[{"data":1,"prerenderedAt":1711},["ShallowReactive",2],{"help-category-\u002Fsecurity-privacy\u002Fallowed-external-connections":3,"help-article-\u002Fsecurity-privacy\u002Fallowed-external-connections":4,"related-articles-\u002Fsecurity-privacy\u002Fallowed-external-connections":503},[],{"id":5,"title":6,"body":7,"category":485,"description":486,"draft":487,"extension":488,"meta":489,"navigation":490,"order":491,"path":492,"relatedArticles":493,"seo":497,"slug":498,"stem":499,"updatedAt":500,"__hash__":501,"excerpt":486,"searchText":502},"help\u002Fhelp\u002Fsecurity-privacy\u002F13.allowed-external-connections.md","Allowed external connections",{"type":8,"value":9,"toc":471},"minimark",[10,14,21,30,35,38,232,236,239,261,264,267,273,276,280,286,289,293,300,308,311,314,320,329,333,344,356,359,362,370,374,380,383,387,390,464],[11,12,13],"p",{},"The desktop app and gateway make outbound connections to MultiClaw Cloud, your configured LLM providers, and a few supporting services. Connections to LLM providers and custom MCP servers activate only after you set them up — no traffic reaches a provider you haven't configured.",[11,15,16],{},[17,18],"img",{"alt":19,"src":20},"MultiClaw security architecture — the four components and how they connect across trust boundaries","\u002Fimages\u002Fmulticlaw-security-architecture.png",[11,22,23,24,29],{},"For port, protocol, and firewall allowlisting details, see ",[25,26,28],"a",{"href":27},"\u002Fhelp\u002Fsecurity-privacy\u002Fnetwork-security","Network security",".",[31,32,34],"h2",{"id":33},"connection-inventory","Connection inventory",[11,36,37],{},"Some connections in this table are conditional. LLM provider entries activate only when you've added a matching API key. Custom MCP server entries appear only after you've enabled an MCP server in your settings.",[39,40,41,60],"table",{},[42,43,44],"thead",{},[45,46,47,51,54,57],"tr",{},[48,49,50],"th",{},"Connection",[48,52,53],{},"Host",[48,55,56],{},"Protocol",[48,58,59],{},"When it occurs",[61,62,63,81,97,112,128,143,158,173,188,203,218],"tbody",{},[45,64,65,69,75,78],{},[66,67,68],"td",{},"MultiClaw Cloud (API)",[66,70,71],{},[72,73,74],"code",{},"api.multiclaw.io",[66,76,77],{},"HTTPS",[66,79,80],{},"While the gateway is running and connected",[45,82,83,86,91,94],{},[66,84,85],{},"MultiClaw Cloud (WebSocket)",[66,87,88],{},[72,89,90],{},"ws.multiclaw.io",[66,92,93],{},"WSS",[66,95,96],{},"While the gateway is running",[45,98,99,102,107,109],{},[66,100,101],{},"Auto-updater",[66,103,104],{},[72,105,106],{},"cdn.multiclaw.io",[66,108,77],{},[66,110,111],{},"On app launch and when you check for updates",[45,113,114,117,122,125],{},[66,115,116],{},"TURN relay (WebRTC)",[66,118,119],{},[72,120,121],{},"turn.multiclaw.io",[66,123,124],{},"HTTPS + UDP",[66,126,127],{},"When you open a cloud desktop",[45,129,130,133,138,140],{},[66,131,132],{},"OpenAI API",[66,134,135],{},[72,136,137],{},"api.openai.com",[66,139,77],{},[66,141,142],{},"When a task uses an OpenAI model",[45,144,145,148,153,155],{},[66,146,147],{},"Anthropic API",[66,149,150],{},[72,151,152],{},"api.anthropic.com",[66,154,77],{},[66,156,157],{},"When a task uses an Anthropic model",[45,159,160,163,168,170],{},[66,161,162],{},"Google Gemini API",[66,164,165],{},[72,166,167],{},"generativelanguage.googleapis.com",[66,169,77],{},[66,171,172],{},"When a task uses a Gemini model",[45,174,175,178,183,185],{},[66,176,177],{},"Real-time events (Pusher)",[66,179,180],{},[72,181,182],{},"*.pusher.com",[66,184,93],{},[66,186,187],{},"During SOP generation and skill compilation",[45,189,190,193,198,200],{},[66,191,192],{},"Link title preview",[66,194,195],{},[72,196,197],{},"api.microlink.io",[66,199,77],{},[66,201,202],{},"When a chat message contains a URL",[45,204,205,208,213,215],{},[66,206,207],{},"Favicon service",[66,209,210],{},[72,211,212],{},"www.google.com",[66,214,77],{},[66,216,217],{},"When a chat message displays a tool call with a URL",[45,219,220,223,226,229],{},[66,221,222],{},"Custom MCP servers",[66,224,225],{},"User-configured",[66,227,228],{},"Varies",[66,230,231],{},"When an MCP server is enabled in your settings",[31,233,235],{"id":234},"multiclaw-cloud-connections","MultiClaw Cloud connections",[11,237,238],{},"The gateway opens two connections to MultiClaw Cloud while running:",[240,241,242,253],"ul",{},[243,244,245,252],"li",{},[246,247,248,249,251],"strong",{},"API (",[72,250,74],{},")",": syncs configuration, task state, and workspace membership between the desktop app and MultiClaw Cloud. Synced data includes agent settings, encrypted API keys, and task assignments. The gateway also sends periodic heartbeats so MultiClaw Cloud can report your instance's connection status.",[243,254,255,260],{},[246,256,257,258,251],{},"WebSocket (",[72,259,90],{},": receives real-time events from MultiClaw Cloud, such as new task assignments and configuration changes pushed by other team members.",[11,262,263],{},"Both connections authenticate with your account session. They carry coordination and configuration data — not your prompts, task content, or files sent to LLM providers.",[31,265,101],{"id":266},"auto-updater",[11,268,269,270,272],{},"On launch, the desktop app sends a version check to ",[72,271,106],{},". The request includes your current app version and operating system so the CDN can return the correct installer if an update is available. No account identifiers, usage data, or behavioural information is included in the request.",[11,274,275],{},"You can also trigger an update check manually from the desktop app's menu.",[31,277,279],{"id":278},"turn-relay","TURN relay",[11,281,282,283,285],{},"When you open a cloud desktop, the app connects to ",[72,284,121],{}," to relay the session's encrypted media stream — screen output from the cloud desktop and your keyboard and mouse input. The TURN server activates only when a direct peer-to-peer connection between your machine and the cloud desktop isn't possible, which is common in corporate or restricted networks.",[11,287,288],{},"The relay handles only the encrypted WebRTC stream. The connection closes when you leave the cloud desktop session.",[31,290,292],{"id":291},"llm-provider-connections","LLM provider connections",[11,294,295,296,299],{},"MultiClaw contacts only the LLM providers you've configured. If you haven't entered an API key for a provider, ",[246,297,298],{},"no connection is made to that provider",". For example, adding only an Anthropic key means the app never contacts OpenAI or Google.",[11,301,302,303,307],{},"Your API keys are stored encrypted in MultiClaw Cloud and delivered to your instance during configuration sync. They are not stored in plaintext on your local machine. See ",[25,304,306],{"href":305},"\u002Fhelp\u002Fsecurity-privacy\u002Fhow-credentials-and-secrets-are-stored","How credentials and secrets are stored"," for full details.",[11,309,310],{},"Each provider connection sends only the data needed to fulfil the task: your prompt, context, and any files you explicitly include. The provider processes this data under its own terms of service and privacy policy. Review your provider's data-use policy to understand how request content is handled and whether it is used for model training.",[31,312,177],{"id":313},"real-time-events-pusher",[11,315,316,317,319],{},"When you use SOP generation or skill compilation, the desktop app opens a WebSocket connection to Pusher (",[72,318,182],{},") for live progress updates. Your existing MultiClaw Cloud session authenticates this connection. The connection closes when the operation completes.",[11,321,322,323,29],{},"No task content reaches Pusher. The connection carries only structured progress events, subject to ",[25,324,328],{"href":325,"rel":326},"https:\u002F\u002Fpusher.com\u002Flegal\u002Fprivacy-policy\u002F",[327],"nofollow","Pusher's Privacy Policy",[31,330,332],{"id":331},"link-preview-and-favicon-services","Link preview and favicon services",[11,334,335,336,338,339,29],{},"When a chat message contains a URL, the desktop app automatically sends that URL to ",[72,337,197],{}," to fetch the page title for display. Microlink processes the URL, subject to ",[25,340,343],{"href":341,"rel":342},"https:\u002F\u002Fmicrolink.io\u002Fprivacy",[327],"Microlink's Privacy Policy",[11,345,346,347,350,351,29],{},"When a chat message displays a tool call with a URL, the app fetches a favicon from ",[72,348,349],{},"https:\u002F\u002Fwww.google.com\u002Fs2\u002Ffavicons"," to display an icon beside the link. The app sends the domain portion of that URL to Google's favicon service, subject to ",[25,352,355],{"href":353,"rel":354},"https:\u002F\u002Fpolicies.google.com\u002Fprivacy",[327],"Google's Privacy Policy",[31,357,222],{"id":358},"custom-mcp-servers",[11,360,361],{},"Your server configuration determines which custom MCP servers the app connects to. MultiClaw does not inspect, control, or audit traffic to or from custom MCP servers. No connections occur unless you've added and enabled an MCP server in your settings.",[11,363,364,365,369],{},"Review the network requirements and trustworthiness of any MCP server before adding it. See ",[25,366,368],{"href":367},"\u002Fhelp\u002Fsecurity-privacy\u002Fshared-responsibility-model","Shared responsibility model"," for the breakdown of your responsibilities versus the provider's.",[31,371,373],{"id":372},"no-telemetry-or-analytics-connections","No telemetry or analytics connections",[11,375,376,379],{},[246,377,378],{},"MultiClaw makes no telemetry, analytics, or crash-reporting connections."," No usage metrics, behavioural analytics, or diagnostic payloads are sent to MultiClaw or any analytics service.",[11,381,382],{},"The Pusher, Microlink, and Google connections described above serve specific UI functions, not analytics or tracking. The sections above detail what data each service receives and link to the relevant privacy policies.",[31,384,386],{"id":385},"blocked-connections","Blocked connections",[11,388,389],{},"Not all connections are required for the desktop app to function. If your network restricts outbound traffic, use this table to understand the impact of blocking each connection.",[39,391,392,401],{},[42,393,394],{},[45,395,396,398],{},[48,397,50],{},[48,399,400],{},"Effect of blocking",[61,402,403,411,418,425,433,441,449,457],{},[45,404,405,408],{},[66,406,407],{},"MultiClaw Cloud (API \u002F WebSocket)",[66,409,410],{},"The gateway cannot sync configuration or receive task assignments. Core app functionality stops.",[45,412,413,415],{},[66,414,101],{},[66,416,417],{},"The app continues working but won't receive automatic updates. Download updates manually from the MultiClaw website.",[45,419,420,422],{},[66,421,279],{},[66,423,424],{},"Cloud desktop sessions may fail if your network also blocks direct peer-to-peer connections.",[45,426,427,430],{},[66,428,429],{},"LLM providers",[66,431,432],{},"Tasks that use the blocked provider's models fail. Other configured providers remain available.",[45,434,435,438],{},[66,436,437],{},"Pusher",[66,439,440],{},"SOP generation and skill compilation lose live progress indicators. The operations still complete in the background.",[45,442,443,446],{},[66,444,445],{},"Microlink",[66,447,448],{},"Chat messages with URLs display without title previews.",[45,450,451,454],{},[66,452,453],{},"Google favicon",[66,455,456],{},"Chat messages with tool-call URLs display without favicon icons.",[45,458,459,461],{},[66,460,222],{},[66,462,463],{},"The blocked server becomes unavailable. Other MCP servers and core functionality are unaffected.",[465,466,468],"callout",{"type":467},"tip",[11,469,470],{},"To verify the connections your desktop app makes, use a network monitor such as Little Snitch (macOS), GlassWire (Windows), or your operating system's built-in firewall logs.",{"title":472,"searchDepth":473,"depth":473,"links":474},"",2,[475,476,477,478,479,480,481,482,483,484],{"id":33,"depth":473,"text":34},{"id":234,"depth":473,"text":235},{"id":266,"depth":473,"text":101},{"id":278,"depth":473,"text":279},{"id":291,"depth":473,"text":292},{"id":313,"depth":473,"text":177},{"id":331,"depth":473,"text":332},{"id":358,"depth":473,"text":222},{"id":372,"depth":473,"text":373},{"id":385,"depth":473,"text":386},"security-privacy","Outbound connections the desktop app and gateway make, what each one does, and when each occurs.",false,"md",{},true,13,"\u002Fsecurity-privacy\u002Fallowed-external-connections",[494,495,496],"security-privacy\u002Fnetwork-security","security-privacy\u002Fprivacy-and-data-handling","security-privacy\u002Fhow-credentials-and-secrets-are-stored",{"title":6,"description":486},"allowed-external-connections","help\u002Fsecurity-privacy\u002F13.allowed-external-connections","2026-03-31","vLsuZIyuIs_bymigjrC4jMYMHRFSI4B0fqZ_RiJ2ULE","Allowed external connections Outbound connections the desktop app and gateway make, what each one does, and when each occurs.",[504,986,1409],{"id":505,"title":28,"body":506,"category":485,"description":974,"draft":487,"extension":488,"meta":975,"navigation":490,"order":976,"path":977,"relatedArticles":978,"seo":981,"slug":982,"stem":983,"updatedAt":500,"__hash__":984,"excerpt":974,"searchText":985},"help\u002Fhelp\u002Fsecurity-privacy\u002F06.network-security.md",{"type":8,"value":507,"toc":963},[508,511,515,519,645,649,664,678,681,684,688,694,701,704,710,714,721,727,730,734,740,746,752,755,763,766,769,772,776,783,786,890,893,917,921,930,937,949,953],[11,509,510],{},"Every connection MultiClaw makes is encrypted and authenticated. Your machine opens no inbound ports, and each credential stays within its intended trust zone.",[11,512,513],{},[17,514],{"alt":19,"src":20},[31,516,518],{"id":517},"connection-summary","Connection summary",[39,520,521,538],{},[42,522,523],{},[45,524,525,527,529,532,535],{},[48,526,50],{},[48,528,56],{},[48,530,531],{},"Authentication",[48,533,534],{},"Data carried",[48,536,537],{},"Notes",[61,539,540,569,587,607,627],{},[45,541,542,545,553,556,559],{},[66,543,544],{},"Desktop app → MultiClaw Cloud",[66,546,547,549,550,552],{},[246,548,77],{}," (REST) and ",[246,551,93],{}," (WebSocket)",[66,554,555],{},"Bearer token (persists until logout); WSS uses a separate short-lived HMAC token",[66,557,558],{},"Account, workspace, task, and agent configuration data; real-time status events",[66,560,561,564,565,568],{},[246,562,563],{},"TLS 1.2"," minimum, ",[246,566,567],{},"TLS 1.3"," preferred",[45,570,571,574,578,581,584],{},[66,572,573],{},"Local OpenClaw gateway → MultiClaw Cloud",[66,575,576,552],{},[246,577,93],{},[66,579,580],{},"Long-lived workspace auth token stored locally; per-session short-lived signed token (memory only)",[66,582,583],{},"Heartbeats, agent status, task execution updates, configuration sync",[66,585,586],{},"Separate trust zone from the desktop app; each uses its own credentials",[45,588,589,592,598,601,604],{},[66,590,591],{},"Desktop app → local OpenClaw gateway",[66,593,594,597],{},[246,595,596],{},"HTTP on localhost"," (127.0.0.1)",[66,599,600],{},"Session token generated at gateway start",[66,602,603],{},"Agent commands, conversation messages, local status queries",[66,605,606],{},"Not exposed on any network interface",[45,608,609,612,618,621,624],{},[66,610,611],{},"Cloud desktop viewer",[66,613,614,617],{},[246,615,616],{},"WebRTC DataChannel"," (DTLS\u002FSCTP)",[66,619,620],{},"ICE negotiated via MultiClaw Cloud over WSS",[66,622,623],{},"JPEG video frames and input events",[66,625,626],{},"TURN relay used when direct peer-to-peer is unavailable",[45,628,629,632,636,639,642],{},[66,630,631],{},"LLM provider API calls",[66,633,634],{},[246,635,77],{},[66,637,638],{},"API key stored encrypted in MultiClaw Cloud, pushed to your instance during config sync",[66,640,641],{},"Prompts, model responses, and tool-call payloads",[66,643,644],{},"Encrypted at rest and in transit; does not appear in agent responses, transcripts, or logs",[31,646,648],{"id":647},"desktop-app-to-multiclaw-cloud","Desktop app to MultiClaw Cloud",[11,650,651,652,654,655,657,658,660,661,663],{},"Your desktop app connects to MultiClaw Cloud over ",[246,653,77],{}," for API calls and ",[246,656,93],{}," for real-time events. Both require ",[246,659,563],{}," at minimum; ",[246,662,567],{}," is preferred when available.",[11,665,666,667,670,671,673,674,677],{},"Authentication uses a ",[246,668,669],{},"bearer token"," issued when you sign in. The desktop app stores this token in the WebView's local storage, where it persists until you sign out. The ",[246,672,93],{}," connection uses a separate ",[246,675,676],{},"short-lived HMAC token"," that expires and refreshes automatically. Even if a WebSocket token is compromised, its short lifespan limits exposure.",[11,679,680],{},"The desktop app always initiates outbound connections. MultiClaw Cloud does not initiate connections back to your machine.",[11,682,683],{},"If the HTTPS or WSS connection drops, the desktop app reconnects automatically and re-authenticates with the existing bearer token. You don't need to sign in again unless the token has been revoked (for example, after a password change or a forced sign-out by a workspace owner).",[31,685,687],{"id":686},"local-openclaw-gateway-to-multiclaw-cloud","Local OpenClaw gateway to MultiClaw Cloud",[11,689,690,691,693],{},"The local OpenClaw gateway maintains its own ",[246,692,93],{}," connection to MultiClaw Cloud. This connection operates in a separate trust zone from the desktop app — each uses its own credentials and neither shares tokens with the other.",[11,695,696,697,700],{},"The gateway authenticates with a long-lived workspace auth token stored in ",[72,698,699],{},"~\u002F.openclaw\u002Fopenclaw.json",". For each WebSocket session, the gateway generates a separate short-lived signed token in memory and does not write it to disk. When the session ends, the gateway discards the token and generates a new one on reconnect.",[11,702,703],{},"If the gateway's WebSocket connection drops, the gateway reconnects and generates a fresh short-lived session token. Running tasks continue locally during brief outages — status updates sync to MultiClaw Cloud once the connection is restored.",[11,705,706,707,709],{},"See ",[25,708,306],{"href":305}," for details on how these tokens are managed.",[31,711,713],{"id":712},"desktop-app-to-local-openclaw-gateway","Desktop app to local OpenClaw gateway",[11,715,716,717,720],{},"The desktop app communicates with the local OpenClaw gateway over ",[246,718,719],{},"HTTP on 127.0.0.1"," (localhost). This connection stays on your machine and is not exposed on any network interface — only local software can reach it.",[11,722,666,723,726],{},[246,724,725],{},"session token"," generated when the gateway starts. The gateway verifies the token on every request using HMAC-SHA256 and does not transmit it outside your machine.",[11,728,729],{},"Because this connection stays on localhost, it does not use TLS. The traffic never leaves your machine's loopback interface, so network-level interception is not possible under normal operating conditions.",[31,731,733],{"id":732},"cloud-desktop-viewer-webrtc","Cloud desktop viewer (WebRTC)",[11,735,736,737,739],{},"When you view a cloud desktop, the video stream travels over a ",[246,738,616],{}," using DTLS\u002FSCTP encryption. The cloud desktop sends JPEG frames directly to your desktop app, and the two endpoints negotiate a direct connection when possible.",[11,741,742,743,745],{},"If a direct connection is not possible (for example, due to a restrictive firewall), MultiClaw provides a ",[246,744,279],{}," to carry the stream. The relay forwards encrypted data without decrypting it.",[11,747,748,749,751],{},"Connection negotiation (ICE candidates) runs through MultiClaw Cloud over the same ",[246,750,93],{}," channel used for real-time communication. ICE candidate exchange is authenticated through the existing WSS session, so unauthenticated parties cannot inject candidates.",[31,753,631],{"id":754},"llm-provider-api-calls",[11,756,757,758,760,761,29],{},"The local OpenClaw gateway calls your LLM provider (for example, ",[72,759,137],{},") directly over ",[246,762,77],{},[11,764,765],{},"MultiClaw Cloud stores your API key in encrypted form and delivers it to your instance during configuration sync. AES-256-GCM encryption, keyed to the instance token, protects the key in transit. On the instance, the gateway decrypts the key and uses it to call your LLM provider directly.",[11,767,768],{},"The API key does not appear in agent responses, transcripts, or logs returned to MultiClaw Cloud.",[11,770,771],{},"If you rotate your API key or change providers, update the key in your workspace settings. The new key takes effect on the next configuration sync.",[31,773,775],{"id":774},"outbound-connections-and-ports","Outbound connections and ports",[11,777,778,779,782],{},"MultiClaw makes only outbound connections from your machine. The desktop app does not open any inbound TCP or UDP ports. The local OpenClaw gateway listens only on ",[246,780,781],{},"localhost (127.0.0.1)",", so other devices on your network cannot reach it.",[11,784,785],{},"The table below lists every external host and port MultiClaw connects to. Share this with your IT team if you need firewall or proxy allowlisting.",[39,787,788,802],{},[42,789,790],{},[45,791,792,795,797,800],{},[48,793,794],{},"Service",[48,796,53],{},[48,798,799],{},"Port",[48,801,56],{},[61,803,804,822,837,858,872],{},[45,805,806,809,814,819],{},[66,807,808],{},"MultiClaw Cloud (API + WebSocket)",[66,810,811],{},[72,812,813],{},"*.multiclaw.io",[66,815,816],{},[72,817,818],{},"443",[66,820,821],{},"HTTPS, WSS",[45,823,824,827,831,835],{},[66,825,826],{},"Cloud desktop relay (signaling)",[66,828,829],{},[72,830,121],{},[66,832,833],{},[72,834,818],{},[66,836,77],{},[45,838,839,842,846,855],{},[66,840,841],{},"Cloud desktop relay (media)",[66,843,844],{},[72,845,121],{},[66,847,848,851,852],{},[72,849,850],{},"3478",", ",[72,853,854],{},"5349",[66,856,857],{},"UDP",[45,859,860,862,866,870],{},[66,861,101],{},[66,863,864],{},[72,865,106],{},[66,867,868],{},[72,869,818],{},[66,871,77],{},[45,873,874,877,884,888],{},[66,875,876],{},"LLM providers (varies by config)",[66,878,879,880,851,882],{},"e.g. ",[72,881,137],{},[72,883,152],{},[66,885,886],{},[72,887,818],{},[66,889,77],{},[11,891,892],{},"You only need to allowlist the LLM provider hosts for the models you've configured.",[465,894,895],{"type":467},[11,896,897,898,901,902,904,905,908,909,911,912,916],{},"If your network blocks outbound UDP, set ",[246,899,900],{},"WebRTC connection mode"," to ",[246,903,279],{}," in ",[246,906,907],{},"Settings → Gateway → Browser Automation",". This routes cloud desktop traffic over TCP port ",[72,910,818],{}," instead. See ",[25,913,915],{"href":914},"\u002Fhelp\u002Ftroubleshooting\u002Fconnections-blocked-by-a-firewall-or-proxy","Connections blocked by a firewall or proxy"," for full troubleshooting steps.",[31,918,920],{"id":919},"tls-and-certificate-verification","TLS and certificate verification",[11,922,923,924,926,927,929],{},"All external connections use ",[246,925,563],{}," at minimum, with ",[246,928,567],{}," preferred when both endpoints support it. The localhost connection between the desktop app and the local OpenClaw gateway is the only unencrypted path, and that traffic never leaves your machine.",[11,931,932,933,936],{},"TLS certificate verification uses your ",[246,934,935],{},"operating system's trust store",". MultiClaw does not currently pin certificates — it trusts the same certificate authorities your OS trusts.",[465,938,940],{"type":939},"warning",[11,941,942,943,945,946,948],{},"If your network uses deep packet inspection (DPI) that intercepts and re-signs TLS traffic, WebSocket and WebRTC connections may fail even when the domain is allowlisted. Ask your IT team to exclude ",[72,944,813],{}," and ",[72,947,121],{}," from DPI inspection.",[31,950,952],{"id":951},"proxy-support","Proxy support",[11,954,955,956,945,959,962],{},"MultiClaw respects the system ",[72,957,958],{},"HTTP_PROXY",[72,960,961],{},"HTTPS_PROXY"," environment variables. Set these in your shell profile or system environment settings before launching the app. No additional proxy configuration is needed inside MultiClaw.",{"title":472,"searchDepth":473,"depth":473,"links":964},[965,966,967,968,969,970,971,972,973],{"id":517,"depth":473,"text":518},{"id":647,"depth":473,"text":648},{"id":686,"depth":473,"text":687},{"id":712,"depth":473,"text":713},{"id":732,"depth":473,"text":733},{"id":754,"depth":473,"text":631},{"id":774,"depth":473,"text":775},{"id":919,"depth":473,"text":920},{"id":951,"depth":473,"text":952},"How MultiClaw secures every network connection using TLS, authenticated tokens, and no inbound ports.",{},6,"\u002Fsecurity-privacy\u002Fnetwork-security",[979,980,496],"security-privacy\u002Fsecurity-overview","security-privacy\u002Fdata-encryption",{"title":28,"description":974},"network-security","help\u002Fsecurity-privacy\u002F06.network-security","yeEOmYYO8SAKtVIU9P-lN5DuDXT7TsATmI06m_VuXt8","Network security How MultiClaw secures every network connection using TLS, authenticated tokens, and no inbound ports.",{"id":987,"title":988,"body":989,"category":485,"description":1398,"draft":487,"extension":488,"meta":1399,"navigation":490,"order":1400,"path":1401,"relatedArticles":1402,"seo":1404,"slug":1405,"stem":1406,"updatedAt":500,"__hash__":1407,"excerpt":1398,"searchText":1408},"help\u002Fhelp\u002Fsecurity-privacy\u002F10.privacy-and-data-handling.md","Privacy and data handling",{"type":8,"value":990,"toc":1385},[991,994,998,1004,1008,1026,1032,1035,1039,1046,1053,1061,1065,1068,1071,1078,1082,1085,1088,1091,1094,1113,1120,1124,1127,1194,1198,1201,1259,1263,1310,1314,1320,1327,1331,1334,1354,1359,1362],[11,992,993],{},"MultiClaw does not collect usage telemetry. Your conversation content stays on your device unless you choose to sync it to a workspace. Below is a complete breakdown of what data MultiClaw holds, how long it is retained, and the rights you have over it.",[31,995,997],{"id":996},"no-telemetry","No telemetry",[11,999,1000,1003],{},[246,1001,1002],{},"The desktop app collects no usage analytics, feature statistics, or behavioural telemetry."," There are no third-party analytics SDKs embedded in the app, and it does not transmit usage data to MultiClaw or any third party.",[31,1005,1007],{"id":1006},"app-logs","App logs",[11,1009,1010,1011,1014,1015,1018,1019,1022,1023,29],{},"The desktop app continuously writes diagnostic and activity logs to a file on your device at ",[72,1012,1013],{},"~\u002F.multiclaw\u002Flogs\u002Fapp.log",". Logs record structured operational events (startup, connectivity changes, errors), not conversation content. You can open the log viewer from ",[246,1016,1017],{},"Settings → General",", scroll to the ",[246,1020,1021],{},"App Logs"," card, and click ",[246,1024,1025],{},"Open Logs",[11,1027,1028,1031],{},[246,1029,1030],{},"App logs are not uploaded automatically."," You choose whether to share a log file with support.",[11,1033,1034],{},"Log files contain operational events including app version and OS identifier. They are not designed to contain conversation content or API keys.",[31,1036,1038],{"id":1037},"conversation-content","Conversation content",[11,1040,1041,1042,1045],{},"Conversation content is stored ",[246,1043,1044],{},"locally on your device"," by default. MultiClaw does not use your conversation content to train, fine-tune, or evaluate AI models.",[11,1047,1048,1049,1052],{},"If you are connected to a workspace, conversations sync to ",[246,1050,1051],{},"MultiClaw Cloud",". Synced conversations are encrypted in transit and at rest. MultiClaw processes this data on your behalf as a data processor.",[11,1054,1055,1056,1060],{},"When you run a task, your prompts and task context are sent to the LLM provider you have configured. See ",[25,1057,1059],{"href":1058},"#data-sharing","Data sharing"," below for details on how third parties handle your data.",[31,1062,1064],{"id":1063},"workflow-recordings","Workflow recordings",[11,1066,1067],{},"The MultiClaw Chrome Extension captures browser interactions only during an active recording session that you start. The extension does not monitor your browsing activity at any other time and does not collect browsing history.",[11,1069,1070],{},"Recordings are stored locally on your device. If you upload a recording to MultiClaw Cloud, it is encrypted at rest.",[11,1072,706,1073,1077],{},[25,1074,1076],{"href":1075},"\u002Fhelp\u002Fsecurity-privacy\u002Fbrowser-extension-security","Browser extension security"," for full details on what the extension accesses and when.",[31,1079,1081],{"id":1080},"cookies-and-tracking","Cookies and tracking",[11,1083,1084],{},"The desktop app does not use browser cookies. MultiClaw Cloud uses session cookies only, which are strictly necessary to keep you signed in.",[11,1086,1087],{},"The marketing website at multiclaw.io uses analytics cookies that require your consent before they are set. MultiClaw does not use advertising or retargeting cookies on any of its properties.",[31,1089,1059],{"id":1090},"data-sharing",[11,1092,1093],{},"MultiClaw does not sell your personal data. Data is shared with third parties only in the following circumstances:",[240,1095,1096,1101,1107],{},[243,1097,1098,1100],{},[246,1099,429],{},": when an agent runs a task, your prompts and task context are sent to the provider you configured (such as OpenAI, Anthropic, or Google). Those providers process data under their own terms and privacy policies.",[243,1102,1103,1106],{},[246,1104,1105],{},"Infrastructure sub-processors",": MultiClaw uses a limited set of third-party infrastructure providers (cloud hosting, database, email delivery) engaged under data processing agreements that restrict them to processing data only on MultiClaw's documented instructions.",[243,1108,1109,1112],{},[246,1110,1111],{},"Legal requirements",": MultiClaw may disclose personal data where required by applicable law, court order, or regulatory authority.",[11,1114,1115,1116,29],{},"For the full list of sub-processors, see ",[25,1117,1119],{"href":1118},"\u002Fhelp\u002Flegal-compliance\u002Fsubprocessors-and-third-parties","Subprocessors and third parties",[31,1121,1123],{"id":1122},"personal-data-we-collect","Personal data we collect",[11,1125,1126],{},"MultiClaw Cloud holds the following personal data about you.",[39,1128,1129,1145],{},[42,1130,1131],{},[45,1132,1133,1136,1139,1142],{},[48,1134,1135],{},"Data type",[48,1137,1138],{},"Purpose",[48,1140,1141],{},"Legal basis",[48,1143,1144],{},"Retention",[61,1146,1147,1163,1178],{},[45,1148,1149,1154,1157,1160],{},[66,1150,1151],{},[246,1152,1153],{},"Name and email address",[66,1155,1156],{},"Account creation and authentication",[66,1158,1159],{},"Performance of contract (GDPR Art. 6(1)(b))",[66,1161,1162],{},"While your account is active; purged within 30 days of account deletion request",[45,1164,1165,1171,1174,1176],{},[66,1166,1167,1170],{},[246,1168,1169],{},"Workspace metadata"," (member list, agent names, audit logs)",[66,1172,1173],{},"Workspace operation and governance",[66,1175,1159],{},[66,1177,1162],{},[45,1179,1180,1185,1188,1191],{},[66,1181,1182],{},[246,1183,1184],{},"IP address and user agent",[66,1186,1187],{},"Server access logs",[66,1189,1190],{},"Legitimate interests — security and abuse prevention (GDPR Art. 6(1)(f))",[66,1192,1193],{},"90 days",[31,1195,1197],{"id":1196},"your-data-rights","Your data rights",[11,1199,1200],{},"You have the following rights under applicable data protection law (including GDPR and UK GDPR).",[240,1202,1203,1213,1222,1235,1243,1251],{},[243,1204,1205,1208,1209,29],{},[246,1206,1207],{},"Right to access",": request a copy of your data at any time by emailing ",[25,1210,1212],{"href":1211},"mailto:privacy@multiclaw.io","privacy@multiclaw.io",[243,1214,1215,1218,1219,1221],{},[246,1216,1217],{},"Right to erasure",": request deletion of your account and associated data by emailing ",[25,1220,1212],{"href":1211},". MultiClaw responds to deletion requests within one calendar month.",[243,1223,1224,1227,1228,1230,1231,1234],{},[246,1225,1226],{},"Right to rectification",": update your name or email address in ",[246,1229,1017],{}," on the ",[246,1232,1233],{},"Account"," card.",[243,1236,1237,1240,1241,29],{},[246,1238,1239],{},"Right to portability",": request a machine-readable export of the personal data you have provided to MultiClaw by emailing ",[25,1242,1212],{"href":1211},[243,1244,1245,1248,1249,29],{},[246,1246,1247],{},"Right to restriction",": request that MultiClaw limit processing of your data in certain circumstances (for example, while the accuracy of your data is being contested) by emailing ",[25,1250,1212],{"href":1211},[243,1252,1253,1256,1257,29],{},[246,1254,1255],{},"Right to object",": object to processing of your personal data where that processing is based on legitimate interests by emailing ",[25,1258,1212],{"href":1211},[31,1260,1262],{"id":1261},"data-retention-summary","Data retention summary",[39,1264,1265,1275],{},[42,1266,1267],{},[45,1268,1269,1272],{},[48,1270,1271],{},"Data",[48,1273,1274],{},"Retention period",[61,1276,1277,1285,1293,1299],{},[45,1278,1279,1282],{},[66,1280,1281],{},"Active account data",[66,1283,1284],{},"While your account is active",[45,1286,1287,1290],{},[66,1288,1289],{},"Deleted account data",[66,1291,1292],{},"Purged within 30 days of deletion request",[45,1294,1295,1297],{},[66,1296,1187],{},[66,1298,1193],{},[45,1300,1301,1303],{},[66,1302,1007],{},[66,1304,1305,1306,1309],{},"Stored locally at ",[72,1307,1308],{},"~\u002F.multiclaw\u002Flogs\u002F","; not uploaded unless you share them",[31,1311,1313],{"id":1312},"delete-your-data","Delete your data",[11,1315,1316,1317,1319],{},"You can delete individual conversations from the desktop app at any time. To request deletion of all your personal data from MultiClaw Cloud, email ",[25,1318,1212],{"href":1211},". After you close your account, you have 30 days to export your data before deletion begins.",[11,1321,706,1322,1326],{},[25,1323,1325],{"href":1324},"\u002Fhelp\u002Flegal-compliance\u002Fdata-portability-and-export","Data portability and export"," for export options.",[31,1328,1330],{"id":1329},"your-responsibilities","Your responsibilities",[11,1332,1333],{},"MultiClaw protects your data in transit and at rest, but some aspects of privacy depend on your choices:",[240,1335,1336,1342,1348],{},[243,1337,1338,1341],{},[246,1339,1340],{},"Workspace sync",": if you connect to a workspace, conversations sync to MultiClaw Cloud. To keep conversations entirely local, don't connect to a workspace.",[243,1343,1344,1347],{},[246,1345,1346],{},"LLM provider selection",": MultiClaw sends your prompts to the provider you choose. Review each provider's data-use policy before configuring an agent.",[243,1349,1350,1353],{},[246,1351,1352],{},"Device security",": local data (config, conversations, agent definitions) is protected by OS file permissions. Enable full-disk encryption to protect it from physical access.",[11,1355,1356,1357,29],{},"For a full breakdown of where platform protections end and yours begin, see ",[25,1358,368],{"href":367},[11,1360,1361],{},"For deeper detail on related topics:",[240,1363,1364,1371,1378],{},[243,1365,1366,1370],{},[25,1367,1369],{"href":1368},"\u002Fhelp\u002Fsecurity-privacy\u002Fdata-encryption","Data encryption",": the full encryption model for local and cloud data.",[243,1372,1373,1377],{},[25,1374,1376],{"href":1375},"\u002Fhelp\u002Fsecurity-privacy\u002Fdata-residency-and-storage","Data residency and storage",": where each type of data is stored.",[243,1379,1380,1384],{},[25,1381,1383],{"href":1382},"\u002Fhelp\u002Flegal-compliance\u002Fprivacy-policy","Privacy Policy",": the full legal privacy policy.",{"title":472,"searchDepth":473,"depth":473,"links":1386},[1387,1388,1389,1390,1391,1392,1393,1394,1395,1396,1397],{"id":996,"depth":473,"text":997},{"id":1006,"depth":473,"text":1007},{"id":1037,"depth":473,"text":1038},{"id":1063,"depth":473,"text":1064},{"id":1080,"depth":473,"text":1081},{"id":1090,"depth":473,"text":1059},{"id":1122,"depth":473,"text":1123},{"id":1196,"depth":473,"text":1197},{"id":1261,"depth":473,"text":1262},{"id":1312,"depth":473,"text":1313},{"id":1329,"depth":473,"text":1330},"MultiClaw collects no telemetry, keeps conversations local by default, and gives you full control over your personal data.",{},10,"\u002Fsecurity-privacy\u002Fprivacy-and-data-handling",[1403,980,496],"security-privacy\u002Fdata-residency-and-storage",{"title":988,"description":1398},"privacy-and-data-handling","help\u002Fsecurity-privacy\u002F10.privacy-and-data-handling","U_27RD9fX6Rl-0R0Bh_vHok-zaDdQn2B-bxYV-nsbaE","Privacy and data handling MultiClaw collects no telemetry, keeps conversations local by default, and gives you full control over your personal data.",{"id":1410,"title":306,"body":1411,"category":485,"description":1700,"draft":487,"extension":488,"meta":1701,"navigation":490,"order":1702,"path":1703,"relatedArticles":1704,"seo":1706,"slug":1707,"stem":1708,"updatedAt":500,"__hash__":1709,"excerpt":1700,"searchText":1710},"help\u002Fhelp\u002Fsecurity-privacy\u002F09.how-credentials-and-secrets-are-stored.md",{"type":8,"value":1412,"toc":1691},[1413,1416,1509,1512,1515,1521,1524,1527,1531,1541,1550,1553,1560,1580,1583,1589,1596,1599,1602,1613,1617,1620,1635,1638,1643,1647,1650,1664,1666,1669,1683],[11,1414,1415],{},"MultiClaw stores your LLM API keys encrypted in MultiClaw Cloud, auth tokens in local config files protected by OS file permissions, and session tokens in memory only. The table below shows where each secret lives, how it's protected, and how to clear it.",[39,1417,1418,1434],{},[42,1419,1420],{},[45,1421,1422,1425,1428,1431],{},[48,1423,1424],{},"Secret",[48,1426,1427],{},"Where it lives",[48,1429,1430],{},"Encrypted at rest",[48,1432,1433],{},"Cleared by",[61,1435,1436,1450,1467,1482,1495],{},[45,1437,1438,1441,1444,1447],{},[66,1439,1440],{},"LLM API keys",[66,1442,1443],{},"MultiClaw Cloud database",[66,1445,1446],{},"Yes — AES-256 application-level encryption",[66,1448,1449],{},"Removing the key from your agent's settings",[45,1451,1452,1455,1461,1464],{},[66,1453,1454],{},"LLM API keys (cloud desktop sync)",[66,1456,1457,1458,251],{},"Cloud desktop instance config (prefixed ",[72,1459,1460],{},"enc:",[66,1462,1463],{},"Yes — AES-256-GCM per-instance key",[66,1465,1466],{},"Instance reset or re-sync from MultiClaw Cloud",[45,1468,1469,1472,1476,1479],{},[66,1470,1471],{},"Gateway workspace auth token",[66,1473,1474],{},[72,1475,699],{},[66,1477,1478],{},"No — OS file permissions only",[66,1480,1481],{},"Removing the user from the workspace",[45,1483,1484,1487,1490,1492],{},[66,1485,1486],{},"Desktop app bearer token",[66,1488,1489],{},"Desktop app WebView local storage",[66,1491,1478],{},[66,1493,1494],{},"Signing out of the desktop app",[45,1496,1497,1500,1503,1506],{},[66,1498,1499],{},"WebSocket session tokens",[66,1501,1502],{},"Memory only — not written to disk",[66,1504,1505],{},"N\u002FA",[66,1507,1508],{},"Connection close or token expiry",[31,1510,1440],{"id":1511},"llm-api-keys",[11,1513,1514],{},"MultiClaw Cloud stores your LLM provider API keys in its database, encrypted at rest with application-level encryption.",[11,1516,1517,1518,1520],{},"When MultiClaw syncs your configuration to a cloud desktop, it re-encrypts each API key with AES-256-GCM using a per-instance key derived through HKDF-SHA256. MultiClaw writes the encrypted value (prefixed ",[72,1519,1460],{},") to the instance's local config. At runtime, the gateway decrypts the key in memory to call your LLM provider.",[11,1522,1523],{},"The desktop app and gateway are designed not to log configuration values. Under normal operation, keys do not appear in diagnostic logs.",[11,1525,1526],{},"To add, update, or remove an API key, open your agent's settings in MultiClaw Cloud. Changes sync to connected cloud desktops on the next configuration push. Removing a key from MultiClaw Cloud deletes the encrypted copy from every synced instance.",[31,1528,1530],{"id":1529},"workspace-auth-token","Workspace auth token",[11,1532,1533,1534,1536,1537,1540],{},"When you sign in, MultiClaw Cloud issues a long-lived auth token stored in ",[72,1535,699],{}," as a plain JSON string. The gateway uses this token to authenticate WebSocket connections to MultiClaw Cloud. The token is not encrypted at rest. OS file permissions on ",[72,1538,1539],{},"~\u002F.openclaw\u002F"," control read access.",[465,1542,1544],{"type":1543},"note",[11,1545,1546,1547,1549],{},"OS file permissions mean that only your operating system user account is intended to read the contents of ",[72,1548,1539],{},". If you share an OS-level user account with other people, they may be able to read the token. Treat your OS user account as the trust boundary for this file.",[11,1551,1552],{},"The token is scoped to your user account and is not designed to permit access to another user's data.",[11,1554,1555,1556,1559],{},"To revoke access after a device is lost, a workspace owner can remove the user on the ",[246,1557,1558],{},"Users"," page in MultiClaw Cloud. MultiClaw does not currently offer per-device session revocation.",[465,1561,1562],{"type":467},[11,1563,1564,1565,1567,1568,1571,1572,1575,1576,1579],{},"On macOS and Linux, verify your ",[72,1566,1539],{}," directory permissions by running ",[72,1569,1570],{},"ls -ld ~\u002F.openclaw\u002F",". The output should show ",[72,1573,1574],{},"drwx------"," (owner-only access). On Windows, right-click the folder, open ",[246,1577,1578],{},"Properties → Security",", and confirm only your user account has read access.",[31,1581,1486],{"id":1582},"desktop-app-bearer-token",[11,1584,1585,1586,1588],{},"The desktop app uses a separate bearer token for its HTTP and real-time API calls to MultiClaw Cloud. It stores this token in its WebView local storage, not in ",[72,1587,699],{},", and does not encrypt it at rest.",[11,1590,1591,1592,1595],{},"This bearer token is distinct from the gateway workspace auth token. The gateway reads ",[72,1593,1594],{},"openclaw.json"," for its WebSocket connection, while the desktop app holds its own bearer token. Signing out of the desktop app clears the bearer token from local storage.",[31,1597,1499],{"id":1598},"websocket-session-tokens",[11,1600,1601],{},"Each WebSocket connection uses a short-lived HMAC-SHA256-signed token generated fresh for every session. These tokens exist in memory only while the connection is active and are not written to disk.",[11,1603,1604,1605,1608,1609,1612],{},"Token lifetime depends on the connection type: user session tokens expire after ",[246,1606,1607],{},"4 hours",", and daemon (cloud desktop) connection tokens expire after ",[246,1610,1611],{},"24 hours",". When a token expires, the system generates a new one automatically on reconnect.",[31,1614,1616],{"id":1615},"if-a-device-is-lost-or-compromised","If a device is lost or compromised",[11,1618,1619],{},"If you lose a device or suspect unauthorized access, take these steps in order:",[1621,1622,1623,1629,1632],"ol",{},[243,1624,1625,1626,1628],{},"Ask a workspace owner to remove your user account on the ",[246,1627,1558],{}," page in MultiClaw Cloud. This revokes the gateway workspace auth token stored on the device.",[243,1630,1631],{},"Sign in to MultiClaw Cloud from a trusted device and rotate any LLM API keys your agents use. Open your agent's settings, remove the current key, and add a new one.",[243,1633,1634],{},"If you use the same password elsewhere, change it. MultiClaw Cloud stores only a bcrypt hash of your password, but credential reuse remains a risk outside MultiClaw.",[11,1636,1637],{},"The desktop app bearer token is cleared when you sign out, but you cannot remotely sign out a lost device. Removing the user from the workspace is the primary revocation mechanism.",[465,1639,1640],{"type":939},[11,1641,1642],{},"MultiClaw does not currently offer per-device session revocation. Removing a user from the workspace revokes all of that user's tokens across every device.",[31,1644,1646],{"id":1645},"what-multiclaw-does-not-store","What MultiClaw does not store",[11,1648,1649],{},"MultiClaw does not retain the following values in their original form:",[240,1651,1652,1658],{},[243,1653,1654,1657],{},[246,1655,1656],{},"Plaintext passwords",": MultiClaw Cloud stores only a bcrypt hash of your password. Neither MultiClaw Cloud nor the desktop app is designed to retain the original password.",[243,1659,1660,1663],{},[246,1661,1662],{},"Browser cookies and session tokens",": MultiClaw is not designed to store cookies or session tokens from pages recorded during a workflow.",[31,1665,1330],{"id":1329},[11,1667,1668],{},"MultiClaw encrypts API keys at rest, scopes tokens to your user account, and keeps session tokens short-lived. The protections above assume:",[240,1670,1671,1674,1677,1680],{},[243,1672,1673],{},"Your OS user account is not shared with other people.",[243,1675,1676],{},"Your device has full-disk encryption enabled (FileVault on macOS, BitLocker on Windows, LUKS on Linux).",[243,1678,1679],{},"You sign out of the desktop app before lending or decommissioning a device.",[243,1681,1682],{},"You keep your device locked when unattended.",[11,1684,1685,1686,1688,1689,29],{},"Without these measures, unencrypted tokens in ",[72,1687,1594],{}," and local storage are accessible to anyone with physical access to the device. For a full breakdown of where platform protections end and yours begin, see ",[25,1690,368],{"href":367},{"title":472,"searchDepth":473,"depth":473,"links":1692},[1693,1694,1695,1696,1697,1698,1699],{"id":1511,"depth":473,"text":1440},{"id":1529,"depth":473,"text":1530},{"id":1582,"depth":473,"text":1486},{"id":1598,"depth":473,"text":1499},{"id":1615,"depth":473,"text":1616},{"id":1645,"depth":473,"text":1646},{"id":1329,"depth":473,"text":1330},"API keys are encrypted in MultiClaw Cloud, auth tokens rely on OS file permissions, and session tokens live in memory only.",{},9,"\u002Fsecurity-privacy\u002Fhow-credentials-and-secrets-are-stored",[980,979,1705,1403],"security-privacy\u002Fauthentication-and-login-security",{"title":306,"description":1700},"how-credentials-and-secrets-are-stored","help\u002Fsecurity-privacy\u002F09.how-credentials-and-secrets-are-stored","zk_b1Ew5T-ezUvHLnuGENrO82-pDLoeQaYbEfcU6ESI","How credentials and secrets are stored API keys are encrypted in MultiClaw Cloud, auth tokens rely on OS file permissions, and session tokens live in memory only.",1778463888311]