OpenClaw 3.23: 3 Config Changes You Should Make Today (DeepSeek, Qwen, OpenRouter) | OpenClaw DC

TL;DR: Upgrade, then change these 3 config lines

OpenClaw 3.23 landed on March 24, 2026. The release notes list a dozen changes. Most users only need to touch three things in their config file:

1. DeepSeek is now a first-party provider. Drop the community plugin.
2. Qwen OAuth is dead. Swap to a pay-as-you-go API key.
3. OpenRouter auto-pricing replaces bundled price lists. Remove any overrides.

Everything else — Chrome MCP tab waiting, Discord truncation, Slack threading, Matrix Synapse 1.100+, Web UI session timeout — is fixed automatically the moment you upgrade.

Upgrade first:

npm install -g openclaw@latest
openclaw --version   # should print 2026.3.23

If the upgrade fails, walk the troubleshooting guide. Coming from 3.13 or earlier? Skim the 3.13 release notes for breaking changes you may have missed.

Change #1: Switch DeepSeek to the built-in provider

Previous versions required the community openclaw-deepseek-plugin package or a handwritten OpenAI-compatible adapter. Version 3.23 ships DeepSeek as a first-class provider alongside OpenAI, Anthropic, and Google. The built-in version handles streaming, rate limiting (429s with retry-after), and cost tracking. The community plugin did none of these cleanly.

Remove the old plugin first:

npm uninstall -g openclaw-deepseek-plugin
openclaw config unset plugins.deepseek

Then set your DeepSeek API key:

openclaw config set deepseek.apiKey YOUR_KEY
openclaw config set defaultModel deepseek-v3

You can also select deepseek-coder or any other model listed in the DeepSeek API catalog. To verify it works:

openclaw chat "ping" --model deepseek-v3

A clean response means the provider is wired up. A ProviderNotFoundError: deepseek means you are still on 3.22 or earlier — re-run the upgrade.

If you want to compare DeepSeek against other providers before committing, the API costs comparison has updated per-token numbers. DeepSeek also runs well locally on modest hardware; the best local models guide covers setups under 16 GB of RAM.

Change #2: Replace the Qwen OAuth token with an API key

Before 3.23, connecting Qwen required an OAuth flow through Alibaba Cloud. That flow broke constantly, especially for users outside mainland China — the redirect URL hit a regional endpoint that refused non-CN traffic. Users reported 400 Bad Request errors with no useful body, and browser popups that closed without writing a token.

Version 3.23 deprecates OAuth entirely in favor of pay-as-you-go billing with a plain API key. The old OAuth token will stop working in a future release, so rotate it now even if yours still works today.

Generate a Qwen API key from the Alibaba Cloud console (DashScope → API-KEY → Create), then:

openclaw config unset qwen.oauthToken
openclaw config set qwen.apiKey YOUR_KEY

Usage shows up in the OpenClaw dashboard under the Qwen tab, and Alibaba bills you per token — same model as OpenAI and Anthropic. No redirects, no browser popups, no regional lockout.

If you see QwenAuthError: oauth_deprecated after upgrading, you missed the first command above. Run the unset and retry.

Change #3: Let OpenRouter auto-pricing take over

OpenRouter support got two improvements this release.

Auto-pricing. OpenClaw now pulls live pricing from the OpenRouter API instead of relying on a bundled JSON file. New models show correct per-token costs immediately, without waiting for an OpenClaw release. If you were maintaining a local price override block, delete it:

openclaw config unset openrouter.priceOverrides

Anthropic thinking token order. In 3.22 and earlier, routing an Anthropic model through OpenRouter sometimes streamed reasoning tokens after the final answer instead of before it. Chain-of-thought output rendered in the wrong order, which broke any downstream parser looking for <thinking> blocks. Version 3.23 corrects the token ordering. No config change needed — the fix applies automatically.

If you had written parser workarounds that assumed the buggy order, they will now double-parse. Remove them.

Free fixes you get just for upgrading

These require no config change. Upgrade and they work.

Chrome MCP tab waiting. The MCP server previously sent commands to newly-opened tabs before the tab finished loading. Automation scripts worked around it with sleep 2 between open-tab and first-command. Version 3.23 adds a tab-readiness check. Remove the sleeps — they are now dead weight.

openclaw browser --attach --devtools-port=9222

Attach workflow unchanged. Only internal timing changed.

Discord long-reply truncation. Replies over 2000 characters were being silently cut off. 3.23 auto-splits into multiple messages so the full response arrives.

Slack thread leakage. When a user edited the original message, bot replies sometimes appeared in the main channel instead of the thread. The threading metadata is now preserved across edits.

Matrix Synapse 1.100+ joins. The room-join handshake was broken against Synapse 1.100 and newer. 3.23 completes the handshake correctly. If you hit this, the error message was M_FORBIDDEN: unrecognised request — that is gone.

Web UI session timeout. The default logged users out after 15 minutes of inactivity, which made the Web UI nearly unusable as a persistent chat surface. Default is now 60 minutes. If you want a different value:

openclaw config set webui.sessionTimeoutMinutes 120

Web UI syntax highlighting. Code blocks were losing highlighting after page navigation (client-side router not re-running Shiki). Fixed.

Should you upgrade?

Short answer: yes, unless you are on a mission-critical pinned version.

• DeepSeek users — yes, the built-in plugin handles rate limits the community version didn’t.
• Qwen users — yes, the OAuth flow is deprecated and will stop working.
• OpenRouter users — yes, auto-pricing alone is worth it.
• Discord / Slack / Matrix / Web UI operators — yes, the stability patches address daily-use bugs.
• Browser automation users — yes, Chrome MCP tab waiting removes an entire class of flaky-test issues.
• Stable 3.13 setups without any of the above — you can defer, but not forever. The next release will drop Qwen OAuth, and you will need to upgrade then anyway.

Questions or issues?

If something broke during upgrade, the troubleshooting guide covers the top 20 errors with exact fixes. For live help, Book a Call — we read every message and typically reply within a day.