User Authentication
with OpenClaw, pay per use.
Your agents autonomously verify users via SMS, handle one-time passwords, and manage transactional messaging — without you touching a vendor account. Billed per verification.
Real OpenClaw agents that rely on this tool.
Each pattern below is a single OpenClaw agent with user authentication via Locus registered as one tool. The math works because the agent only spends when it actually sends a verification.
Verify new users before granting access.
An onboarding OpenClaw agent sends an OTP to the user's phone during signup, waits for the code, and only creates the account on verified:true. No Twilio subscription tied to a billing entity, no shared API key in agent logs — the agent self-onboards via MCP and pays per verification from a connected wallet.
Step-up auth before sensitive operations.
A payment or transfer OpenClaw agent requires OTP confirmation before executing high-value or flagged transactions. The tool is registered once; the agent calls it whenever a transaction crosses a risk threshold. Per-verification billing keeps cost proportional to actual risk events.
Restore access via verified phone identity.
An OpenClaw account recovery agent sends an OTP to the phone on file, verifies the code, and issues a new credential only on success. The agent handles the full identity confirmation loop — no human-managed vendor account in the pipeline, no persistent SMS key to compromise.
Challenge suspicious sessions automatically.
A fraud-monitoring OpenClaw agent flags anomalous activity and automatically triggers a phone verification challenge. The agent suspends the session, sends an OTP, and either clears or escalates the account based on whether the user can verify. Per-call billing means quiet periods cost nothing.
Stop managing SMS vendor accounts inside your agent.
Register one tool, connect a wallet, and your OpenClaw agent can verify any user's phone on every relevant call. Idle runs cost zero. Vendor migrations cost zero. That's the entire deal.
- Single OpenClaw tool
- Global SMS coverage
- Budget caps honored
- MCP + pay-per-call native
OpenClaw-specific questions.
If something below doesn't cover your case, ping us — we work directly with OpenClaw builders, no SDR funnel.
How does this register as an OpenClaw tool?
+
It's a standard POST endpoint with a typed body. You register it in OpenClaw the same way you'd register any HTTP tool — endpoint, schema, per-call price. OpenClaw uses the price to enforce budget caps and to show the user what each agent run will cost before it runs.
Does OpenClaw need a Twilio or Vonage account?
+
No. The gateway manages the SMS infrastructure entirely. OpenClaw pays per verification via pay-per-call from a wallet you connect — no vendor account is created, and there's no SMS API key to rotate or leak in agent logs.
What happens when an OpenClaw run hits its budget cap mid-verification?
+
The tool returns the current verification state — typically unverified — and OpenClaw stops issuing new calls. The agent treats this as a normal tool boundary and can ask the user for more budget or hand off the partial result.
Can OpenClaw call this concurrently across many agents?
+
Yes. Per-key rate limits apply with concurrency-fair queueing — a high-volume agent never starves another agent on the same key. Practical limits scale with the underlying SMS infrastructure.
How is this different from giving OpenClaw a Twilio account?
+
Twilio subscriptions don't fit OpenClaw's tool model. The tool can't report a true per-verification cost, so OpenClaw can't do real budget planning. This gateway reports an honest per-call cost up front, which is what OpenClaw was designed to consume.
Does the tool handle the full OTP cycle or just dispatch?
+
The full cycle. One tool registration covers both the send step (dispatching the OTP to the user's phone) and the verify step (confirming the code the user entered). OpenClaw agents call two endpoints under the same tool; both are billed at the per-verification rate.