OpenClaw Codex OAuth Says "DNS Lookup Failed" — But It's Not DNS
You set up OpenClaw with a ChatGPT Pro subscription, authenticated via Codex OAuth, and everything looks right — valid tokens with 9 days left, proper plan type. Then you send a message and get:
⚠️ DNS lookup for the provider endpoint failed. Check your network connection.You spend an hour checking DNS. Flushing caches. Checking /etc/resolv.conf. Nothing fixes it. That's because it's not DNS.
The Real Cause
OpenClaw 2026.4.14 sends malformed requests to the Codex OAuth endpoint (https://chatgpt.com/backend-api/codex/responses). The endpoint requires store: false and stream: true for ChatGPT subscription OAuth tokens. But OpenClaw's Codex plugin forces store: true — inherited from the server-side compaction behavior enabled by default for OpenAI providers.
The request fails with HTTP 400. After retries and backoff, Cloudflare's edge returns an HTML rate-limit page. OpenClaw's error classifier can't parse the HTML, and falls through to "DNS lookup failed" — a completely misleading error for a request-format problem.
The Documented Escape Hatch Doesn't Work
The OpenClaw docs mention supportsStore: false as a model-level config option to disable the store flag. In 2026.4.14, the config schema validator rejects it:
Error: Config validation failed: models.providers.openai-codex.models.0:
Unrecognized key: "supportsStore"Setting responsesServerCompaction: false in model params also doesn't resolve the issue in this version.
Workarounds
Option 1: Roll Back to 2026.4.13
The malformed request regression was introduced in 2026.4.14. Rolling back resolves it:
npm install -g openclaw@2026.4.13
openclaw gateway restartOption 2: Switch to API Key Auth (Bypass OAuth)
If you have an OpenAI API key, you can bypass Codex OAuth entirely and use the standard openai provider instead:
openclaw configure
# Select: openai (not openai-codex)
# Enter your API key when prompted
openclaw gateway restartYou lose the "included in Pro subscription" billing but regain functionality immediately.
Option 3: Use a Different Provider Temporarily
Anthropic Claude or Gemini providers are unaffected. If you have API keys for those, switching temporarily keeps you productive while waiting for a patch:
openclaw configure
# Select: anthropic
# Enter Claude API keyOption 4: Wait for 2026.4.15 Stable
This is flagged in the issue tracker. The fix requires the Codex plugin to honor store: false / stream: true for OAuth token types, and the schema validator to accept supportsStore as a valid key. Track progress at issue #67740.
How to Confirm This Is Your Problem
# Check your OpenClaw version
openclaw --version
# Check your provider config
openclaw config show | grep -A5 "openai-codex"
# Test the endpoint directly with your token
curl -X POST https://chatgpt.com/backend-api/codex/responses \
-H "Authorization: Bearer YOUR_OAUTH_TOKEN" \
-H "Content-Type: application/json" \
-d '{"model":"gpt-5.4","input":"hi","stream":true,"store":false}'
# If this returns valid JSON → it's the store:true bug in OpenClaw, not DNS
Bottom Line
The "DNS lookup failed" message in 2026.4.14 is a false label on what's actually an API request format error. Don't chase DNS. Roll back to 2026.4.13 or switch providers until the patch ships.
If you need help reconfiguring your OpenClaw setup around this bug — or setting up a fallback provider — ClawReady can get you back online fast.