Skip to main content

Plugin Configuration Reference

HindClaw uses a two-level config system. Plugin-level defaults are set in openclaw.json (or its modular $include files). Per-agent overrides are set in bank config files (banks/*.json5).

Resolution order: plugin defaults -> bank config file (shallow merge, bank file wins).

With the hindclaw-extension installed on the server, most access control and enrichment is handled server-side. The plugin config is focused on infrastructure connection, behavioral defaults, and agent mapping. User/group management is done via the /ext/hindclaw/* REST API, not config files.

Config Architecture

openclaw.json (plugin config)          banks/agent-1.json5 (bank config)
  Infrastructure                         Server-side (agent-only)
    hindsightApiUrl, jwtSecret             retain_mission, entity_labels
                                           dispositions, directives
  Daemon (global only)
    apiPort, embedVersion                Infrastructure overrides
    embedPackagePath, daemonIdleTimeout    hindsightApiUrl (different server)

  Defaults (overridable per-agent)       Behavioral overrides (client-enforced)
    llmProvider, llmModel                  recallBudget, recallMaxTokens
    autoRecall, autoRetain, ...            retainEveryNTurns, excludeProviders
    recallBudget, retainEveryNTurns
                                         Multi-bank: recallFrom [...]
  bootstrap: true|false                  Session start: sessionStartModels
  Agent mapping                          Reflect: reflectOnRecall
    agents: { id: { bankConfig } }

Plugin Config Options

Set these in the config block of the HindClaw plugin entry inside openclaw.json.

Infrastructure

OptionTypeDefaultPer-agentDescription
hindsightApiUrlstring--yesHindsight API base URL. When set, connects to a remote server instead of the local daemon.
hindsightApiTokenstring--yesBearer token for API authentication. Used for single-user setups without hindclaw-extension. Mutually exclusive with jwtSecret.
jwtSecretstring--noShared secret (HMAC-SHA256) for signing JWTs sent to a server running hindclaw-extension. The same secret must be configured on the server via HINDSIGHT_API_TENANT_JWT_SECRET. When set, the plugin generates short-lived JWTs containing the sender, agent, channel, and topic for each request instead of using a static API token.

Daemon (Global Only)

These options control the embedded hindsight-embed daemon. They cannot be overridden per-agent.

OptionTypeDefaultPer-agentDescription
apiPortnumber9077noPort the local daemon listens on.
embedVersionstring"latest"noVersion of hindsight-embed to use.
embedPackagePathstring--noPath to a local hindsight-embed installation. For development only.
daemonIdleTimeoutnumber0noSeconds of inactivity before the daemon shuts down. 0 means never.

Bank ID Routing

OptionTypeDefaultPer-agentDescription
dynamicBankIdbooleantrueyesDerive the bank ID dynamically from context fields instead of using a static ID.
dynamicBankGranularitystring[]["agent","channel","user"]yesWhich context fields to include in the derived bank ID. Valid values: agent, provider, channel, user.
bankIdPrefixstring--yesStatic prefix prepended to derived bank IDs.

Behavioral Defaults

These set the plugin-wide defaults. Any of them can be overridden in a bank config file.

OptionTypeDefaultPer-agentDescription
autoRecallbooleantrueyesInject recalled memories into the prompt before each turn.
autoRetainbooleantrueyesRetain conversations after each agent turn.
recallBudgetstring"mid"yesRecall effort level. Values: low, mid, high. Higher values use more compute for better results.
recallMaxTokensnumber1024yesMaximum tokens injected into the prompt per recall.
recallTypesstring[]["world","experience"]yesMemory types to recall. Values: world, experience, observation.
recallRolesstring[]--yesRoles to include in the recall query context. Values: user, assistant, system, tool.
recallTopKnumber--yesMaximum number of memory results to return from recall.
recallContextTurnsnumber--yesNumber of recent conversation turns to include as context in the recall query.
recallMaxQueryCharsnumber--yesMaximum character length of the recall query.
recallPromptPreamblestring--yesText prepended to the recalled memories block before injection.
retainRolesstring[]["user","assistant"]yesMessage roles captured during retention. Values: user, assistant, system, tool.
retainEveryNTurnsnumber1yesRetain every Nth turn. Set to 2 to retain every other turn, 3 for every third, etc.
retainOverlapTurnsnumber--yesNumber of turns to overlap between consecutive retain windows. Prevents context loss at boundaries.
excludeProvidersstring[][]yesSkip memory operations for these message providers (e.g., ["slack"]).
llmProviderstringautoyesLLM provider for memory extraction. Auto-detected from the gateway config if not set.
llmModelstringprovider defaultyesLLM model name for extraction.
llmApiKeyEnvstring--yesEnvironment variable name containing the LLM API key.
debugbooleanfalseyesEnable debug logging for memory operations.

Bootstrap and Agent Map

OptionTypeDefaultPer-agentDescription
bootstrapbooleanfalsenoAutomatically apply bank configs on first run when the bank is empty on the server. After the initial bootstrap, use hindclaw apply to manage server state.
agentsRecord<string, AgentEntry>{}noPer-agent bank config registration. Maps agent IDs to their bank config file paths.
bankMissionstring--noDefault bank mission applied automatically to unconfigured banks.

The agents map uses this structure:

{
  "agents": {
    "yoda":  { "bankConfig": "./banks/yoda.json5" },
    "r2d2":  { "bankConfig": "./banks/r2d2.json5" },
    "c3po":  { "bankConfig": "./banks/c3po.json5" }
  }
}

Remote Server Setup

There are two modes for connecting to a remote Hindsight server:

Single-user mode (no hindclaw-extension)

For setups where access control is not needed, use a static API token:

{
  "hindsightApiUrl": "https://hindsight.home.local",
  "hindsightApiToken": "your-api-token"
}

Multi-user mode (with hindclaw-extension)

For setups with multiple users, install the hindclaw-extension on the server (see Installation) and use JWT authentication:

{
  "hindsightApiUrl": "https://hindsight.office.local",
  "jwtSecret": "shared-secret-between-plugin-and-server"
}

The plugin generates short-lived JWTs (5 min TTL) for each request, embedding the sender identity, agent, channel, and topic. The server extension decodes the JWT, resolves the user, and enforces permissions.

Users, groups, and permissions are managed via the /ext/hindclaw/* REST API on the server, not in config files.

Per-agent server routing

Different agents can connect to different servers. Set hindsightApiUrl in the bank config file:

// In banks/agent-3.json5
{
  "hindsightApiUrl": "https://hindsight.office.local"
}

The jwtSecret is set at the plugin level (not per-agent) since all agents on the same server share the same secret.

Multi-server topology example:

Gateway (jwtSecret configured at plugin level)
  agent-1  (private)  -> hindsightApiUrl: "https://hindsight.home.local"
  agent-2  (private)  -> hindsightApiUrl: "https://hindsight.home.local"
  agent-3  (company)  -> hindsightApiUrl: "https://hindsight.office.local"
  agent-4  (company)  -> hindsightApiUrl: "https://hindsight.office.local"
  agent-5  (local)    -> no hindsightApiUrl (uses local daemon)

Cross-Agent Recall

An agent can recall memories from other agents' banks by setting recallFrom in its bank config file. This is a bank config field, not a plugin config field.

// In banks/supervisor.json5
{
  "recallFrom": [
    { "bankId": "agent-1" },
    { "bankId": "agent-2", "budget": "high", "maxTokens": 2048 },
    { "bankId": "agent-3", "types": ["world"] }
  ]
}

Each entry in recallFrom supports:

FieldTypeDefaultDescription
bankIdstringrequiredTarget bank ID to recall from.
budgetstringinheritsRecall effort for this bank. Values: low, mid, high.
maxTokensnumberinheritsMax tokens from this bank.
typesstring[]inheritsMemory types to recall from this bank.
tagGroupsTagGroup[]--Tag-based filtering for this bank's recall.

When access control is active, permissions are checked independently for each target bank. If the requesting user has recall: false on a target bank, that bank is silently skipped.

Client-Enforced vs Server-Enforced Fields

With the hindclaw-extension, most permission fields are enforced server-side via accept_with() enrichment (tags, tag_groups, strategy). However, some fields cannot be enforced server-side because the Hindsight ValidationResult does not support them. These remain client-enforced -- the plugin reads them from its own config or from the resolved permissions returned by the debug endpoint:

FieldReason for client enforcement
recallBudgetNo budget field in ValidationResult
recallMaxTokensNo max_tokens field in ValidationResult
retainEveryNTurnsRequires turn count state tracked by the plugin
excludeProvidersProvider filtering happens before the request reaches the server
llmModel, llmProviderExtraction model selection is server config, not a per-request override

These fields can still be set in plugin config or bank config files as behavioral overrides.

User and Group Management

When running with the hindclaw-extension, users, groups, permissions, and strategy scopes are managed via the /ext/hindclaw/* REST API on the Hindsight server -- not via config files. The plugin does not store or resolve any user/group/permission data.

Key API endpoints:

  • GET/POST /ext/hindclaw/users -- manage users
  • POST /ext/hindclaw/users/:id/channels -- map channel sender IDs to users
  • GET/POST /ext/hindclaw/groups -- manage groups and their default permissions
  • PUT /ext/hindclaw/banks/:bank_id/permissions/groups/:group_id -- bank-level group overrides
  • PUT /ext/hindclaw/banks/:bank_id/permissions/users/:user_id -- bank-level user overrides
  • PUT /ext/hindclaw/banks/:bank_id/strategies/:scope_type/:scope_value -- strategy scope overrides
  • GET /ext/hindclaw/debug/resolve?sender=...&bank=... -- troubleshoot resolved permissions

See the Access Control guide for setup instructions.