docs(xai): clarify oauth account eligibility

docs/providers/xai.md

@@ -13,7 +13,10 @@ OpenClaw ships a bundled `xai` provider plugin for Grok models.
 <Steps>
   <Step title="Choose auth">
     Use either an API key from the [xAI console](https://console.x.ai/) or
-    xAI Grok OAuth with a SuperGrok subscription.
+    xAI OAuth browser sign-in with an eligible xAI account. OAuth does not
+    require an xAI API key, and OpenClaw does not require the Grok Build app.
+    xAI may still label the consent app as Grok Build because OpenClaw uses
+    xAI's shared OAuth client.
   </Step>
   <Step title="Sign in">
     Set `XAI_API_KEY`, run the API-key wizard, or start the OAuth flow:
@@ -414,9 +417,11 @@ Legacy aliases still normalize to the canonical bundled ids:
 
   <Accordion title="Known limits">
     - xAI auth can use an API key, environment variable, plugin config fallback,
-      or xAI Grok OAuth with a SuperGrok subscription. OAuth uses a local
-      callback on `127.0.0.1:56121`; for remote hosts, forward that port before
-      opening the sign-in URL.
+      or xAI OAuth browser sign-in with an eligible xAI account. OAuth uses a
+      local callback on `127.0.0.1:56121`; for remote hosts, forward that port
+      before opening the sign-in URL. xAI decides which accounts can receive
+      OAuth API tokens, and the consent page may show Grok Build even though
+      OpenClaw does not require the Grok Build app.
     - `grok-4.20-multi-agent-experimental-beta-0304` is not supported on the
       normal xAI provider path because it requires a different upstream API
       surface than the standard OpenClaw xAI transport.

extensions/xai/openclaw.plugin.json

@@ -45,7 +45,7 @@
       "choiceLabel": "xAI API key",
       "groupId": "xai",
       "groupLabel": "xAI (Grok)",
-      "groupHint": "API key or SuperGrok OAuth",
+      "groupHint": "API key or browser OAuth",
       "onboardingFeatured": true,
       "optionKey": "xaiApiKey",
       "cliFlag": "--xai-api-key",
@@ -56,11 +56,11 @@
       "provider": "xai",
       "method": "oauth",
       "choiceId": "xai-oauth",
-      "choiceLabel": "xAI Grok OAuth",
-      "choiceHint": "SuperGrok subscription",
+      "choiceLabel": "xAI OAuth",
+      "choiceHint": "Browser sign-in for eligible xAI accounts",
       "groupId": "xai",
       "groupLabel": "xAI (Grok)",
-      "groupHint": "API key or SuperGrok OAuth",
+      "groupHint": "API key or browser OAuth",
       "onboardingFeatured": true
     }
   ],

extensions/xai/xai-oauth.ts

@@ -338,7 +338,10 @@ export async function loginXaiOAuth(ctx: ProviderAuthContext): Promise<ProviderA
         ...(tokens.idToken ? { idToken: tokens.idToken } : {}),
         ...(identity.accountId ? { accountId: identity.accountId } : {}),
       },
-      notes: ["xAI OAuth uses your SuperGrok subscription; xAI API keys still work."],
+      notes: [
+        "xAI OAuth uses your xAI account entitlement; xAI API keys still work.",
+        "xAI may label the consent app as Grok Build because OpenClaw uses xAI's shared OAuth client.",
+      ],
     });
   } catch (err) {
     progress.stop("xAI OAuth failed");
@@ -387,16 +390,16 @@ export async function refreshXaiOAuthCredential(
 export function createXaiOAuthAuthMethod(): ProviderAuthMethod {
   return {
     id: XAI_OAUTH_METHOD_ID,
-    label: "xAI Grok OAuth",
-    hint: "SuperGrok subscription",
+    label: "xAI OAuth",
+    hint: "Browser sign-in for eligible xAI accounts",
     kind: "oauth",
     wizard: {
       choiceId: XAI_OAUTH_CHOICE_ID,
-      choiceLabel: "xAI Grok OAuth",
-      choiceHint: "SuperGrok subscription",
+      choiceLabel: "xAI OAuth",
+      choiceHint: "Browser sign-in for eligible xAI accounts",
       groupId: PROVIDER_ID,
       groupLabel: "xAI (Grok)",
-      groupHint: "API key or SuperGrok OAuth",
+      groupHint: "API key or browser OAuth",
       methodId: XAI_OAUTH_METHOD_ID,
     },
     run: async (ctx) => loginXaiOAuth(ctx),