OpenClaw Mobile Nodes in June 2026: Android Pairing, iPhone Push Relay, and What Native Actually Means

Updated June 12, 2026.

If you are searching for the OpenClaw iPhone app, the OpenClaw Android app, or what OpenClaw actually supports natively on Windows, the official documentation now gives a much clearer answer than it did a few weeks ago. The short version is this: OpenClaw still centers everything on a Gateway, but Windows Hub, Android, iPhone, and the browser-based Control UI now cover different parts of the operator surface in distinct ways.

That distinction matters because a lot of operator confusion comes from assuming every native app is a full host. In the current docs, that is not how the platform is described. Nodes are companions. The Gateway remains the control plane. And the practical setup choice depends on whether you want a native desktop surface, a mobile companion, or a remotely reachable browser UI.

1. The key architecture line: nodes are not gateways

The most important current-state detail sits in the official Nodes documentation. OpenClaw defines a node as a companion device that connects to the Gateway over the same WebSocket port used by operators. In other words, a node exposes capabilities to the Gateway, but it does not replace the Gateway itself.

That is why the docs explicitly separate mobile nodes from the main runtime. Telegram, WhatsApp, Slack, Microsoft Teams, and other message traffic still lands on the Gateway. Pairing, approval, and policy still run through the Gateway. If you are deploying OpenClaw for a team, that means your first operational question is still: where does the Gateway live, and how is it secured?

This also explains why OpenClaw’s native surfaces are best read as access layers, not independent agent hosts. Windows Hub can expose desktop-native capabilities. Android and iPhone can expose mobile-native capabilities. Control UI can expose a browser-native operator view. But the Gateway is still the single source of truth for sessions, routing, and connections.

2. Windows Hub is native, but its setup path still tells you how the system is designed

The official OpenClaw homepage now lists companion apps in beta and explicitly calls out Windows Hub for Windows 10 20H2+ and Windows 11. The Windows docs say Windows Hub is the native WinUI companion app, with tray status, setup, chat, diagnostics, Windows node mode, and local MCP server mode.

What matters operationally is the first-launch flow. The Windows docs say the fastest local setup path provisions an app-owned OpenClawGateway WSL distro, installs the Gateway there, and then pairs the app. That means “native Windows support” is real, but it does not erase the Gateway model. Even on Windows, OpenClaw still wants a stable host runtime underneath the operator surface.

The same page also clarifies what Windows-native capability actually means today. Windows Hub can register as a first-class node and expose canvas, screen, camera, notification, location, device status, text-to-speech, speech-to-text, and controlled system.run access through the Gateway. It can also expose those Windows-native capabilities as a loopback MCP server for local tools like Claude Desktop, Claude Code, and Cursor. That is a meaningful native integration story, but it is still paired, policy-gated, and Gateway-aware.

If you want the broader Windows context, we already covered the desktop side in our Windows local MCP guide and our remote access guide. The newer point is that Windows is now best understood as one native surface among several, not as the whole architecture.

3. Android is an official app, but it is a companion node and remote access must be secure

The current Android app documentation is unusually direct. It says the official Android app is available on Google Play, that it is a companion node, and that it requires a running OpenClaw Gateway. The docs also say Android does not host the Gateway. That is exactly the kind of detail operators need when planning mobile access.

The remote-connect story is where the docs have become more concrete. For Tailscale or public hosts, Android requires a secure endpoint. The recommended path is Tailscale Serve or Funnel with https:// and wss:// addresses. A raw tailnet IP with plain ws:// is not positioned as the right first-time remote mobile pairing path. That is a useful correction for anyone trying to bolt mobile access onto a half-hardened lab setup.

In practice, that means Android is a strong fit when you want mobile node capabilities but already have a stable Gateway host on macOS, Linux, or Windows via WSL2. It is a weaker fit if you were hoping the phone itself would become the main host. The docs do not describe Android that way.

4. The iPhone app is real, and the relay-backed push model is one of the most important current implementation details

The iOS app documentation confirms that iPhone builds are distributed through Apple channels when enabled for a release, and that the app exposes node capabilities including Canvas, screen snapshot, camera capture, location, talk mode, and voice wake. Like Android, it still requires a Gateway running on another device.

The more interesting detail is the push model. The current docs say official and TestFlight iOS builds use a hosted relay at https://ios-push-relay.openclaw.ai by default instead of publishing the raw APNs token to the Gateway. The docs also describe why: production APNs credentials stay out of user gateways, raw official-build APNs tokens stay off the gateway, and one gateway cannot reuse another gateway’s relay-backed registration.

That is not just implementation trivia. It changes how teams should think about trust boundaries. If you are using official iPhone builds, the hosted relay is part of the supported path. If you are testing local or manual iOS builds, the docs say you move back to direct APNs credentials on the gateway host. For enterprise operators, that is the line between “supported mobile convenience layer” and “you are now running more of the push stack yourself.”

The pairing model also stays strict. The iOS docs say first-time node auto-approval is disabled by default, and only tightly controlled CIDR-based opt-in can relax fresh node pairing. Role changes, scope changes, metadata changes, and public-key changes still require manual approval. That is consistent with the broader pairing model documented for nodes and Control UI.

5. Control UI is still the universal operator fallback

The Control UI documentation matters here because it shows the browser surface is still the universal baseline. It runs from the Gateway on port 18789, connects over the same WebSocket stack, and uses the same device-pairing flow for new browsers and devices.

That matters for two reasons. First, it means mobile-native surfaces do not replace the browser surface; they complement it. Second, it means the safest way to think about OpenClaw operations is still “one Gateway, several approved operator and node surfaces.” If a native app is not available on a device, Control UI is usually the fallback. If a native app is available, it adds local capabilities that the browser does not own as cleanly.

That is also why the official docs keep pointing back to approval flows. The browser UI, Windows Hub, and mobile nodes all eventually feed into the same pairing and policy decisions. If you are exposing OpenClaw beyond localhost, you are not really solving the problem until you solve auth, pairing hygiene, and transport security.

6. What to deploy in June 2026

Based on the current official docs, here is the practical split:

  • Use Windows Hub when you want a native Windows tray app, desktop chat, diagnostics, node mode, or local MCP mode.
  • Use Control UI when you need the most universal operator surface and a predictable browser workflow.
  • Use Android when you want a mobile companion node and you already have a properly hosted Gateway with secure remote transport.
  • Use iPhone when you want mobile node capabilities plus the official relay-backed push path for distributed Apple builds.
  • Keep the Gateway on a real host because the docs still define nodes as peripherals, not as message-hosting replacements.

If you are earlier in the setup process, our setup guide covers safer operator patterns, and our Telegram guide covers one of the fastest practical chat surfaces once the Gateway is live.

7. Where the business opportunity is

The monetizable pattern here is not “install one more app.” It is packaging the whole operator stack for people who want OpenClaw on their actual devices without breaking trust boundaries. That includes Windows Hub onboarding, WSL2 Gateway setup, Tailscale Serve or equivalent secure mobile exposure, node pairing policy, and written runbooks for non-technical users.

If you sell OpenClaw services, that is a cleaner offer than generic “AI automation consulting.” You can scope native-surface rollout, remote-access hardening, and mobile-node policy as a concrete deployment package. If you need help building that stack, see Specialized Digital Services or use the contact page to plan a rollout.

Sources and verification