what's the best practice to store discord auth key?
the clawd config says
the clawdconfig doesn't seem a secure option to store there but then where?
i'd say keychain but is there any skill / script that would load it into the envvar before the daemons tart?
Configure Clawdbot with DISCORD_BOT_TOKEN (or channels.discord.token in ~/.clawdbot/clawdbot.json).the clawdconfig doesn't seem a secure option to store there but then where?
i'd say keychain but is there any skill / script that would load it into the envvar before the daemons tart?
Solution
4. In Config (Least Secure)
The
channels.discord.token option works, but since ~/.clawdbot/clawdbot.json is plain JSON, tokens are visible in plaintext. Only use this for testing.Recommendation
Use approach #2 (~/.clawdbot/.env) for most cases β it's secure enough (file permissions restrict access), automatically loaded, and daemon-friendly. For maximum security on a shared machine, use approach #3 with your system's keychain.The key benefit of
.env: it persists across reboots but stays separate from the main config file, making it easier to manage permissions and backup selectively.
