Resolving 'Device Identity Required' in OpenClaw v2026.3.12
TL;DR โ Quick Fix
A regression in v2026.3.12 and v2026.3.13 ignores your disable auth config; the only reliable fix currently is to downgrade to v2026.3.11.
Run DiagnosticsNext Step
Fix now, then reduce repeat incidents
If this issue keeps coming back, validate your setup in Doctor first, then harden your config.
Error Signal
device identity requiredWhat's Happening
You are trying to access the OpenClaw Control UI over your LAN using a token, but the system keeps throwing a 'device identity required' error despite having gateway.controlUi.dangerouslyDisableDeviceAuth: true set in your configuration. This effectively blocks cross-device LAN access.
The Fix
There is currently no patch for v2026.3.12 or v2026.3.13. The community has confirmed that this issue was introduced in the 3.12 release. To regain functionality, roll back your gateway container to version 2026.3.11:
# Update your docker-compose.yml or container image tag
image: openclaw/gateway:v2026.3.11
After changing the tag, run docker-compose pull && docker-compose up -d to revert the image. Your configuration should function immediately as expected once the older version is running.
Why This Occurs
The issue stems from a faulty merge introduced in the v2026.3.12 release. Even though you explicitly set dangerouslyDisableDeviceAuth and allowInsecureAuth to true, the gateway's WebSocket handshake logic ignores these flags and forces a device pairing check anyway. It ignores the token-only bypass entirely.
Prevention
Keep an eye on the official GitHub repository issue #44967 for status updates. We are tracking this internally and will update the package as soon as the regression is addressed in a future hotfix. Avoid updating to any release post-3.11 until the maintainers mark this as resolved.
Last Updated: April 2026
Did this guide solve your problem?