Configure who can communicate with your Clawdbot assistant and which devices can connect to your Gateway.

Overview

Pairing is the explicit owner approval step used for security in two contexts:

DM Pairing - Controls who can communicate with the bot
Device Pairing - Controls which devices/nodes can join the Gateway network

DM Pairing (Inbound Chat Access)

When a channel uses the pairing DM policy, unknown senders receive a short code and their messages are held until you approve them.

How It Works

Unknown user sends a message to your bot
Bot responds with an 8-character pairing code
Messages are held in a pending queue
You approve or reject the pairing request
Approved users can communicate freely

Pairing Code Characteristics

8 uppercase characters
Ambiguous characters excluded (0, O, 1, I)
Expires after 1 hour
Maximum 3 pending requests per channel (default)

Approval Commands

# List pending pairing requests
clawdbot pairing list telegram
clawdbot pairing list whatsapp

# Approve a pairing request
clawdbot pairing approve telegram ABC12DEF
clawdbot pairing approve whatsapp XYZ98GHI

# Reject a pairing request
clawdbot pairing reject telegram ABC12DEF

Supported Channels

Channel	Command
Telegram	`clawdbot pairing list telegram`
WhatsApp	`clawdbot pairing list whatsapp`
Signal	`clawdbot pairing list signal`
iMessage	`clawdbot pairing list imessage`
Discord	`clawdbot pairing list discord`
Slack	`clawdbot pairing list slack`

Storage Locations

File	Purpose
`~/.clawdbot/credentials/<channel>-pairing.json`	Pending requests
`~/.clawdbot/credentials/<channel>-allowFrom.json`	Approved users

Device Pairing

Nodes connecting to the Gateway as devices with role: node require approval through device pairing requests.

Device Approval Commands

# List all devices (pending and paired)
clawdbot devices list

# Approve a device
clawdbot devices approve <requestId>

# Reject a device
clawdbot devices reject <requestId>

# Remove a paired device
clawdbot devices remove <deviceId>

Storage Locations

File	Purpose
`~/.clawdbot/devices/pending.json`	Pending device requests
`~/.clawdbot/devices/paired.json`	Approved devices

DM Policies

Configure DM policy in ~/.clawdbot/clawdbot.json:

{
  "channels": {
    "whatsapp": {
      "dmPolicy": "pairing",
      "allowFrom": []
    }
  }
}

Available Policies

Policy	Description
`pairing`	Require approval for new senders
`allowlist`	Only allow pre-approved senders
`open`	Allow all senders (not recommended)

Security Best Practices

Use pairing mode for channels exposed to unknown users
Review pending requests regularly
Use allowlist mode for sensitive channels
Limit pending requests to prevent spam
Audit approved users periodically

Setup Guide - Initial configuration
Security - Security best practices
Channels - Channel configuration

Pairing & Access Control

Overview

DM Pairing (Inbound Chat Access)

How It Works

Pairing Code Characteristics

Approval Commands

Supported Channels

Storage Locations

Device Pairing

Device Approval Commands

Storage Locations

DM Policies

Available Policies

Security Best Practices

On this page