Description

Read, write, search, append, patch, and manage notes in any Obsidian vault via the Local REST API on Windows, macOS, or Linux.

README (SKILL.md)

Obsidian Local REST API Skill

Name: Obsidian Local REST API
Author: nj070574-gif

Control any Obsidian vault from OpenClaw using the Local REST API plugin. Works on any OS where Obsidian Desktop runs (Windows, macOS, Linux). No extra CLI tools needed — just curl.

Critical: Known Pitfalls (Read First)

These issues were discovered in real-world use and will cause silent failures if ignored:

1. Trailing slashes are mandatory on directory paths

The API returns {"message":"Not Found","errorCode":40400} if you omit trailing slashes on directory endpoints.

Path	Result
`$OBSIDIAN_URL/vault/`	✅ Correct — lists vault root
`$OBSIDIAN_URL/vault`	❌ 40400 error
`$OBSIDIAN_URL/vault/My%20Folder/`	✅ Correct — lists subfolder
`$OBSIDIAN_URL/vault/My%20Folder`	❌ 40400 error

2. The root health check endpoint is `/` — nothing else

There is no /api/, /api/healthz, /healthz, /status, or /health endpoint.

Path	Result
`$OBSIDIAN_URL/`	✅ Returns plugin status JSON
`$OBSIDIAN_URL/api/`	❌ 40400 error
`$OBSIDIAN_URL/api/healthz`	❌ 40400 error

3. Shell variable expansion may fail in exec contexts

$OBSIDIAN_URL and $OBSIDIAN_API_KEY are available in the gateway process but child shells spawned by the exec tool may not inherit them depending on your OpenClaw configuration. Always test variable expansion before using them in curl:

echo "URL=$OBSIDIAN_URL KEY_LEN=${#OBSIDIAN_API_KEY}"

If either is empty, use hardcoded values in your curl commands for this session.

4. Never dump raw JSON to the user

Always interpret API responses and reply in plain English. See the Output Formatting section.

Prerequisites

Obsidian Desktop installed and running with a vault open.
Local REST API plugin installed and enabled in Obsidian:
- Open Obsidian → Settings → Community plugins → Browse → search "Local REST API" → Install → Enable.
API Key copied from: Settings → Local REST API → API Key.
Port noted (default: 27124). HTTPS is strongly recommended.
Env vars set in your OpenClaw service (see Setup below).

Setup

1. Add env vars to your OpenClaw systemd service

sudo nano /etc/systemd/system/openclaw.service

Add these two lines in the [Service] block:

Environment=OBSIDIAN_URL=https://YOUR_OBSIDIAN_HOST:27124
Environment=OBSIDIAN_API_KEY=your_api_key_here

Then reload and restart:

sudo systemctl daemon-reload
sudo systemctl restart openclaw.service

2. Verify env vars are live in the gateway process

PID=$(pgrep -f "openclaw-gateway" | head -1)
cat /proc/$PID/environ | tr "\0" "\
" | grep "^OBSIDIAN"

Both OBSIDIAN_URL and OBSIDIAN_API_KEY should appear with correct values.

3. Test the connection

curl -sk \
  -H "Authorization: Bearer $OBSIDIAN_API_KEY" \
  "$OBSIDIAN_URL/" \
  | python3 -c "import json,sys; d=json.load(sys.stdin); print('OK — Obsidian', d['versions']['obsidian'], '| Plugin', d['versions']['self'], '| Auth:', d['authenticated'])"

Expected: OK — Obsidian 1.x.x | Plugin 3.x.x | Auth: True

If $OBSIDIAN_URL is empty, substitute the literal URL:

curl -sk \
  -H "Authorization: Bearer YOUR_API_KEY_HERE" \
  "https://YOUR_OBSIDIAN_HOST:27124/" \
  | python3 -c "import json,sys; d=json.load(sys.stdin); print('OK — Obsidian', d['versions']['obsidian'], '| Plugin', d['versions']['self'], '| Auth:', d['authenticated'])"

4. Install the skill

# Via ClawHub
openclaw skills install obsidian-rest

# Or manually
git clone https://github.com/nj070574-gif/openclaw-obsidian-vault-skill.git
cp -r openclaw-obsidian-vault-skill/skill ~/.openclaw/workspace/skills/obsidian-rest

Environment Variables

Variable	Required	Description
`OBSIDIAN_URL`	✅ Yes	Full base URL including protocol and port, e.g. `https://192.168.1.100:27124`
`OBSIDIAN_API_KEY`	✅ Yes	API key from Obsidian → Settings → Local REST API

Always use curl -sk — the plugin uses a self-signed certificate by default.

API Reference

All requests require the auth header:

Authorization: Bearer $OBSIDIAN_API_KEY

Check API status (root endpoint only)

curl -sk -H "Authorization: Bearer $OBSIDIAN_API_KEY" "$OBSIDIAN_URL/"

Returns: {"status":"OK","authenticated":true,"versions":{"obsidian":"1.x.x","self":"3.x.x"}, ...}

List vault root (trailing slash required)

curl -sk -H "Authorization: Bearer $OBSIDIAN_API_KEY" "$OBSIDIAN_URL/vault/" \
  | python3 -c "import json,sys; [print(f) for f in sorted(json.load(sys.stdin)['files'])]"

List a subfolder (trailing slash required)

curl -sk -H "Authorization: Bearer $OBSIDIAN_API_KEY" "$OBSIDIAN_URL/vault/My%20Folder/" \
  | python3 -c "import json,sys; [print(f) for f in json.load(sys.stdin)['files']]"

URL encoding: spaces → %20 | forward slash within a path segment → %2F

Encode any path automatically:

python3 -c "import urllib.parse; print(urllib.parse.quote('My Folder/My Note.md', safe=''))"

Read a note

curl -sk -H "Authorization: Bearer $OBSIDIAN_API_KEY" \
  "$OBSIDIAN_URL/vault/PATH%2FTO%2FNOTE.md"

Returns raw Markdown content.

Create or overwrite a note (PUT)

curl -sk -X PUT \
  -H "Authorization: Bearer $OBSIDIAN_API_KEY" \
  -H "Content-Type: text/markdown" \
  --data-binary "# My Note Title

Content goes here." \
  "$OBSIDIAN_URL/vault/PATH%2FTO%2FNOTE.md"

Returns HTTP 204 No Content on success. Warning: PUT replaces the entire file. Use POST to append safely.

Append to an existing note (POST)

curl -sk -X POST \
  -H "Authorization: Bearer $OBSIDIAN_API_KEY" \
  -H "Content-Type: text/markdown" \
  --data-binary "

## New Section $(date +%Y-%m-%d)

Content to append." \
  "$OBSIDIAN_URL/vault/PATH%2FTO%2FNOTE.md"

Returns HTTP 204 No Content on success.

Patch / insert at a heading (PATCH)

curl -sk -X PATCH \
  -H "Authorization: Bearer $OBSIDIAN_API_KEY" \
  -H "Content-Type: text/markdown" \
  -H "Obsidian-API-Operation: append" \
  -H "Heading: My Section Heading" \
  --data-binary "Content to insert under the heading." \
  "$OBSIDIAN_URL/vault/PATH%2FTO%2FNOTE.md"

Valid operations: append | prepend | replace

Delete a note

curl -sk -X DELETE \
  -H "Authorization: Bearer $OBSIDIAN_API_KEY" \
  "$OBSIDIAN_URL/vault/PATH%2FTO%2FNOTE.md"

Returns HTTP 204 No Content on success.

Search vault (full-text)

curl -sk -X POST \
  -H "Authorization: Bearer $OBSIDIAN_API_KEY" \
  "$OBSIDIAN_URL/search/simple/?query=YOUR+SEARCH+TERM&contextLength=150" \
  | python3 -c "
import json, sys
results = json.load(sys.stdin)
if not results:
    print('No matches found.')
else:
    print(f'Found {len(results)} match(es):')
    for r in results[:5]:
        print(' -', r['filename'])
        for m in r.get('matches', [])[:1]:
            ctx = m.get('context', '').strip()
            if ctx: print('   ...', ctx[:100])
"

Get currently active file in Obsidian

curl -sk -H "Authorization: Bearer $OBSIDIAN_API_KEY" "$OBSIDIAN_URL/active/"

List available Obsidian commands

curl -sk -H "Authorization: Bearer $OBSIDIAN_API_KEY" "$OBSIDIAN_URL/commands/" \
  | python3 -c "import json,sys; [print(c['id'], '|', c['name']) for c in json.load(sys.stdin).get('commands',[])]"

Execute an Obsidian command

curl -sk -X POST \
  -H "Authorization: Bearer $OBSIDIAN_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"commandId": "editor:save-file"}' \
  "$OBSIDIAN_URL/commands/execute/"

Output Formatting Rules

Never dump raw JSON to the user. Always interpret results and reply in plain English.

Situation	What to say
Status check returns `"authenticated": true`	"✅ Obsidian vault connected — Obsidian v1.x.x, plugin v3.x.x"
Status check fails / 40400 error	"❌ Cannot reach Obsidian vault: [exact error]. Check Obsidian is running."
Vault listed	"Your vault contains X items: [list files and folders]"
Subfolder listed	"Found X notes in [folder]: [list]"
Note read	Return the note content (or a summary if it's long)
Note created (HTTP 204)	"✅ Created [path]"
Note saved / overwritten (HTTP 204)	"✅ Saved to [path]"
Note appended (HTTP 204)	"✅ Appended to [path]"
Search returns results	"Found X notes matching '[query]': [list filenames]"
Search returns nothing	"No notes found matching '[query]'"
40400 error	"❌ API returned Not Found — check the path and trailing slashes"
401 error	"❌ Unauthorised — check OBSIDIAN_API_KEY is set correctly"

Workflow Guide

Saving content ("sv" / "save this")

Check env vars expand: echo "URL=$OBSIDIAN_URL LEN=${#OBSIDIAN_API_KEY}"
Pick the right folder from context (infrastructure → Infrastructure/, daily log → Daily/)
Choose a descriptive hyphenated filename, e.g. Setup-Guide-2026-04-12.md
Check if file exists: GET /vault/PATH.md — HTTP 404 means safe to create
Use PUT to create, POST to append to existing
Confirm with plain English: "✅ Saved to Infrastructure/Setup-Guide.md"

Finding a note

Search: POST /search/simple/?query=TERM
If multiple results, list filenames and ask which to open
GET the file and return its content or a summary

Updating a note

Read the file first to understand its structure
POST to append, or PATCH with Heading header for targeted insertion
Confirm what was added and where

Creating new folders

New folders are created automatically when you PUT a file into a path that doesn't exist yet.

Common Patterns

Save a runbook

NOTE_PATH="Infrastructure%2FRunbook-$(date +%Y-%m-%d).md"
curl -sk -X PUT \
  -H "Authorization: Bearer $OBSIDIAN_API_KEY" \
  -H "Content-Type: text/markdown" \
  --data-binary "# Runbook — $(date +%Y-%m-%d)

## Steps

1. Step one
2. Step two
" \
  "$OBSIDIAN_URL/vault/$NOTE_PATH"
echo "Saved to vault/$NOTE_PATH"

Append a timestamped log entry

curl -sk -X POST \
  -H "Authorization: Bearer $OBSIDIAN_API_KEY" \
  -H "Content-Type: text/markdown" \
  --data-binary "
- $(date '+%Y-%m-%d %H:%M') — Log entry here" \
  "$OBSIDIAN_URL/vault/Daily%2FLog.md"

URL Encoding Quick Reference

Character	Encoded
Space	`%20`
`/` (within a path segment)	`%2F`
`#`	`%23`
`&`	`%26`
`+`	`%2B`

Troubleshooting

Symptom	Likely cause	Fix
`curl: (7) Failed to connect`	Obsidian not running or wrong host/port	Check Obsidian is open; verify `OBSIDIAN_URL`
`{"message":"Not Found","errorCode":40400}`	Wrong path — missing trailing slash, or non-existent endpoint	Add `/` to end of directory paths; use only documented endpoints
`HTTP 401 Unauthorized`	Wrong or missing API key	Verify `OBSIDIAN_API_KEY` matches plugin settings
SSL certificate error	Self-signed cert	Always use `curl -sk` — never `curl -s` alone
`$OBSIDIAN_URL` empty in curl	Env var not inherited by exec shell	Test with `echo $OBSIDIAN_URL`; use literal values if empty
Skill shows `△ needs setup`	Env vars not set	Add `Environment=` lines to `openclaw.service`, reload, restart
Obsidian on Windows, agent on Linux	Firewall blocking port	Allow TCP 27124 inbound in Windows Defender Firewall

Windows Firewall (Obsidian on Windows, OpenClaw on Linux)

Windows Defender Firewall → Advanced Settings → Inbound Rules → New Rule
→ Port → TCP → 27124 → Allow → All profiles → Name: "Obsidian Local REST API"

Plugin Information

Plugin: Obsidian Local REST API by Adam Coddington
Default port: 27124
Protocol: HTTPS (self-signed cert) or HTTP
Obsidian minimum version: 0.12.0
Plugin version tested: 3.2.0

Usage Guidance

This skill appears to do exactly what it says: talk to the Obsidian Local REST API using an API key and URL. Before installing, consider the following: (1) The skill requires storing your Obsidian API key in the OpenClaw service environment — store secrets with restrictive file permissions and avoid pasting them into shells where they appear in history. (2) The instructions recommend curl -sk (skip TLS verification) and may suggest hardcoding the key for a session — prefer properly-signed TLS or a secure local network, and avoid hardcoding secrets in commands. (3) Verifying env vars via /proc/<pid>/environ and echoing key length can expose secrets to other admins/users — run checks as root only when necessary and remove test outputs. (4) The manual install references a personal GitHub repo; if you plan to clone it, review its contents before running. (5) If you need tighter security, consider alternative secret delivery (systemd drop-ins with limited perms, a secrets manager, or making the plugin listen on localhost-only and using firewall rules). If you accept these operational tradeoffs and follow safer secret-handling practices, the skill is coherent with its stated purpose.

Capability Analysis

Type: OpenClaw Skill Name: obsidian-rest Version: 1.1.0 The skill provides comprehensive instructions for an AI agent to interact with the Obsidian Local REST API plugin. It uses standard system tools like curl and python3 to perform note management tasks (read, write, search). While it requires sensitive environment variables (OBSIDIAN_API_KEY) and includes debugging steps to verify process environments, these actions are transparently documented and strictly aligned with the stated purpose of managing Obsidian content. No evidence of malicious intent, data exfiltration, or unauthorized execution was found in SKILL.md or _meta.json.

Capability Assessment

✓ Purpose & Capability

Name/description match the requested environment (OBSIDIAN_URL, OBSIDIAN_API_KEY) and all prescribed actions (curl to plugin endpoints) are directly related to the Obsidian Local REST API.

ℹ Instruction Scope

Instructions require editing the systemd service, restarting it, and inspecting /proc/<pid>/environ to verify env vars — these are relevant to ensuring the gateway process has the credentials but are system-level operations that require root and access to process environment. The docs also recommend printing or hardcoding API keys for testing and instruct use of `curl -sk` (skip TLS verification). These steps are functional but increase the chance of accidental secret exposure.

ℹ Install Mechanism

This is instruction-only (no install spec), so nothing is written by the installer. Manual install instructions point to a personal GitHub repo (https://github.com/nj070574-gif/openclaw-obsidian-vault-skill) if the user chooses that path — cloning a third-party repo is normal but should be reviewed before use.

ℹ Credentials

The only required environment variables are OBSIDIAN_URL and OBSIDIAN_API_KEY, which are appropriate. However, the SKILL.md suggests actions that can leak the API key (echoing it, substituting literal keys into commands, reading process env, and using curl -sk). Those are disproportionate from a secrecy-handling perspective and deserve caution.

✓ Persistence & Privilege

Skill does not request always:true or other elevated platform privileges. It asks operators to add env vars to the OpenClaw systemd service (normal for a service-bound credential) and restart the service — this is a standard installation step and confined to the service.

Version History

v1.1.0

v1.1.0: real-world pitfalls from deployment — trailing slash requirement on directory endpoints, correct root endpoint is / only (not /api/healthz), shell variable expansion caveat with exec tool, output formatting rules (never dump raw JSON), improved troubleshooting with 40400 root cause and fix

v1.0.0

Initial release — full Obsidian vault control via the Local REST API plugin. Cross-platform (Windows/macOS/Linux), no obsidian-cli required. Read, write, append, patch, search, delete, list and run commands.

Metadata

Slug obsidian-rest

Version 1.1.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 2

Frequently Asked Questions

What is Obsidian Local REST API?

Read, write, search, append, patch, and manage notes in any Obsidian vault via the Local REST API on Windows, macOS, or Linux. It is an AI Agent Skill for Claude Code / OpenClaw, with 117 downloads so far.

How do I install Obsidian Local REST API?

Run "/install obsidian-rest" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Obsidian Local REST API free?

Yes, Obsidian Local REST API is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Obsidian Local REST API support?

Obsidian Local REST API is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Obsidian Local REST API?

It is built and maintained by Only 1 Naren (@nj070574-gif); the current version is v1.1.0.

More Skills

Obsidian Local REST API