path

Server side:

cd /path/to/ocp
git pull
export PROXY_ANONYMOUS_KEY=ocp_public_anon_v1   # any string of your choice
# restart OCP (systemctl/launchctl/docker-compose — depends on your install)

Then verify: curl http://<your-server>:3456/health | jq .anonymousKey should return your chosen value.

Client side:

# Fresh machines: download the v1.3.0 ocp-connect and run it with zero args
curl -fsSL https://raw.githubusercontent.com/dtzp555-max/ocp/main/ocp-connect -o ocp-connect
chmod +x ocp-connect
./ocp-connect <server-ip>

Existing deployments: just re-run ocp-connect <server-ip> (no --key) after updating to v1.3.0 and restarting OpenClaw.

📚 Reference

• All 5 PRs in this release:

  • #13 ocp-connect v1.1.0 — per-agent auth-profiles + UX hotfixes
  • #14 ocp-connect v1.2.0 — IDE detection rewrite + hint density
  • #15 OCP server v3.7.0 — anonymous key allowlist
  • #16 ocp-connect v1.3.0 — /health anonymous key auto-discovery
  • #17 README sync to v3.7.0

• Full investigation and test evidence: issue #12 (closed)