What Is DM Pairing?
DM Pairing is OpenClaw's channel-based authentication mechanism. Instead of requiring a username and password, OpenClaw pairs your messaging account (WhatsApp, Telegram, Discord, Slack, iMessage, Signal) directly to the daemon using a one-time pairing code sent via direct message.
How It Works
- You start the OpenClaw daemon:
openclaw start - You open the dashboard and click Pair New User
- OpenClaw generates a 6-digit pairing code and displays it
- You DM that code to your OpenClaw bot on the target channel (e.g., Telegram)
- The daemon verifies the code and permanently links your account
After pairing, every message from your paired account is trusted — no passwords or tokens required in the chat.
Security Properties
- One-time codes: Pairing codes expire after 10 minutes
- Per-channel binding: Each channel (Telegram, WhatsApp, etc.) must be paired separately
- Revocable: You can unpair any account instantly:
openclaw users unpair <user_id> - Allowlist enforcement: Unpaired users receive no response from the agent
Pairing Multiple Users
Enterprise installs can pair multiple users to one OpenClaw instance. Each user gets their own isolated context and permissions:
openclaw users list
openclaw users pair --channel telegramTroubleshooting Pairing
- Code expired? Generate a new one from the dashboard
- Code not accepted? Ensure you're messaging the correct bot and the daemon is running
- Already paired but locked out? Reset with:
openclaw users reset --channel telegram
Security Overview
Learn about OpenClaw's full security model including sandboxing and allowlists.