app-server.md +284 −45
12Supported transports:12Supported transports:
13 13
14- `stdio` (`--listen stdio://`, default): newline-delimited JSON (JSONL).14- `stdio` (`--listen stdio://`, default): newline-delimited JSON (JSONL).
1515- `websocket` (`--listen ws://IP:PORT`, experimental): one JSON-RPC message per WebSocket text frame.- `websocket` (`--listen ws://IP:PORT`, experimental and unsupported): one JSON-RPC message per WebSocket text frame.
16- `off` (`--listen off`): don't expose a local transport.
17
18When you run with `--listen ws://IP:PORT`, the same listener also serves basic HTTP health probes:
19
20- `GET /readyz` returns `200 OK` once the listener accepts new connections.
21- `GET /healthz` returns `200 OK` when the request doesn't include an `Origin` header.
22- Requests with an `Origin` header are rejected with `403 Forbidden`.
23
24WebSocket transport is experimental and unsupported. Loopback listeners such as `ws://127.0.0.1:PORT` are appropriate for localhost and SSH port-forwarding workflows. Non-loopback WebSocket listeners currently allow unauthenticated connections by default during rollout, so configure WebSocket auth before exposing one remotely.
25
26Supported WebSocket auth flags:
27
28- `--ws-auth capability-token --ws-token-file /absolute/path`
29- `--ws-auth capability-token --ws-token-sha256 HEX`
30- `--ws-auth signed-bearer-token --ws-shared-secret-file /absolute/path`
31
32For signed bearer tokens, you can also set `--ws-issuer`, `--ws-audience`, and `--ws-max-clock-skew-seconds`. Clients present the credential as `Authorization: Bearer <token>` during the WebSocket handshake, and app-server enforces auth before JSON-RPC `initialize`.
33
34Prefer `--ws-token-file` over passing raw bearer tokens on the command line. Use `--ws-token-sha256` only when the client keeps the raw high-entropy token in a separate local secret store; the hash is only a verifier, and clients still need the original token.
16 35
17In WebSocket mode, app-server uses bounded queues. When request ingress is full, the server rejects new requests with JSON-RPC error code `-32001` and message `"Server overloaded; retry later."` Clients should retry with an exponentially increasing delay and jitter.36In WebSocket mode, app-server uses bounded queues. When request ingress is full, the server rejects new requests with JSON-RPC error code `-32001` and message `"Server overloaded; retry later."` Clients should retry with an exponentially increasing delay and jitter.
18 37
21Requests include `method`, `params`, and `id`:40Requests include `method`, `params`, and `id`:
22 41
23```json42```json
2443{ "method": "thread/start", "id": 10, "params": { "model": "gpt-5.1-codex" } }{ "method": "thread/start", "id": 10, "params": { "model": "gpt-5.4" } }
25```44```
26 45
27Responses echo the `id` with either `result` or `error`:46Responses echo the `id` with either `result` or `error`:
99 },118 },
100});119});
101send({ method: "initialized", params: {} });120send({ method: "initialized", params: {} });
102121send({ method: "thread/start", id: 1, params: { model: "gpt-5.1-codex" } });send({ method: "thread/start", id: 1, params: { model: "gpt-5.4" } });
103```122```
104 123
105## Core primitives124## Core primitives
123 142
124Clients must send a single `initialize` request per transport connection before invoking any other method on that connection, then acknowledge with an `initialized` notification. Requests sent before initialization receive a `Not initialized` error, and repeated `initialize` calls on the same connection return `Already initialized`.143Clients must send a single `initialize` request per transport connection before invoking any other method on that connection, then acknowledge with an `initialized` notification. Requests sent before initialization receive a `Not initialized` error, and repeated `initialize` calls on the same connection return `Already initialized`.
125 144
126145The server returns the user agent string it will present to upstream services. Set `clientInfo` to identify your integration.The server returns the user agent string it will present to upstream services plus `platformFamily` and `platformOs` values that describe the runtime target. Set `clientInfo` to identify your integration.
127 146
128`initialize.params.capabilities` also supports per-connection notification opt-out via `optOutNotificationMethods`, which is a list of exact method names to suppress for that connection. Matching is exact (no wildcards/prefixes). Unknown method names are accepted and ignored.147`initialize.params.capabilities` also supports per-connection notification opt-out via `optOutNotificationMethods`, which is a list of exact method names to suppress for that connection. Matching is exact (no wildcards/prefixes). Unknown method names are accepted and ignored.
129 148
159 },178 },
160 "capabilities": {179 "capabilities": {
161 "experimentalApi": true,180 "experimentalApi": true,
162181 "optOutNotificationMethods": [ "optOutNotificationMethods": ["thread/started", "item/agentMessage/delta"]
163 "codex/event/session_configured",
164 "item/agentMessage/delta"
165 ]
166 }182 }
167 }183 }
168}184}
202- `thread/resume` - reopen an existing thread by id so later `turn/start` calls append to it.218- `thread/resume` - reopen an existing thread by id so later `turn/start` calls append to it.
203- `thread/fork` - fork a thread into a new thread id by copying stored history; emits `thread/started` for the new thread.219- `thread/fork` - fork a thread into a new thread id by copying stored history; emits `thread/started` for the new thread.
204- `thread/read` - read a stored thread by id without resuming it; set `includeTurns` to return full turn history. Returned `thread` objects include runtime `status`.220- `thread/read` - read a stored thread by id without resuming it; set `includeTurns` to return full turn history. Returned `thread` objects include runtime `status`.
205221- `thread/list` - page through stored thread logs; supports cursor-based pagination plus `modelProviders`, `sourceKinds`, `archived`, and `cwd` filters. Returned `thread` objects include runtime `status`.- `thread/list` - page through stored thread logs; supports cursor-based pagination plus `modelProviders`, `sourceKinds`, `archived`, `cwd`, and `searchTerm` filters. Returned `thread` objects include runtime `status`.
222- `thread/turns/list` - page through a stored thread's turn history without resuming it.
206- `thread/loaded/list` - list the thread ids currently loaded in memory.223- `thread/loaded/list` - list the thread ids currently loaded in memory.
224- `thread/name/set` - set or update a thread's user-facing name for a loaded thread or a persisted rollout; emits `thread/name/updated`.
225- `thread/goal/set` - set the goal for a loaded thread (experimental; requires `capabilities.experimentalApi`); emits `thread/goal/updated`.
226- `thread/goal/get` - read the current goal for a loaded thread (experimental; requires `capabilities.experimentalApi`).
227- `thread/goal/clear` - clear the goal for a loaded thread (experimental; requires `capabilities.experimentalApi`); emits `thread/goal/cleared`.
228- `thread/metadata/update` - patch SQLite-backed stored thread metadata; currently supports persisted `gitInfo`.
207- `thread/archive` - move a thread's log file into the archived directory; returns `{}` on success and emits `thread/archived`.229- `thread/archive` - move a thread's log file into the archived directory; returns `{}` on success and emits `thread/archived`.
208230- `thread/unsubscribe` - unsubscribe this connection from thread turn/item events. If this was the last subscriber, the server unloads the thread and emits `thread/closed`.- `thread/unsubscribe` - unsubscribe this connection from thread turn/item events. If this was the last subscriber, the server unloads the thread after a no-subscriber inactivity grace period and emits `thread/closed`.
209- `thread/unarchive` - restore an archived thread rollout back into the active sessions directory; returns the restored `thread` and emits `thread/unarchived`.231- `thread/unarchive` - restore an archived thread rollout back into the active sessions directory; returns the restored `thread` and emits `thread/unarchived`.
210- `thread/status/changed` - notification emitted when a loaded thread's runtime `status` changes.232- `thread/status/changed` - notification emitted when a loaded thread's runtime `status` changes.
211- `thread/compact/start` - trigger conversation history compaction for a thread; returns `{}` immediately while progress streams via `turn/*` and `item/*` notifications.233- `thread/compact/start` - trigger conversation history compaction for a thread; returns `{}` immediately while progress streams via `turn/*` and `item/*` notifications.
234- `thread/shellCommand` - run a user-initiated shell command against a thread. This runs outside the sandbox with full access and doesn't inherit the thread sandbox policy.
235- `thread/backgroundTerminals/clean` - stop all running background terminals for a thread (experimental; requires `capabilities.experimentalApi`).
212- `thread/rollback` - drop the last N turns from the in-memory context and persist a rollback marker; returns the updated `thread`.236- `thread/rollback` - drop the last N turns from the in-memory context and persist a rollback marker; returns the updated `thread`.
213- `turn/start` - add user input to a thread and begin Codex generation; responds with the initial `turn` and streams events. For `collaborationMode`, `settings.developer_instructions: null` means "use built-in instructions for the selected mode."237- `turn/start` - add user input to a thread and begin Codex generation; responds with the initial `turn` and streams events. For `collaborationMode`, `settings.developer_instructions: null` means "use built-in instructions for the selected mode."
238- `thread/inject_items` - append raw Responses API items to a loaded thread's model-visible history without starting a user turn.
214- `turn/steer` - append user input to the active in-flight turn for a thread; returns the accepted `turnId`.239- `turn/steer` - append user input to the active in-flight turn for a thread; returns the accepted `turnId`.
215- `turn/interrupt` - request cancellation of an in-flight turn; success is `{}` and the turn ends with `status: "interrupted"`.240- `turn/interrupt` - request cancellation of an in-flight turn; success is `{}` and the turn ends with `status: "interrupted"`.
216- `review/start` - kick off the Codex reviewer for a thread; emits `enteredReviewMode` and `exitedReviewMode` items.241- `review/start` - kick off the Codex reviewer for a thread; emits `enteredReviewMode` and `exitedReviewMode` items.
217- `command/exec` - run a single command under the server sandbox without starting a thread/turn.242- `command/exec` - run a single command under the server sandbox without starting a thread/turn.
243- `command/exec/write` - write `stdin` bytes to a running `command/exec` session or close `stdin`.
244- `command/exec/resize` - resize a running PTY-backed `command/exec` session.
245- `command/exec/terminate` - stop a running `command/exec` session.
246- `command/exec/outputDelta` (notify) - emitted for base64-encoded stdout/stderr chunks from a streaming `command/exec` session.
218- `model/list` - list available models (set `includeHidden: true` to include entries with `hidden: true`) with effort options, optional `upgrade`, and `inputModalities`.247- `model/list` - list available models (set `includeHidden: true` to include entries with `hidden: true`) with effort options, optional `upgrade`, and `inputModalities`.
248- `modelProvider/capabilities/read` - read provider capability bounds for model/provider combinations (experimental; requires `capabilities.experimentalApi`).
219- `experimentalFeature/list` - list feature flags with lifecycle stage metadata and cursor pagination.249- `experimentalFeature/list` - list feature flags with lifecycle stage metadata and cursor pagination.
250- `experimentalFeature/enablement/set` - patch in-memory runtime enablement for supported feature keys such as `apps` and `plugins`.
220- `collaborationMode/list` - list collaboration mode presets (experimental, no pagination).251- `collaborationMode/list` - list collaboration mode presets (experimental, no pagination).
221- `skills/list` - list skills for one or more `cwd` values (supports `forceReload` and optional `perCwdExtraUserRoots`).252- `skills/list` - list skills for one or more `cwd` values (supports `forceReload` and optional `perCwdExtraUserRoots`).
253- `skills/changed` (notify) - emitted when watched local skill files change.
254- `marketplace/add` - add a remote plugin marketplace and persist it into the user's marketplace config.
255- `marketplace/upgrade` - refresh a configured Git marketplace, or all configured Git marketplaces when you omit the marketplace name.
256- `plugin/list` - list discovered plugin marketplaces and plugin state, including install/auth policy metadata, marketplace load errors, featured plugin ids, and local, Git, or remote plugin source metadata.
257- `plugin/read` - read one plugin by marketplace path or remote marketplace name and plugin name, including bundled skills, apps, and MCP server names when those details are available.
258- `plugin/install` - install a plugin from a marketplace path or remote marketplace name.
259- `plugin/uninstall` - uninstall an installed plugin.
222- `app/list` - list available apps (connectors) with pagination plus accessibility/enabled metadata.260- `app/list` - list available apps (connectors) with pagination plus accessibility/enabled metadata.
223- `skills/config/write` - enable or disable skills by path.261- `skills/config/write` - enable or disable skills by path.
224- `mcpServer/oauth/login` - start an OAuth login for a configured MCP server; returns an authorization URL and emits `mcpServer/oauthLogin/completed` on completion.262- `mcpServer/oauth/login` - start an OAuth login for a configured MCP server; returns an authorization URL and emits `mcpServer/oauthLogin/completed` on completion.
225- `tool/requestUserInput` - prompt the user with 1-3 short questions for a tool call (experimental); questions can set `isOther` for a free-form option.263- `tool/requestUserInput` - prompt the user with 1-3 short questions for a tool call (experimental); questions can set `isOther` for a free-form option.
226- `config/mcpServer/reload` - reload MCP server configuration from disk and queue a refresh for loaded threads.264- `config/mcpServer/reload` - reload MCP server configuration from disk and queue a refresh for loaded threads.
227265- `mcpServerStatus/list` - list MCP servers, tools, resources, and auth status (cursor + limit pagination).- `mcpServerStatus/list` - list MCP servers, tools, resources, and auth status (cursor + limit pagination). Use `detail: "full"` for full data or `detail: "toolsAndAuthOnly"` to omit resources.
266- `mcpServer/resource/read` - read a single MCP resource through an initialized MCP server.
267- `mcpServer/tool/call` - call a tool on a thread's configured MCP server.
268- `mcpServer/startupStatus/updated` (notify) - emitted when a configured MCP server's startup status changes for a loaded thread.
228- `windowsSandbox/setupStart` - start Windows sandbox setup for `elevated` or `unelevated` mode; returns quickly and later emits `windowsSandbox/setupCompleted`.269- `windowsSandbox/setupStart` - start Windows sandbox setup for `elevated` or `unelevated` mode; returns quickly and later emits `windowsSandbox/setupCompleted`.
229- `feedback/upload` - submit a feedback report (classification + optional reason/logs + conversation id, plus optional `extraLogFiles` attachments).270- `feedback/upload` - submit a feedback report (classification + optional reason/logs + conversation id, plus optional `extraLogFiles` attachments).
230- `config/read` - fetch the effective configuration on disk after resolving configuration layering.271- `config/read` - fetch the effective configuration on disk after resolving configuration layering.
231272- `externalAgentConfig/detect` - detect migratable external-agent artifacts with `includeHome` and optional `cwds`; each detected item includes `cwd` (`null` for home).- `externalAgentConfig/detect` - detect external-agent artifacts that can be migrated with `includeHome` and optional `cwds`; each detected item includes `cwd` (`null` for home).
232273- `externalAgentConfig/import` - apply selected external-agent migration items by passing explicit `migrationItems` with `cwd` (`null` for home).- `externalAgentConfig/import` - apply selected external-agent migration items by passing explicit `migrationItems` with `cwd` (`null` for home). Supported item types include config, skills, `AGENTS.md`, plugins, MCP server config, subagents, hooks, commands, and sessions; plugin imports emit `externalAgentConfig/import/completed`.
233- `config/value/write` - write a single configuration key/value to the user's `config.toml` on disk.274- `config/value/write` - write a single configuration key/value to the user's `config.toml` on disk.
234- `config/batchWrite` - apply configuration edits atomically to the user's `config.toml` on disk.275- `config/batchWrite` - apply configuration edits atomically to the user's `config.toml` on disk.
235- `configRequirements/read` - fetch requirements from `requirements.toml` and/or MDM, including allow-lists, pinned `featureRequirements`, and residency/network requirements (or `null` if you haven't set any up).276- `configRequirements/read` - fetch requirements from `requirements.toml` and/or MDM, including allow-lists, pinned `featureRequirements`, and residency/network requirements (or `null` if you haven't set any up).
277- `fs/readFile`, `fs/writeFile`, `fs/createDirectory`, `fs/getMetadata`, `fs/readDirectory`, `fs/remove`, `fs/copy`, `fs/watch`, `fs/unwatch`, and `fs/changed` (notify) - operate on absolute filesystem paths through the app-server v2 filesystem API.
278
279Plugin summaries include a `source` union. Local plugins return
280`{ "type": "local", "path": ... }`, Git-backed marketplace entries return
281`{ "type": "git", "url": ..., "path": ..., "refName": ..., "sha": ... }`,
282and remote catalog entries return `{ "type": "remote" }`. For remote-only
283catalog entries, `PluginMarketplaceEntry.path` can be `null`; pass
284`remoteMarketplaceName` instead of `marketplacePath` when reading or installing
285those plugins.
236 286
237## Models287## Models
238 288
301## Threads351## Threads
302 352
303- `thread/read` reads a stored thread without subscribing to it; set `includeTurns` to include turns.353- `thread/read` reads a stored thread without subscribing to it; set `includeTurns` to include turns.
304354- `thread/list` supports cursor pagination plus `modelProviders`, `sourceKinds`, `archived`, and `cwd` filtering.- `thread/turns/list` pages through a stored thread's turn history without resuming it.
355- `thread/list` supports cursor pagination plus `modelProviders`, `sourceKinds`, `archived`, `cwd`, and `searchTerm` filtering.
305- `thread/loaded/list` returns the thread IDs currently in memory.356- `thread/loaded/list` returns the thread IDs currently in memory.
306- `thread/archive` moves the thread's persisted JSONL log into the archived directory.357- `thread/archive` moves the thread's persisted JSONL log into the archived directory.
307358- `thread/unsubscribe` unsubscribes the current connection from a loaded thread and can trigger `thread/closed`.- `thread/metadata/update` patches stored thread metadata, currently including persisted `gitInfo`.
359- `thread/unsubscribe` unsubscribes the current connection from a loaded thread and can trigger `thread/closed` after an inactivity grace period.
308- `thread/unarchive` restores an archived thread rollout back into the active sessions directory.360- `thread/unarchive` restores an archived thread rollout back into the active sessions directory.
309- `thread/compact/start` triggers compaction and returns `{}` immediately.361- `thread/compact/start` triggers compaction and returns `{}` immediately.
310- `thread/rollback` drops the last N turns from the in-memory context and records a rollback marker in the thread's persisted JSONL log.362- `thread/rollback` drops the last N turns from the in-memory context and records a rollback marker in the thread's persisted JSONL log.
363- `thread/inject_items` appends raw Responses API items to a loaded thread's model-visible history without starting a user turn.
311 364
312### Start or resume a thread365### Start or resume a thread
313 366
315 368
316```json369```json
317{ "method": "thread/start", "id": 10, "params": {370{ "method": "thread/start", "id": 10, "params": {
318371 "model": "gpt-5.1-codex", "model": "gpt-5.4",
319 "cwd": "/Users/me/project",372 "cwd": "/Users/me/project",
320 "approvalPolicy": "never",373 "approvalPolicy": "never",
321 "sandbox": "workspaceWrite",374 "sandbox": "workspaceWrite",
378 431
379Unlike `thread/resume`, `thread/read` doesn't load the thread into memory or emit `thread/started`.432Unlike `thread/resume`, `thread/read` doesn't load the thread into memory or emit `thread/started`.
380 433
434### List thread turns
435
436Use `thread/turns/list` to page a stored thread's turn history without resuming it. Results default to newest-first so clients can fetch older turns with `nextCursor`. The response also includes `backwardsCursor`; pass it as `cursor` with `sortDirection: "asc"` to fetch turns newer than the first item from the earlier page.
437
438```json
439{ "method": "thread/turns/list", "id": 20, "params": {
440 "threadId": "thr_123",
441 "limit": 50,
442 "sortDirection": "desc"
443} }
444{ "id": 20, "result": {
445 "data": [],
446 "nextCursor": "older-turns-cursor-or-null",
447 "backwardsCursor": "newer-turns-cursor-or-null"
448} }
449```
450
381### List threads (with pagination & filters)451### List threads (with pagination & filters)
382 452
383`thread/list` lets you render a history UI. Results default to newest-first by `createdAt`. Filters apply before pagination. Pass any combination of:453`thread/list` lets you render a history UI. Results default to newest-first by `createdAt`. Filters apply before pagination. Pass any combination of:
389- `sourceKinds` - restrict results to specific thread sources. When omitted or `[]`, the server defaults to interactive sources only: `cli` and `vscode`.459- `sourceKinds` - restrict results to specific thread sources. When omitted or `[]`, the server defaults to interactive sources only: `cli` and `vscode`.
390- `archived` - when `true`, list archived threads only. When `false` or omitted, list non-archived threads (default).460- `archived` - when `true`, list archived threads only. When `false` or omitted, list non-archived threads (default).
391- `cwd` - restrict results to threads whose session current working directory exactly matches this path.461- `cwd` - restrict results to threads whose session current working directory exactly matches this path.
462- `searchTerm` - search stored thread summaries and metadata before pagination.
392 463
393`sourceKinds` accepts the following values:464`sourceKinds` accepts the following values:
394 465
422 493
423When `nextCursor` is `null`, you have reached the final page.494When `nextCursor` is `null`, you have reached the final page.
424 495
496### Update stored thread metadata
497
498Use `thread/metadata/update` to patch stored thread metadata without resuming the thread. Today this supports persisted `gitInfo`; omitted fields are left unchanged, and explicit `null` clears a stored value.
499
500```json
501{ "method": "thread/metadata/update", "id": 21, "params": {
502 "threadId": "thr_123",
503 "gitInfo": { "branch": "feature/sidebar-pr" }
504} }
505{ "id": 21, "result": {
506 "thread": {
507 "id": "thr_123",
508 "gitInfo": { "sha": null, "branch": "feature/sidebar-pr", "originUrl": null }
509 }
510} }
511```
512
425### Track thread status changes513### Track thread status changes
426 514
427`thread/status/changed` is emitted whenever a loaded thread's runtime status changes. The payload includes `threadId` and the new `status`.515`thread/status/changed` is emitted whenever a loaded thread's runtime status changes. The payload includes `threadId` and the new `status`.
450`thread/unsubscribe` removes the current connection's subscription to a thread. The response status is one of:538`thread/unsubscribe` removes the current connection's subscription to a thread. The response status is one of:
451 539
452- `unsubscribed` when the connection was subscribed and is now removed.540- `unsubscribed` when the connection was subscribed and is now removed.
453541- `notSubscribed` when the connection was not subscribed to that thread.- `notSubscribed` when the connection wasn't subscribed to that thread.
454542- `notLoaded` when the thread is not loaded.- `notLoaded` when the thread isn't loaded.
455 543
456544If this was the last subscriber, the server unloads the thread and emits a `thread/status/changed` transition to `notLoaded` plus `thread/closed`.If this was the last subscriber, the server keeps the thread loaded until it has no subscribers and no thread activity for 30 minutes. When the grace period expires, app-server unloads the thread and emits a `thread/status/changed` transition to `notLoaded` plus `thread/closed`.
457 545
458```json546```json
459{ "method": "thread/unsubscribe", "id": 22, "params": { "threadId": "thr_123" } }547{ "method": "thread/unsubscribe", "id": 22, "params": { "threadId": "thr_123" } }
460{ "id": 22, "result": { "status": "unsubscribed" } }548{ "id": 22, "result": { "status": "unsubscribed" } }
549```
550
551If the thread later expires:
552
553```json
461{ "method": "thread/status/changed", "params": {554{ "method": "thread/status/changed", "params": {
462 "threadId": "thr_123",555 "threadId": "thr_123",
463 "status": { "type": "notLoaded" }556 "status": { "type": "notLoaded" }
498{ "id": 25, "result": {} }591{ "id": 25, "result": {} }
499```592```
500 593
594### Run a thread shell command
595
596Use `thread/shellCommand` for user-initiated shell commands that belong to a thread. The request returns immediately with `{}` while progress streams through standard `turn/*` and `item/*` notifications.
597
598This API runs outside the sandbox with full access and doesn't inherit the thread sandbox policy. Clients should expose it only for explicit user-initiated commands.
599
600If the thread already has an active turn, the command runs as an auxiliary action on that turn and its formatted output is injected into the turn's message stream. If the thread is idle, app-server starts a standalone turn for the shell command.
601
602```json
603{ "method": "thread/shellCommand", "id": 26, "params": { "threadId": "thr_b", "command": "git status --short" } }
604{ "id": 26, "result": {} }
605```
606
607### Clean background terminals
608
609Use `thread/backgroundTerminals/clean` to stop all running background terminals associated with a thread. This method is experimental and requires `capabilities.experimentalApi = true`.
610
611```json
612{ "method": "thread/backgroundTerminals/clean", "id": 27, "params": { "threadId": "thr_b" } }
613{ "id": 27, "result": {} }
614```
615
501### Roll back recent turns616### Roll back recent turns
502 617
503Use `thread/rollback` to remove the last `numTurns` entries from the in-memory context and persist a rollback marker in the rollout log. The returned `thread` includes `turns` populated after the rollback.618Use `thread/rollback` to remove the last `numTurns` entries from the in-memory context and persist a rollback marker in the rollout log. The returned `thread` includes `turns` populated after the rollback.
504 619
505```json620```json
506621{ "method": "thread/rollback", "id": 26, "params": { "threadId": "thr_b", "numTurns": 1 } }{ "method": "thread/rollback", "id": 28, "params": { "threadId": "thr_b", "numTurns": 1 } }
507622{ "id": 26, "result": { "thread": { "id": "thr_b", "name": "Bug bash notes", "ephemeral": false } } }{ "id": 28, "result": { "thread": { "id": "thr_b", "name": "Bug bash notes", "ephemeral": false } } }
508```623```
509 624
510## Turns625## Turns
570 "writableRoots": ["/Users/me/project"],685 "writableRoots": ["/Users/me/project"],
571 "networkAccess": true686 "networkAccess": true
572 },687 },
573688 "model": "gpt-5.1-codex", "model": "gpt-5.4",
574 "effort": "medium",689 "effort": "medium",
575 "summary": "concise",690 "summary": "concise",
576 "personality": "friendly",691 "personality": "friendly",
584{ "id": 30, "result": { "turn": { "id": "turn_456", "status": "inProgress", "items": [], "error": null } } }699{ "id": 30, "result": { "turn": { "id": "turn_456", "status": "inProgress", "items": [], "error": null } } }
585```700```
586 701
702### Inject items into a thread
703
704Use `thread/inject_items` to append prebuilt Responses API items to a loaded thread's prompt history without starting a user turn. These items are persisted to the rollout and included in subsequent model requests.
705
706```json
707{ "method": "thread/inject_items", "id": 31, "params": {
708 "threadId": "thr_123",
709 "items": [
710 {
711 "type": "message",
712 "role": "assistant",
713 "content": [{ "type": "output_text", "text": "Previously computed context." }]
714 }
715 ]
716} }
717{ "id": 31, "result": {} }
718```
719
587### Steer an active turn720### Steer an active turn
588 721
589Use `turn/steer` to append more user input to the active in-flight turn.722Use `turn/steer` to append more user input to the active in-flight turn.
713- The server rejects empty `command` arrays.846- The server rejects empty `command` arrays.
714- `sandboxPolicy` accepts the same shape used by `turn/start` (for example, `dangerFullAccess`, `readOnly`, `workspaceWrite`, `externalSandbox`).847- `sandboxPolicy` accepts the same shape used by `turn/start` (for example, `dangerFullAccess`, `readOnly`, `workspaceWrite`, `externalSandbox`).
715- When omitted, `timeoutMs` falls back to the server default.848- When omitted, `timeoutMs` falls back to the server default.
849- Set `tty: true` for PTY-backed sessions, and use `processId` when you plan to follow up with `command/exec/write`, `command/exec/resize`, or `command/exec/terminate`.
850- Set `streamStdoutStderr: true` to receive `command/exec/outputDelta` notifications while the command is running.
716 851
717### Read admin requirements (`configRequirements/read`)852### Read admin requirements (`configRequirements/read`)
718 853
763- `elevated` - run the elevated Windows sandbox setup path.898- `elevated` - run the elevated Windows sandbox setup path.
764- `unelevated` - run the legacy setup/preflight path.899- `unelevated` - run the legacy setup/preflight path.
765 900
901## Filesystem
902
903The v2 filesystem APIs operate on absolute paths. Use `fs/watch` when a client needs to invalidate UI state after a file or directory changes.
904
905```json
906{ "method": "fs/watch", "id": 54, "params": {
907 "watchId": "0195ec6b-1d6f-7c2e-8c7a-56f2c4a8b9d1",
908 "path": "/Users/me/project/.git/HEAD"
909} }
910{ "id": 54, "result": { "path": "/Users/me/project/.git/HEAD" } }
911{ "method": "fs/changed", "params": {
912 "watchId": "0195ec6b-1d6f-7c2e-8c7a-56f2c4a8b9d1",
913 "changedPaths": ["/Users/me/project/.git/HEAD"]
914} }
915{ "method": "fs/unwatch", "id": 55, "params": {
916 "watchId": "0195ec6b-1d6f-7c2e-8c7a-56f2c4a8b9d1"
917} }
918{ "id": 55, "result": {} }
919```
920
921Watching a file emits `fs/changed` for that file path, including updates delivered by replace or rename operations.
922
766## Events923## Events
767 924
768Event notifications are the server-initiated stream for thread lifecycles, turn lifecycles, and the items within them. After you start or resume a thread, keep reading the active transport stream for `thread/started`, `thread/archived`, `thread/unarchived`, `thread/closed`, `thread/status/changed`, `turn/*`, `item/*`, and `serverRequest/resolved` notifications.925Event notifications are the server-initiated stream for thread lifecycles, turn lifecycles, and the items within them. After you start or resume a thread, keep reading the active transport stream for `thread/started`, `thread/archived`, `thread/unarchived`, `thread/closed`, `thread/status/changed`, `turn/*`, `item/*`, and `serverRequest/resolved` notifications.
773 930
774- Exact-match only: `item/agentMessage/delta` suppresses only that method.931- Exact-match only: `item/agentMessage/delta` suppresses only that method.
775- Unknown method names are ignored.932- Unknown method names are ignored.
776933- Applies to both legacy (`codex/event/*`) and v2 (`thread/*`, `turn/*`, `item/*`, etc.) notifications.- Applies to the current `thread/*`, `turn/*`, `item/*`, and related v2 notifications.
777- Doesn't apply to requests, responses, or errors.934- Doesn't apply to requests, responses, or errors.
778 935
779### Fuzzy file search events (experimental)936### Fuzzy file search events (experimental)
983} }1140} }
984```1141```
985 1142
1143The server also emits `skills/changed` notifications when watched local skill files change. Treat this as an invalidation signal and rerun `skills/list` with your current params when needed.
1144
986To enable or disable a skill by path:1145To enable or disable a skill by path:
987 1146
988```json1147```json
1149 1308
1150### Detect and import external agent config1309### Detect and import external agent config
1151 1310
11521311Use `externalAgentConfig/detect` to discover migratable external-agent artifacts, then pass the selected entries to `externalAgentConfig/import`.Use `externalAgentConfig/detect` to discover external-agent artifacts that can be migrated, then pass the selected entries to `externalAgentConfig/import`.
1153 1312
1154Detection example:1313Detection example:
1155 1314
1189{ "id": 64, "result": {} }1348{ "id": 64, "result": {} }
1190```1349```
1191 1350
11921351Supported `itemType` values are `AGENTS_MD`, `CONFIG`, `SKILLS`, and `MCP_SERVER_CONFIG`. Detection returns only items that still have work to do. For example, AGENTS migration is skipped when `AGENTS.md` already exists and is non-empty, and skill imports do not overwrite existing skill directories.When a request includes plugin imports, the server emits `externalAgentConfig/import/completed` after the import finishes. This notification may arrive immediately after the response or after background remote imports complete.
1352
1353Supported `itemType` values are `AGENTS_MD`, `CONFIG`, `SKILLS`, `PLUGINS`,
1354and `MCP_SERVER_CONFIG`. For `PLUGINS` items, `details.plugins` lists each
1355`marketplaceName` and the `pluginNames` Codex can try to migrate. Detection
1356returns only items that still have work to do. For example, Codex skips AGENTS
1357migration when `AGENTS.md` already exists and is non-empty, and skill imports
1358don't overwrite existing skill directories.
1359
1360When detecting plugins from `.claude/settings.json`, Codex reads configured
1361marketplace sources from `extraKnownMarketplaces`. If `enabledPlugins` contains
1362plugins from `claude-plugins-official` but the marketplace source is missing,
1363Codex infers `anthropics/claude-plugins-official` as the source.
1193 1364
1194## Auth endpoints1365## Auth endpoints
1195 1366
11961367The JSON-RPC auth/account surface exposes request/response methods plus server-initiated notifications (no `id`). Use these to determine auth state, start or cancel logins, logout, and inspect ChatGPT rate limits.The JSON-RPC auth/account surface exposes request/response methods plus server-initiated notifications (no `id`). Use these to determine auth state, start or cancel logins, logout, inspect ChatGPT rate limits, and notify workspace owners about depleted credits or usage limits.
1197 1368
1198### Authentication modes1369### Authentication modes
1199 1370
12001371Codex supports three authentication modes. `account/updated.authMode` shows the active mode, and `account/read` also reports it.Codex supports these authentication modes. `account/updated.authMode` shows the active mode and includes the current ChatGPT `planType` when available. `account/read` also reports account and plan details.
1201 1372
12021373- **API key (`apikey`)** - the caller supplies an OpenAI API key and Codex stores it for API requests.- **API key (`apikey`)** - the caller supplies an OpenAI API key with `type: "apiKey"`, and Codex stores it for API requests.
12031374- **ChatGPT managed (`chatgpt`)** - Codex owns the ChatGPT OAuth flow, persists tokens, and refreshes them automatically.- **ChatGPT managed (`chatgpt`)** - Codex owns the ChatGPT OAuth flow, persists tokens, and refreshes them automatically. Start with `type: "chatgpt"` for the browser flow or `type: "chatgptDeviceCode"` for the device-code flow.
12041375- **ChatGPT external tokens (`chatgptAuthTokens`)** - a host app supplies `idToken` and `accessToken` directly. Codex stores these tokens in memory, and the host app must refresh them when asked.- **ChatGPT external tokens (`chatgptAuthTokens`)** - experimental and intended for host apps that already own the user's ChatGPT auth lifecycle. The host app supplies an `accessToken`, `chatgptAccountId`, and optional `chatgptPlanType` directly, and must refresh the token when asked.
1205 1376
1206### API overview1377### API overview
1207 1378
1208- `account/read` - fetch current account info; optionally refresh tokens.1379- `account/read` - fetch current account info; optionally refresh tokens.
12091380- `account/login/start` - begin login (`apiKey`, `chatgpt`, or `chatgptAuthTokens`).- `account/login/start` - begin login (`apiKey`, `chatgpt`, `chatgptDeviceCode`, or experimental `chatgptAuthTokens`).
1210- `account/login/completed` (notify) - emitted when a login attempt finishes (success or error).1381- `account/login/completed` (notify) - emitted when a login attempt finishes (success or error).
12111382- `account/login/cancel` - cancel a pending ChatGPT login by `loginId`.- `account/login/cancel` - cancel a pending managed ChatGPT login by `loginId`.
1212- `account/logout` - sign out; triggers `account/updated`.1383- `account/logout` - sign out; triggers `account/updated`.
12131384- `account/updated` (notify) - emitted whenever auth mode changes (`authMode`: `apikey`, `chatgpt`, `chatgptAuthTokens`, or `null`).- `account/updated` (notify) - emitted whenever auth mode changes (`authMode`: `apikey`, `chatgpt`, `chatgptAuthTokens`, or `null`) and includes `planType` when available.
1214- `account/chatgptAuthTokens/refresh` (server request) - request fresh externally managed ChatGPT tokens after an authorization error.1385- `account/chatgptAuthTokens/refresh` (server request) - request fresh externally managed ChatGPT tokens after an authorization error.
1215- `account/rateLimits/read` - fetch ChatGPT rate limits.1386- `account/rateLimits/read` - fetch ChatGPT rate limits.
1216- `account/rateLimits/updated` (notify) - emitted whenever a user's ChatGPT rate limits change.1387- `account/rateLimits/updated` (notify) - emitted whenever a user's ChatGPT rate limits change.
1388- `account/sendAddCreditsNudgeEmail` - ask ChatGPT to email a workspace owner about depleted credits or a reached usage limit.
1217- `mcpServer/oauthLogin/completed` (notify) - emitted after a `mcpServer/oauth/login` flow finishes; payload includes `{ name, success, error? }`.1389- `mcpServer/oauthLogin/completed` (notify) - emitted after a `mcpServer/oauth/login` flow finishes; payload includes `{ name, success, error? }`.
1390- `mcpServer/startupStatus/updated` (notify) - emitted when a configured MCP server's startup status changes for a loaded thread; payload includes `{ name, status, error }`.
1218 1391
1219### 1) Check auth state1392### 1) Check auth state
1220 1393
1286 ```1459 ```
1287 1460
1288 ```json1461 ```json
12891462 { "method": "account/updated", "params": { "authMode": "apikey" } } {
1463 "method": "account/updated",
1464 "params": { "authMode": "apikey", "planType": null }
1465 }
1290 ```1466 ```
1291 1467
1292### 3) Log in with ChatGPT (browser flow)1468### 3) Log in with ChatGPT (browser flow)
1318 ```1494 ```
1319 1495
1320 ```json1496 ```json
13211497 { "method": "account/updated", "params": { "authMode": "chatgpt" } } {
1498 "method": "account/updated",
1499 "params": { "authMode": "chatgpt", "planType": "plus" }
1500 }
1501 ```
1502
1503### 3b) Log in with ChatGPT (device-code flow)
1504
1505Use this flow when your client owns the sign-in ceremony or when a browser callback is brittle.
1506
15071. Start:
1508
1509 ```json
1510 {
1511 "method": "account/login/start",
1512 "id": 4,
1513 "params": { "type": "chatgptDeviceCode" }
1514 }
1515 ```
1516
1517 ```json
1518 {
1519 "id": 4,
1520 "result": {
1521 "type": "chatgptDeviceCode",
1522 "loginId": "<uuid>",
1523 "verificationUrl": "https://auth.openai.com/codex/device",
1524 "userCode": "ABCD-1234"
1525 }
1526 }
1527 ```
15282. Show `verificationUrl` and `userCode` to the user; the frontend owns the UX.
15293. Wait for notifications:
1530
1531 ```json
1532 {
1533 "method": "account/login/completed",
1534 "params": { "loginId": "<uuid>", "success": true, "error": null }
1535 }
1536 ```
1537
1538 ```json
1539 {
1540 "method": "account/updated",
1541 "params": { "authMode": "chatgpt", "planType": "plus" }
1542 }
1322 ```1543 ```
1323 1544
13241545### 3b) Log in with externally managed ChatGPT tokens (`chatgptAuthTokens`)### 3c) Log in with externally managed ChatGPT tokens (`chatgptAuthTokens`)
1325 1546
13261547Use this mode when a host application owns the user’s ChatGPT auth lifecycle and supplies tokens directly.Use this experimental mode only when a host application owns the user's ChatGPT auth lifecycle and supplies tokens directly. Clients must set `capabilities.experimentalApi = true` during `initialize` before using this login type.
1327 1548
13281. Send:15491. Send:
1329 1550
1333 "id": 7,1554 "id": 7,
1334 "params": {1555 "params": {
1335 "type": "chatgptAuthTokens",1556 "type": "chatgptAuthTokens",
13361557 "idToken": "<jwt>", "accessToken": "<jwt>",
13371558 "accessToken": "<jwt>" "chatgptAccountId": "org-123",
1559 "chatgptPlanType": "business"
1338 }1560 }
1339 }1561 }
1340 ```1562 ```
1355 ```json1577 ```json
1356 {1578 {
1357 "method": "account/updated",1579 "method": "account/updated",
13581580 "params": { "authMode": "chatgptAuthTokens" } "params": { "authMode": "chatgptAuthTokens", "planType": "business" }
1359 }1581 }
1360 ```1582 ```
1361 1583
1367 "id": 8,1589 "id": 8,
1368 "params": { "reason": "unauthorized", "previousAccountId": "org-123" }1590 "params": { "reason": "unauthorized", "previousAccountId": "org-123" }
1369}1591}
13701592{ "id": 8, "result": { "idToken": "<jwt>", "accessToken": "<jwt>" } }{ "id": 8, "result": { "accessToken": "<jwt>", "chatgptAccountId": "org-123", "chatgptPlanType": "business" } }
1371```1593```
1372 1594
1373The server retries the original request after a successful refresh response. Requests time out after about 10 seconds.1595The server retries the original request after a successful refresh response. Requests time out after about 10 seconds.
1384```json1606```json
1385{ "method": "account/logout", "id": 5 }1607{ "method": "account/logout", "id": 5 }
1386{ "id": 5, "result": {} }1608{ "id": 5, "result": {} }
13871609{ "method": "account/updated", "params": { "authMode": null } }{ "method": "account/updated", "params": { "authMode": null, "planType": null } }
1388```1610```
1389 1611
1390### 6) Rate limits (ChatGPT)1612### 6) Rate limits (ChatGPT)
1396 "limitId": "codex",1618 "limitId": "codex",
1397 "limitName": null,1619 "limitName": null,
1398 "primary": { "usedPercent": 25, "windowDurationMins": 15, "resetsAt": 1730947200 },1620 "primary": { "usedPercent": 25, "windowDurationMins": 15, "resetsAt": 1730947200 },
13991621 "secondary": null "secondary": null,
1622 "rateLimitReachedType": null
1400 },1623 },
1401 "rateLimitsByLimitId": {1624 "rateLimitsByLimitId": {
1402 "codex": {1625 "codex": {
1403 "limitId": "codex",1626 "limitId": "codex",
1404 "limitName": null,1627 "limitName": null,
1405 "primary": { "usedPercent": 25, "windowDurationMins": 15, "resetsAt": 1730947200 },1628 "primary": { "usedPercent": 25, "windowDurationMins": 15, "resetsAt": 1730947200 },
14061629 "secondary": null "secondary": null,
1630 "rateLimitReachedType": null
1407 },1631 },
1408 "codex_other": {1632 "codex_other": {
1409 "limitId": "codex_other",1633 "limitId": "codex_other",
1410 "limitName": "codex_other",1634 "limitName": "codex_other",
1411 "primary": { "usedPercent": 42, "windowDurationMins": 60, "resetsAt": 1730950800 },1635 "primary": { "usedPercent": 42, "windowDurationMins": 60, "resetsAt": 1730950800 },
14121636 "secondary": null "secondary": null,
1637 "rateLimitReachedType": null
1413 }1638 }
1414 }1639 }
1415} }1640} }
1430- `usedPercent` is current usage within the quota window.1655- `usedPercent` is current usage within the quota window.
1431- `windowDurationMins` is the quota window length.1656- `windowDurationMins` is the quota window length.
1432- `resetsAt` is a Unix timestamp (seconds) for the next reset.1657- `resetsAt` is a Unix timestamp (seconds) for the next reset.
1658- `planType` is included when the backend returns the ChatGPT plan associated with a bucket.
1659- `credits` is included when the backend returns remaining workspace credit details.
1660- `rateLimitReachedType` identifies the backend-classified limit state when one has been reached.
1661
1662### 7) Notify a workspace owner about a limit
1663
1664Use `account/sendAddCreditsNudgeEmail` to ask ChatGPT to email a workspace owner when credits are depleted or a usage limit has been reached.
1665
1666```json
1667{ "method": "account/sendAddCreditsNudgeEmail", "id": 7, "params": { "creditType": "credits" } }
1668{ "id": 7, "result": { "status": "sent" } }
1669```
1670
1671Use `creditType: "credits"` when workspace credits are depleted, or `creditType: "usage_limit"` when the workspace usage limit has been reached. If the owner was already notified recently, the response status is `cooldown_active`.