GitHubBlog

Search Documentation

Search for a page in the docs

Configuration Reference

All configuration lives in ~/.openalice/data/config/ as JSON files (the user-data home; OPENALICE_HOME overrides the root, Docker mounts a volume there). Missing files are auto-created with defaults on startup. Config files support hot-reload — changes take effect on the next request without restart. The one exception is accounts.json, which is sealed (encrypted at rest) and managed through the Web UI rather than hand-edited.

This page is a reference, not the recommended first-run path. For normal setup:

  • Use the browser settings and setup wizards as the main configuration surface.
  • Add model credentials through the AI Provider page.
  • Add broker accounts through the Trading page wizard.
  • Use Settings for hot-reloaded config where the UI exposes an editor.
  • Edit JSON directly only when you need a field the UI does not expose yet.

The files fall into three buckets:

BucketFilesHow to change them
UI-managed secretsai-provider-manager.json, accounts.jsonUse the Web UI; accounts.json is sealed
Hot-reloaded configagent.json, market-data.json, trading.json, news.json, tools.json, webhook.jsonUI Settings or direct JSON edit
Startup / boundary configports.json, auth.json, mcp.json fallbackEdit, then restart when noted

ai-provider-manager.json

The credential vault — api-key credentials injected into workspaces. As of 0.40 there's no in-process model loop, so this file holds no backends or active-profile pointer; just a map of slug → credential. Edit it through the Web UI's AI Provider page rather than by hand.

FieldTypeDefaultDescription
credentialsRecord<string, Credential>{}Saved credentials, keyed by an arbitrary slug
workspaceCredentialDefaultsRecord<agentId, { credentialSlug, model? }>{}Credential/model seeded into each new workspace for that agent
workspaceDefaultAgentstring | nullnullDefault runtime for new interactive workspace sessions; shell is not stored as a default
issueDefaultAgentstring | nullnullSeparate default runtime for issue-triggered headless work

Each Credential:

FieldTypeDescription
vendorenumanthropic / openai / google / minimax / glm / kimi / deepseek / longcat / custom
labelstringOptional human-readable name; the map key remains the stable slug
authType"api-key" | "subscription"api-key stores the key here; subscription defers to the CLI's own login
apiKeystringThe secret (present for api-key)
wiresRecord<WireShape, string>Map of wire shape (anthropic / openai-chat / openai-responses) → endpoint URL. One key can declare several
lastModelstringLast model selected with this credential; used as the next workspace/quick-chat default

Credentials are deduplicated by { vendor, authType, apiKey } — re-saving the same key upgrades its wires in place. See AI Providers for the full model.

accounts.json

UTA (Unified Trading Account) definitions. Array of UTA objects, preset-driven — you pick a presetId from the broker preset catalog and fill presetConfig with the values that preset's Zod schema requires.

Sealed at rest. Unlike every other config file, accounts.json is encrypted (AES-256-GCM) under a machine-bound key at ~/.openalice/sealing.key, so broker credentials never sit on disk in plaintext. That means it's UI-managed, not hand-edited — add and edit accounts through the Web UI's account form. The fields below describe the logical shape the UI writes. See Data & Credentials.

FieldTypeDefaultDescription
idstringUnique UTA identifier; used as the aliceId prefix
labelstringDisplay name (optional, defaults to id)
presetIdstringOne of the catalog ids: binance, okx, bybit, hyperliquid, bitget, ccxt-custom, alpaca, ibkr-tws, longbridge, leverup-monad, mock-simulator
enabledbooleantrueWhether to load this UTA on startup
guardsarray[]Optional advanced push-time middleware configs: [{ type, options }]
presetConfigobject{}User-supplied form values, validated against the chosen preset's own Zod schema
ephemeralbooleanTest/throwaway UTA — purged at every startup (~/.openalice/data/trading/<id>/ wiped). Only allowed on mock-simulator; setting it on a real broker would destroy account history at next boot.
keylessbooleanfalsePublic-data only, no API key. Serves K-lines/quotes but refuses orders; excluded from portfolio equity. Implies readOnly.
readOnlybooleanfalseWatch-only — orders refused. Can also be set on a keyed account
editablebooleantrueWhether the UI can modify/remove it (the built-in data UTAs are non-editable)

Optional keyless data UTAs. trading.json can enable Binance, OKX, and Bybit public-data sources. Enabled entries are materialized at UTA startup as binance-readonly / okx-readonly / bybit-readonly; they are code-defined, not written to sealed accounts.json. The default list is empty. See Keyless Data Accounts.

The presetConfig shape varies by preset:

PresetRequired presetConfig fields
binancemode (live | demo), apiKey, secret
okxmode (live | demo), apiKey, secret, password
bybitmode (live | testnet | demo), apiKey, secret
hyperliquidmode (live | testnet), walletAddress, privateKey
bitgetmode (live | demo), apiKey, secret, password
ccxt-customexchange; optional sandbox, demoTrading, apiKey, secret, password, uid, walletAddress, privateKey
alpacamode (paper | live), apiKey, apiSecret
ibkr-twsoptional host (default 127.0.0.1), port (default 7497), clientId (default 0), accountId
longbridgemode (live | paper), appKey, appSecret, accessToken
leverup-monadmode (live | testnet), privateKey
mock-simulatorcash (starting USD, default 100000) — in-memory simulator, testing only

Manage trading accounts through the Web UI wizard when possible; the file is sealed at rest and not meant to be hand-edited for ordinary setup. See Trading Setup.

engine.json

Core engine settings.

FieldTypeDefaultDescription
pairsstring[]["BTC/USD", "ETH/USD", "SOL/USD"]Default trading pairs
intervalnumber5000Tick loop interval (ms)
portnumber3000Legacy port setting

agent.json

AI agent behavior.

FieldTypeDefaultDescription
maxStepsnumber20Max tool-call steps per run
allowAiTradingbooleanfalseWhether agent tradingPush may dispatch committed operations directly. Keep false for manual Web UI approval; only effective with Pro trading capability.
claudeCode.disallowedToolsstring[](see below)Tools blocked in the workspace Claude Code CLI
claudeCode.maxTurnsnumber20Max conversation turns for a headless Claude run

Default disallowed tools: Task, TaskOutput, AskUserQuestion, TodoWrite, NotebookEdit, Skill, EnterPlanMode, ExitPlanMode, mcp__claude_ai_Figma__*

ports.json

The four service ports, read by the Guardian supervisor before it spawns the processes. This is the authoritative place to change ports.

FieldTypeDefaultDescription
webnumber47331Alice backend / Web UI + API
mcpnumber47332MCP server (served at /mcp, loopback only)
utanumber47333UTA service (loopback only)
uinumber5173Vite dev server (dev only)

Precedence per port: an env override (OPENALICE_WEB_PORT, OPENALICE_MCP_PORT, OPENALICE_UTA_PORT, OPENALICE_UI_PORT) wins over ports.json, which wins over the defaults. Defaults probe upward if taken; an explicitly-set port that's in use fails loudly instead.

connectors.json

Bind config for the running Alice process (hot-reloaded). Ports themselves come from ports.json / env above; connectors.json carries the rest.

FieldTypeDefaultDescription
web.portnumber3002Legacy fallback only — ports.json / OPENALICE_WEB_PORT (47331) take precedence.

mcp.json

MCP server configuration — exposes the ToolCenter to external MCP clients and the workspace CLIs. The listener is always bound to loopback and never honors OPENALICE_BIND_HOST (it carries the full, unauthenticated tool surface). See MCP & CLI Access.

FieldTypeDefaultDescription
portnumber3001Legacy fallback only — ports.json / OPENALICE_MCP_PORT (47332) take precedence.

auth.json

The admin-token gate for the web boundary. Generated on first boot; the token is printed once to stdout and stored only as a scrypt hash. Rotate by deleting this file and restarting. See Data & Credentials.

FieldTypeDescription
versionnumberRecord version (1)
schemestringAlways "scrypt"
saltstringbase64 salt fed to scrypt
hashstringbase64 scrypt digest of the admin token (never the plaintext)
paramsobjectscrypt cost params { N, r, p, keyLen }
createdAtstringISO timestamp of first generation
lastRotatedAtstringISO timestamp of the last rotation

Loopback requests bypass the gate entirely (zero-friction dev); set OPENALICE_TRUSTED_PROXIES for reverse-proxy setups or OPENALICE_DISABLE_AUTH=1 to opt out.

crypto.json

Legacy global crypto provider. New installs typically leave this as { "provider": { "type": "none" } } and use accounts.json per-account presetConfig instead. Kept for backwards compatibility.

FieldTypeDefaultDescription
providerdiscriminated union{ type: "none" }{ type: "ccxt", exchange, apiKey?, apiSecret?, password?, sandbox?, demoTrading?, options? } or { type: "none" }
guardsarray[]Legacy global guard middleware (rarely used)

securities.json

Legacy global securities provider. Same deprecation story as crypto.json — prefer per-account config.

FieldTypeDefaultDescription
providerdiscriminated union{ type: "none" }{ type: "alpaca", apiKey?, secretKey?, paper? } or { type: "none" }
guardsarray[]Legacy global guard middleware

market-data.json

Market data settings. The data engine runs in-process through the SDK — the external openbb-api backend was removed, so there's no sidecar to configure. See the Data Hub page for the resolution model.

FieldTypeDefaultDescription
hub.enabledbooleantrueUse the hosted Data Hub for low-frequency data (zero-key). false = bring-your-own-keys only
hub.baseUrlstring"https://traderhub.openalice.ai"Hub endpoint; point at a self-hosted relay to keep the zero-key model on your own infra
providers.equitystring"yfinance"Default equity data provider (fallback path)
providers.cryptostring"yfinance"Default crypto data provider
providers.currencystring"yfinance"Default currency data provider
providers.commoditystring"yfinance"Default commodity data provider
providerKeysobject{}Per-install vendor keys: fred, fmp, eia, bls, nasdaq, tradingeconomics, econdb, intrinio, benzinga, tiingo, biztoc. Merge local-wins with the global provider-keys.json

provider-keys.json

User-global data-vendor keys at the ~/.openalice root (above data/), shared across every checkout and the desktop app on this machine. The location is overridable via OPENALICE_GLOBAL_DIR (default ~/.openalice/provider-keys.json) — resolved off the real home directory independently of OPENALICE_HOME, so it stays global even when OPENALICE_HOME=$PWD pins data/ to a checkout. Same key set as market-data.jsonproviderKeys; the per-install file overrides this one key-by-key. Missing FRED / EIA / BLS keys route through the Hub's keyed proxy automatically. See Data Hub — provider keys.

trading.json

Trading-engine knobs.

FieldTypeDefaultDescription
mode"lite" | "readonly" | "pro"autoGlobal UTA capability. Auto chooses Pro when saved UTA accounts exist, otherwise Lite. OPENALICE_TRADING_MODE wins and locks the UI.
observeExternalOrdersEverystring"15m"How often to scan the broker for orders placed outside OpenAlice and record them as [observed] commits. off disables; 1m / 5m / 10m / 15m otherwise. See Orders & Execution
keylessDataSources("binance" | "okx" | "bybit")[][]Opt-in public crypto K-line sources materialized as read-only data UTAs at UTA startup

Use Settings → Agent Permissions for mode and the Trading page for public data-source toggles. Those UI flows coordinate the UTA stop/start needed for a runtime change; direct JSON edits do not provide that feedback.

news.json

News collector settings.

FieldTypeDefaultDescription
enabledbooleantrueMaster switch
intervalMinutesnumber10Fetch interval
maxInMemorynumber2000Max items in memory buffer
retentionDaysnumber7Items older than this not loaded on startup
feedsarray(8 default feeds)RSS/Atom feed definitions

Default feeds: Federal Reserve Press, ECB Press, MarketWatch Top Stories, WSJ Markets, CNBC Economy, Nikkei Asia, SCMP Business, CoinDesk.

snapshot.json

Account snapshot settings.

FieldTypeDefaultDescription
enabledbooleantrueEnable scheduled snapshots
everystring"15m"Snapshot interval

compaction.json

Context window management.

FieldTypeDefaultDescription
maxContextTokensnumber200000Context window size
maxOutputTokensnumber20000Max output tokens
autoCompactBuffernumber13000Buffer before triggering compaction
microcompactKeepRecentnumber3Recent entries to keep during micro-compaction

tools.json

Tool enable/disable.

FieldTypeDefaultDescription
disabledstring[][]Tool names to disable globally

web-subchannels.json

Web UI sub-channel definitions. Array of channel objects. This is an advanced config file for specialized chat surfaces; most installs never need to edit it directly.

FieldTypeDefaultDescription
idstringURL-safe identifier (lowercase alphanumeric with - / _)
labelstringDisplay name
systemPromptstringSystem prompt override for this channel
disabledToolsstring[]Additional tool names to disable on top of the global tools.disabled list

Persona overlay

Alice's persona is a Markdown file that the engine prepends to the system prompt on every generation. It defines her identity and speaking style.

The persona uses a two-tier default + user override pattern:

Default (git-tracked)User override (gitignored)
default/persona.default.mddata/brain/persona.md

On first run, the default is auto-copied to the override path. Edit the user file to customize without touching version control — updates to the default won't overwrite your customizations. The persona is composed into each workspace's instruction file (CLAUDE.md + AGENTS.md) at create time; the Web UI's settings panel exposes an editor that writes to the same file.

Next Steps