Monzo Banking Skill

Access your Monzo bank account to check balances, view transactions, manage savings pots, and send notifications to your Monzo app.

Prerequisites

Before setting up this skill, you need:

• - A Monzo account (UK personal, joint, or business account)
• The Monzo app installed on your phone (for SCA approval)
• OpenClaw running with workspace access
• Standard tools: curl, jq, openssl, bc (pre-installed on most Linux systems)

Quick Start (TL;DR)

CODEBLOCK0

Detailed Setup Guide

Step 1: Set the Encryption Password

The MONZO_KEYRING_PASSWORD environment variable is used to encrypt your Monzo credentials at rest. Choose a strong, unique password and don't lose it — you'll need it if you ever move or restore the skill.

There are several ways to provide this variable. Choose whichever fits your setup:

Option A: OpenClaw skill config (simplest)

Add to your OpenClaw config (e.g. openclaw.json):

CODEBLOCK1

Then restart: INLINECODE6

Note: This stores the password in plaintext in the config file. Ensure the file has restrictive permissions (chmod 600) and is not checked into version control.

Option B: Shell environment (keeps password out of config files)

Add to your shell profile (~/.bashrc, ~/.zshrc, etc.):

CODEBLOCK2

Then restart your shell and OpenClaw.

Option C: systemd EnvironmentFile (for server deployments)

Create a secrets file (e.g. /etc/openclaw/monzo.env):

CODEBLOCK3

Set permissions: INLINECODE11

Reference it from your systemd unit with EnvironmentFile=/etc/openclaw/monzo.env.

Option D: Password manager / secrets manager

Use your preferred secrets tool to inject the env var at runtime. Any method that sets MONZO_KEYRING_PASSWORD in the process environment will work.

Step 2: Create Monzo OAuth Client

1. 1. Go to https://developers.monzo.com/ and sign in with your Monzo account
2. Click "Clients" → "New OAuth Client"
3. Fill in:

1. 4. Click Submit
2. Note your Client ID (oauth2client_...) and Client Secret (mnzconf....)

Step 3: Run the Setup Wizard

CODEBLOCK4

The wizard will:

1. 1. Ask for your Client ID and Client Secret
2. Give you an authorization URL to open in your browser
3. Ask you to paste the redirect URL back
4. Exchange the code for access tokens
5. Save encrypted credentials

Alternative: Non-interactive mode (useful for automation or agents):
CODEBLOCK5

Step 4: Approve in Monzo App (SCA)

⚠️ This step is required! Monzo requires Strong Customer Authentication.

1. 1. Open the Monzo app on your phone
2. Look for a notification about "API access" or a new connection
3. Tap to approve

If you don't see a notification:

• - Go to Account → Settings → Privacy & Security → Manage connected apps
• Find and approve your client

After approving, complete setup:
CODEBLOCK6

Step 5: Verify It Works

CODEBLOCK7

You should see your account info and current balance. You're done! 🎉

For the Agent

This section tells the agent how to use this skill effectively.

When to Use This Skill

Use this skill when the user asks about:

• - Balance: "How much money do I have?", "What's my balance?"
• Transactions: "What did I spend on X?", "Show recent transactions"
• Spending analysis: "How much did I spend on coffee this month?"
• Savings: "How much is in my savings?", "Move £X to my holiday pot"
• Notifications: "Send a reminder to my Monzo app"

Common Patterns

CODEBLOCK8

Important Notes for Agents

1. 1. Money is in pence: £50 = 5000, £1.50 = 150
2. Dates can be relative: --since 7d means last 7 days
3. Use human-readable output by default (no --json flag)
4. Pot IDs: Use scripts/pots.sh first to get pot IDs before depositing/withdrawing
5. Multiple accounts: User may have personal, joint, and business accounts. Default is personal. Use scripts/whoami.sh to see all accounts.

Error Handling

If you see forbidden.insufficient_permissions:

• - Tell the user to check their Monzo app and approve API access
• Then run INLINECODE23

If you see MONZO_KEYRING_PASSWORD not set:

• - The env var isn't available in the process environment
• Guide user to set it using one of the methods in Step 1 of the setup guide

Script Reference

balance - Check Account Balance

CODEBLOCK9

Output:
CODEBLOCK10

transactions - Transaction History

Fetches all available transactions (paginated), displayed newest first.

CODEBLOCK11

Output:
CODEBLOCK12

pots - Savings Management

CODEBLOCK13

Output (list):
CODEBLOCK14

feed - Send App Notifications

CODEBLOCK15

whoami - Check Authentication

CODEBLOCK16

receipt - Attach Receipts to Transactions

CODEBLOCK17

webhooks - Manage Webhooks (Advanced)

CODEBLOCK18

Troubleshooting

"forbidden.insufficient_permissions"

Most common issue! Monzo requires app approval (SCA).

Fix:

1. 1. Open Monzo app → check for notification → approve
2. Or: Account → Settings → Privacy & Security → Manage connected apps → approve
3. Run: INLINECODE25

"MONZOKEYRINGPASSWORD not set"

The env var isn't available in the process environment.

Fix: Set MONZO_KEYRING_PASSWORD using any of the methods described in Step 1 of the setup guide, then restart OpenClaw.

"Authorization code has been used"

Each auth code is single-use. Start fresh:
CODEBLOCK19

"No refresh token received"

Your OAuth client isn't set to "Confidential". Create a new client with Confidentiality = Confidential, then:
CODEBLOCK20

"Credentials file not found"

Run setup first:
CODEBLOCK21

"Failed to decrypt credentials"

Wrong MONZO_KEYRING_PASSWORD. Check your config matches what you used during setup.

Security Notes

• - Credentials are encrypted at rest (AES-256-CBC)
• Encryption key is your INLINECODE28
• Access tokens auto-refresh (no manual intervention needed)
• File permissions are set to 600 (owner only)
• All API calls use HTTPS
• No sensitive data is logged

Files

CODEBLOCK22

Credentials: ~/.openclaw/credentials/monzo.json (encrypted, or ~/.clawdbot/credentials/monzo.json on older installs)

API Coverage