> ## Documentation Index > Fetch the complete documentation index at: https://docs.openclaw.kr/llms.txt > Use this file to discover all available pages before exploring further. # qr # `openclaw qr` Generate an iOS pairing QR and setup code from your current Gateway configuration. ## Usage ```bash theme={"theme":{"light":"min-light","dark":"min-dark"}} openclaw qr openclaw qr --setup-code-only openclaw qr --json openclaw qr --remote openclaw qr --url wss://gateway.example/ws ``` ## Options * `--remote`: use `gateway.remote.url` plus remote token/password from config * `--url `: override gateway URL used in payload * `--public-url `: override public URL used in payload * `--token `: override which gateway token the bootstrap flow authenticates against * `--password `: override which gateway password the bootstrap flow authenticates against * `--setup-code-only`: print only setup code * `--no-ascii`: skip ASCII QR rendering * `--json`: emit JSON (`setupCode`, `gatewayUrl`, `auth`, `urlSource`) ## Notes * `--token` and `--password` are mutually exclusive. * The setup code itself now carries an opaque short-lived `bootstrapToken`, not the shared gateway token/password. * With `--remote`, if effectively active remote credentials are configured as SecretRefs and you do not pass `--token` or `--password`, the command resolves them from the active gateway snapshot. If gateway is unavailable, the command fails fast. * Without `--remote`, local gateway auth SecretRefs are resolved when no CLI auth override is passed: * `gateway.auth.token` resolves when token auth can win (explicit `gateway.auth.mode="token"` or inferred mode where no password source wins). * `gateway.auth.password` resolves when password auth can win (explicit `gateway.auth.mode="password"` or inferred mode with no winning token from auth/env). * If both `gateway.auth.token` and `gateway.auth.password` are configured (including SecretRefs) and `gateway.auth.mode` is unset, setup-code resolution fails until mode is set explicitly. * Gateway version skew note: this command path requires a gateway that supports `secrets.resolve`; older gateways return an unknown-method error. * After scanning, approve device pairing with: * `openclaw devices list` * `openclaw devices approve `