@@ -65,8 +65,8 @@ Imports require a fresh OpenClaw setup. If you already have local OpenClaw state
6565<Accordion title="Skills">
6666Skills with a `SKILL.md` file under `skills/<name>/` are copied, along with per-skill config values from `skills.config`.
6767</Accordion>
68-<Accordion title="API keys (opt-in)">
69-Set `--include-secrets` to import supported `.env` keys: `OPENAI_API_KEY`, `ANTHROPIC_API_KEY`, `OPENROUTER_API_KEY`, `GOOGLE_API_KEY`, `GEMINI_API_KEY`, `GROQ_API_KEY`, `XAI_API_KEY`, `MISTRAL_API_KEY`, `DEEPSEEK_API_KEY`. Without the flag, secrets are never copied.
68+<Accordion title="Auth credentials">
69+Interactive `openclaw migrate` asks before importing auth credentials, with yes selected by default. Accepted imports include supported OAuth credentials from `auth.json` and supported `.env` keys: `OPENAI_API_KEY`, `ANTHROPIC_API_KEY`, `OPENROUTER_API_KEY`, `GOOGLE_API_KEY`, `GEMINI_API_KEY`, `GROQ_API_KEY`, `XAI_API_KEY`, `MISTRAL_API_KEY`, `DEEPSEEK_API_KEY`. Use `--include-secrets` for non-interactive `openclaw migrate` credential import, `--no-auth-credentials` to skip it, or onboarding `--import-secrets` when importing from the onboarding wizard.
7070</Accordion>
7171</AccordionGroup>
7272@@ -79,7 +79,6 @@ The provider copies these into the migration report directory for manual review,
7979- `logs/`
8080- `cron/`
8181- `mcp-tokens/`
82-- `auth.json`
8382- `state.db`
84838584OpenClaw refuses to execute or trust this state automatically because the formats and trust assumptions can drift between systems. Move what you need by hand after reviewing the archive.
@@ -100,7 +99,7 @@ OpenClaw refuses to execute or trust this state automatically because the format
10099openclaw migrate apply hermes --yes
101100```
102101103-OpenClaw creates and verifies a backup before applying. If you need API keys imported, add `--include-secrets`.
102+OpenClaw creates and verifies a backup before applying. This non-interactive example imports non-secret state. Run without `--yes` to answer the credential prompt, or add `--include-secrets` to include supported credentials in unattended runs.
104103105104</Step>
106105<Step title="Run doctor">
@@ -136,10 +135,12 @@ If a conflict surfaces mid-apply (for example, an unexpected race on a config fi
136135137136## Secrets
138137139-Secrets are never imported by default.
138+Interactive `openclaw migrate` asks whether to import detected auth credentials, with yes selected by default.
140139141-- Run `openclaw migrate apply hermes --yes` first to import non-secret state.
142-- If you also want supported `.env` keys copied across, rerun with `--include-secrets`.
140+- Accepting the prompt imports supported OAuth credentials from `auth.json` and supported `.env` keys.
141+- Use `--no-auth-credentials` or choose no at the prompt to import non-secret state only.
142+- Use `--include-secrets` when running unattended with `--yes`.
143+- Use onboarding `--import-secrets` when importing credentials from the onboarding wizard.
143144- For SecretRef-managed credentials, configure the SecretRef source after the import completes.
144145145146## JSON output for automation
@@ -164,7 +165,7 @@ With `--json` and no `--yes`, apply prints the plan and does not mutate state. T
164165Onboarding imports require a fresh setup. Either reset state and re-onboard, or use `openclaw migrate apply hermes` directly, which supports `--overwrite` and explicit backup control.
165166</Accordion>
166167<Accordion title="API keys did not import">
167-`--include-secrets` is required, and only the keys listed above are recognized. Other variables in `.env` are ignored.
168+Interactive `openclaw migrate` runs import API keys only when you accept the credential prompt. Non-interactive `--yes` runs require `--include-secrets`; onboarding imports require `--import-secrets`. Only the keys listed above are recognized; other variables in `.env` are ignored.
168169</Accordion>
169170</AccordionGroup>
170171此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。