Why does the API proxy work instantly with the same account?

The API proxy likely uses a more direct API endpoint and authentication method (like an API key) that avoids the specific rate limiting issues encountered by the `google-gemini-cli`'s web OAuth flow.

How can I see the rate limits happening?

Enable `debug` logging in OpenClaw. Look for `[info]` or `[debug]` messages indicating HTTP 429 errors or significant delays. The linked GitHub issue suggests making these explicit. You can also visualize delays using the OpenClaw Web UI by loading logs there.

Is there a fix within the `google-gemini-cli` provider itself?

The GitHub issue indicates a potential fix (#38051) was merged that addresses `maxRetryDelayMs` bottlenecks. Ensure you're on the latest version of OpenClaw or check that specific PR for details. However, the core workaround remains using an API proxy if issues persist.

Fix Severe 60s Hangs with Google Gemini CLI OAuth in OpenClaw

TL;DR — Quick Fix

60s hangs are caused by silent HTTP 429 rate limits in the native OAuth flow; switch to an API proxy or update retry settings.

Run Diagnostics

Next Step

Fix now, then reduce repeat incidents

If this issue keeps coming back, validate your setup in Doctor first, then harden your config.

Open Doctor Harden Config

Error Signal

HTTP 429 Too Many RequestsRate Limit Warning

What's Happening

You're seeing significant ~60-second delays between steps when using OpenClaw with the google-gemini-cli provider, especially for multi-step tool calls. This happens even though the exact same Google account works instantly when routed through a self-hosted API proxy (like cliproxyapi). The culprit seems to be the default OAuth implementation hitting Google's rate limits without clear feedback.

The Fix

There are two main ways to resolve this:

Use an API Proxy: Configure OpenClaw to use an API-based provider. This could be your own cliproxyapi or any other setup that forwards requests to the Gemini API using an API key or a more direct authentication method than the web OAuth flow. This bypasses the problematic OAuth handling.

Here's a snippet showing how you might configure a proxy:
```
providers:
  google-gemini:
    api_key: $GOOGLE_API_KEY # Or however your proxy gets its auth
    base_url: http://localhost:8000 # Your proxy's address
```
Adjust Retry Settings (if applicable to your provider implementation): While not explicitly shown as merged in the linked issue, a common bottleneck for retry delays is maxRetryDelayMs. If your provider config allows tuning this, increasing it might help, but the core issue is the lack of explicit 429 reporting. Check your provider's specific documentation.

Why This Occurs

The google-gemini-cli OAuth flow appears to hit Google's rate limits (HTTP 429 errors) but doesn't surface these errors clearly in the logs. Instead, it seems to enter a silent, long retry or backoff period, causing the 60-second hangs. When you use cliproxyapi, it likely uses a different endpoint or authentication mechanism that is less prone to these specific rate limits, or handles them more gracefully, hence the drastically faster execution.

It's critical to remember, as pointed out in the discussion, that both methods are using the exact same underlying Google account. The performance difference is purely down to how the google-gemini-cli's OAuth implementation interacts with the API endpoints compared to a direct API call setup.

Prevention

Always explicitly expose rate limit warnings (like HTTP 429) in your logs. Make sure your provider configurations allow for tuning of retry mechanisms and timeouts. Prefer API key or direct service account authentication over web OAuth flows for automated agents when possible, as they often offer more stable and predictable performance.

Consider running logs through the OpenClaw Web UI for clearer visualization of these time gaps.

Last Updated: March 2026

Did this guide solve your problem?