JSPM

@authloop-ai/openclaw-authloop

0.3.0
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 2
  • Score
    100M100P100Q71681F
  • License MIT

OpenClaw plugin for AuthLoop — hand off OTP, captcha, and password challenges to humans

Package Exports

  • @authloop-ai/openclaw-authloop
  • @authloop-ai/openclaw-authloop/dist/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@authloop-ai/openclaw-authloop) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

@authloop-ai/openclaw-authloop

OpenClaw native plugin for AuthLoop — human-in-the-loop authentication for AI agents.

Registers the authloop_to_human and authloop_status tools so OpenClaw agents can hand off auth challenges (OTP, captcha, password) to a human who resolves them remotely.

Quick Start

openclaw plugins install @authloop-ai/openclaw-authloop
openclaw config set plugins.entries.openclaw-authloop.config.apiKey "al_live_..."
openclaw plugins enable openclaw-authloop
openclaw gateway restart

Get your API key at authloop.ai/dashboard/api-keys — 25 free auth assists, no credit card required.

Alternative: JSON Config

Instead of the CLI commands above, you can add this to your openclaw.json:

{
  "plugins": {
    "entries": {
      "openclaw-authloop": {
        "enabled": true,
        "config": {
          "apiKey": "al_live_..."
        }
      }
    }
  }
}

To silence the plugins.allow advisory, add "allow": ["openclaw-authloop"] under plugins.

Variable Required Description
AUTHLOOP_API_KEY Yes Alternative to config — set as environment variable
AUTHLOOP_BASE_URL No Override API URL (default: https://api.authloop.ai)

Tools

authloop_to_human

Loop an auth challenge to a human. Returns a session_url immediately — the agent sends this to the human via its communication channel.

Input

Parameter Type Required Description
service string Yes Name of the service (e.g. 'HDFC NetBanking')
cdp_url string Yes CDP endpoint of the browser the agent is controlling
context.url string No Current page URL
context.blocker_type string No 'otp', 'password', 'captcha', 'security_question', 'document_upload', 'other'
context.hint string No Hint for the human

Output

{
  "session_id": "sess_...",
  "session_url": "https://authloop.ai/session/sess_..."
}

authloop_status

Wait for the human to resolve the auth challenge. Blocks until resolved, cancelled, or timed out. No input required.

Output

{
  "session_id": "sess_...",
  "session_url": "https://authloop.ai/session/sess_...",
  "status": "resolved"
}

Status is one of: resolved, cancelled, error, timeout.

How It Works

  1. Agent hits an auth wall (OTP, captcha, password)
  2. Agent calls authloop_to_human → gets session_url
  3. Agent sends the session_url to the human via Telegram, Slack, etc.
  4. Plugin streams the browser tab via CDP screencast in the background
  5. Agent calls authloop_status to wait for resolution
  6. Human opens the URL, sees the live browser, types OTP/password (E2EE encrypted)
  7. Keystrokes dispatched to browser via CDP — auth completes
  8. authloop_status returns resolved → agent continues

Security

All user input is end-to-end encrypted (ECDH P-256 + AES-256-GCM). The relay server cannot read what the human types.

Get an API Key

Sign up at authloop.ai — 25 free auth assists, no credit card required.

License

MIT