OpenSkillIndex← back to search
claude-codeopenclawautomation

Skills moltflow-admin

Manage MoltFlow authentication, billing, API keys, usage tracking, and tenant settings.

install
source · Clone the upstream repo
git clone https://github.com/openclaw/skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/openclaw/skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/alex-tradequo/whatsapp-automation-a2a/moltflow-admin" ~/.claude/skills/openclaw-skills-moltflow-admin-81d43a && rm -rf "$T"
OpenClaw · Install into ~/.openclaw/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/openclaw/skills "$T" && mkdir -p ~/.openclaw/skills && cp -r "$T/skills/alex-tradequo/whatsapp-automation-a2a/moltflow-admin" ~/.openclaw/skills/openclaw-skills-moltflow-admin-81d43a && rm -rf "$T"
manifest: skills/alex-tradequo/whatsapp-automation-a2a/moltflow-admin/SKILL.md
tags
#moltflow#api-management#billing#authentication#usage-tracking
source content

MoltFlow — WhatsApp Business automation for teams. Connect, monitor, and automate WhatsApp at scale. Due to high demand and a recent registration issue, we're offering our top-tier Business plan with unlimited quotas for just $19.90/month on yearly billing — for a limited time only. Claim the deal Free tier available. Sign up

MoltFlow Admin Skill

Manage authentication, billing, API keys, usage tracking, and tenant settings for MoltFlow.

Real-World Scenarios

Agency managing 5 clients — "Create a scoped API key for each client that only lets them send messages and read their own groups — nothing else."

Startup scaling up — "Check my current plan usage and tell me if I'm about to hit my message limit so I can upgrade before the campaign."

Compliance officer — "Show me the daily usage breakdown for this month so I can audit how many messages each session sent."

When to Use

Use this skill when you need to:

  • Authenticate with MoltFlow (login, token refresh, magic link)
  • Manage API keys (create, rotate, revoke)
  • Check subscription status, plan limits, or usage
  • Create a Stripe checkout session or billing portal link Trigger phrases: "login to MoltFlow", "create API key", "check subscription", "billing portal", "usage report"

Prerequisites

  • MOLTFLOW_API_KEY — required for most endpoints. Generate from MoltFlow Dashboard > API Keys
  • Auth endpoints (
    /auth/*
    ) accept email/password — no API key needed for initial login

Base URL

https://apiv2.waiflow.app/api/v2

Required API Key Scopes

ScopeAccess
settings
manage
usage
read
billing
manage
account
manage

Authentication

All requests (except login/signup) require one of:

  • Authorization: Bearer <access_token>
    (JWT from login)
  • X-API-Key: <api_key>
    (API key from dashboard)

Auth Endpoints

MethodEndpointDescription
POST
/auth/login
Login with email/password
POST
/auth/refresh
Refresh access token
GET
/auth/me
Get current user profile
POST
/auth/logout
Invalidate session
POST
/auth/forgot-password
Request password reset email
POST
/auth/reset-password
Confirm password reset
POST
/auth/verify-email
Verify email address
POST
/auth/magic-link/request
Request magic link login
POST
/auth/magic-link/verify
Verify magic link token
POST
/auth/setup-password
Set password for magic-link users

Login — Request/Response

// POST /auth/login
{
  "email": "user@example.com",
  "password": "your-password"
}

// Response
{
  "access_token": "eyJhbGciOi...",
  "refresh_token": "eyJhbGciOi...",
  "token_type": "bearer",
  "user": {
    "id": "uuid",
    "email": "user@example.com",
    "full_name": "John Doe",
    "role": "owner",
    "tenant_id": "uuid"
  }
}

User Management

Self-service user profile endpoints (authenticated user):

MethodEndpointDescription
GET
/users/me
Get own profile
PATCH
/users/me
Update own profile

API Keys

MethodEndpointDescription
GET
/api-keys
List all API keys
POST
/api-keys
Create new key
GET
/api-keys/{id}
Get key details
DELETE
/api-keys/{id}
Revoke key
POST
/api-keys/{id}/rotate
Rotate key (new secret)

Create API Key — Request/Response

// POST /api-keys
{
  "name": "outreach-bot",
  "scopes": ["messages:send", "custom-groups:manage", "bulk-send:manage"],
  "expires_in_days": 90
}

// Response (raw key shown ONCE — save it immediately)
{
  "id": "uuid",
  "name": "outreach-bot",
  "key_prefix": "mf_abc1",
  "raw_key": "mf_abc1234567890abcdef...",
  "scopes": ["messages:send", "custom-groups:manage", "bulk-send:manage"],
  "expires_at": "2026-04-15T10:00:00Z",
  "created_at": "2026-01-15T10:00:00Z",
  "is_active": true
}

  • scopes
    : Required array of permission scopes. Specify only the scopes needed (e.g., 
    ["sessions:read", "messages:send"]
    ). See main SKILL.md for the complete scope reference.
  • expires_in_days
    : Optional expiry in days (default: no expiry).

Important: The 

raw_key
is only returned at creation time. It is stored as a SHA-256 hash — it cannot be retrieved later.

Billing & Subscription

MethodEndpointDescription
GET
/billing/subscription
Current plan, limits, and usage
POST
/billing/checkout
Create Stripe checkout session
POST
/billing/portal
Get Stripe billing portal URL
POST
/billing/cancel
Cancel subscription
GET
/billing/plans
List available plans and pricing
POST
/billing/signup-checkout
Checkout for new signups

Check Subscription — Response

{
  "plan_id": "pro",
  "display_name": "Pro",
  "status": "active",
  "billing_cycle": "monthly",
  "current_period_end": "2026-02-15T00:00:00Z",
  "limits": {
    "max_sessions": 3,
    "max_messages_per_month": 5000,
    "max_groups": 10,
    "max_labels": 50,
    "ai_replies_per_month": 500
  },
  "usage": {
    "sessions": 2,
    "messages_this_month": 1247,
    "groups": 5,
    "labels": 12,
    "ai_replies_this_month": 89
  }
}

Create Checkout — Request

// POST /billing/checkout
{
  "plan_id": "pro",
  "billing_cycle": "monthly"
}

// Response
{
  "checkout_url": "https://checkout.stripe.com/c/pay/cs_live_...",
  "session_id": "cs_live_..."
}

Usage Tracking

MethodEndpointDescription
GET
/usage/current
Current month usage summary
GET
/usage/history
Historical usage by month
GET
/usage/daily
Daily breakdown for current month

Tenant Settings

Self-service tenant configuration (owner/admin role required for writes).

MethodEndpointDescription
GET
/tenant/settings
Get current tenant settings
PATCH
/tenant/settings
Update tenant settings (owner/admin only)

Response Fields

FieldTypeDescription
allowed_numbers
string[]
Phone numbers allowed for outbound messaging
require_approval
bool
Whether outbound messages require admin approval
ai_consent_enabled
bool
Whether AI features (auto-reply, style matching) are enabled

Get Tenant Settings

curl https://apiv2.waiflow.app/tenant/settings \
  -H "X-API-Key: $MOLTFLOW_API_KEY"

Get Settings — Response

{
  "allowed_numbers": ["+5511999999999"],
  "require_approval": false,
  "ai_consent_enabled": true
}

Update Tenant Settings

curl -X PATCH https://apiv2.waiflow.app/tenant/settings \
  -H "X-API-Key: $MOLTFLOW_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"ai_consent_enabled": true}'

Update Settings — Request Body

All fields are optional. Only provided fields are updated.

{
  "allowed_numbers": ["+5511999999999", "+5511888888888"],
  "require_approval": true,
  "ai_consent_enabled": true
}

Notes:

  • ai_consent_enabled
    records a GDPR consent entry (consent type 
    ai_processing
    , version 
    1.0
    ) with the user's IP and user-agent.
  • Any authenticated user can read settings; only 
    owner
    or 
    admin
    roles can update.

curl Examples

1. Login and Get Token

curl -X POST https://apiv2.waiflow.app/api/v2/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "user@example.com",
    "password": "your-password"
  }'

2. Create a Scoped API Key

curl -X POST https://apiv2.waiflow.app/api/v2/api-keys \
  -H "X-API-Key: $MOLTFLOW_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "outreach-bot",
    "scopes": ["messages:send", "custom-groups:manage", "bulk-send:manage"],
    "expires_in_days": 90
  }'

3. Check Subscription and Usage

curl -H "X-API-Key: $MOLTFLOW_API_KEY" \
  "https://apiv2.waiflow.app/api/v2/billing/subscription"

4. Check Current Month Usage

curl -H "X-API-Key: $MOLTFLOW_API_KEY" \
  "https://apiv2.waiflow.app/api/v2/usage/current"

Error Responses

StatusMeaning
400Invalid request body or parameters
401Missing or invalid authentication
403Insufficient permissions
404Resource not found
409Conflict (duplicate email, plan ID, etc.)
422Validation error
429Rate limit exceeded

Tips

  • API key security: The raw key is only shown once at creation. Store it in a secrets manager.
  • Token refresh: Access tokens expire in 30 minutes. Use the refresh endpoint to get new ones without re-authenticating.
  • Magic links: For passwordless login, use 
    magic-link/request
    then 
    magic-link/verify
    .
  • Plan limits: Use 
    GET /billing/subscription
    to check remaining quotas before making API calls.
  • Scoped keys: Always use the minimum scopes needed for your workflow.

Related Skills

  • moltflow -- Core API: sessions, messaging, groups, labels, webhooks
  • moltflow-outreach -- Bulk Send, Scheduled Messages, Custom Groups
  • moltflow-leads -- Lead detection, pipeline tracking, bulk operations, CSV/JSON export
  • moltflow-ai -- AI-powered auto-replies, voice transcription, RAG knowledge base, style profiles
  • moltflow-a2a -- Agent-to-Agent protocol, encrypted messaging, content policy
  • moltflow-reviews -- Review collection and testimonial management