1# Codex App Server1# Codex App Server
2 2
3Embed Codex into your product with the app-server protocol
4
5Codex app-server is the interface Codex uses to power rich clients (for example, the Codex VS Code extension). Use it when you want a deep integration inside your own product: authentication, conversation history, approvals, and streamed agent events. The app-server implementation is open source in the Codex GitHub repository ([openai/codex/codex-rs/app-server](https://github.com/openai/codex/tree/main/codex-rs/app-server)). See the [Open Source](https://developers.openai.com/codex/open-source) page for the full list of open-source Codex components.3Codex app-server is the interface Codex uses to power rich clients (for example, the Codex VS Code extension). Use it when you want a deep integration inside your own product: authentication, conversation history, approvals, and streamed agent events. The app-server implementation is open source in the Codex GitHub repository ([openai/codex/codex-rs/app-server](https://github.com/openai/codex/tree/main/codex-rs/app-server)). See the [Open Source](https://developers.openai.com/codex/open-source) page for the full list of open-source Codex components.
6 4
7If you are automating jobs or running Codex in CI, use the5If you are automating jobs or running Codex in CI, use the
118- **Start (or resume) a thread**: Call `thread/start` for a new conversation, `thread/resume` to continue an existing one, or `thread/fork` to branch history into a new thread id.116- **Start (or resume) a thread**: Call `thread/start` for a new conversation, `thread/resume` to continue an existing one, or `thread/fork` to branch history into a new thread id.
119- **Begin a turn**: Call `turn/start` with the target `threadId` and user input. Optional fields override model, personality, `cwd`, sandbox policy, and more.117- **Begin a turn**: Call `turn/start` with the target `threadId` and user input. Optional fields override model, personality, `cwd`, sandbox policy, and more.
120- **Steer an active turn**: Call `turn/steer` to append user input to the currently in-flight turn without creating a new turn.118- **Steer an active turn**: Call `turn/steer` to append user input to the currently in-flight turn without creating a new turn.
121- **Stream events**: After `turn/start`, keep reading notifications on stdout: `item/started`, `item/completed`, `item/agentMessage/delta`, tool progress, and other updates.119- **Stream events**: After `turn/start`, keep reading notifications on stdout: `thread/archived`, `thread/unarchived`, `item/started`, `item/completed`, `item/agentMessage/delta`, tool progress, and other updates.
122- **Finish the turn**: The server emits `turn/completed` with final status when the model finishes or after a `turn/interrupt` cancellation.120- **Finish the turn**: The server emits `turn/completed` with final status when the model finishes or after a `turn/interrupt` cancellation.
123 121
124## Initialization122## Initialization
203- `thread/start` - create a new thread; emits `thread/started` and automatically subscribes you to turn/item events for that thread.201- `thread/start` - create a new thread; emits `thread/started` and automatically subscribes you to turn/item events for that thread.
204- `thread/resume` - reopen an existing thread by id so later `turn/start` calls append to it.202- `thread/resume` - reopen an existing thread by id so later `turn/start` calls append to it.
205- `thread/fork` - fork a thread into a new thread id by copying stored history; emits `thread/started` for the new thread.203- `thread/fork` - fork a thread into a new thread id by copying stored history; emits `thread/started` for the new thread.
206- `thread/read` - read a stored thread by id without resuming it; set `includeTurns` to return full turn history.204- `thread/read` - read a stored thread by id without resuming it; set `includeTurns` to return full turn history. Returned `thread` objects include runtime `status`.
207- `thread/list` - page through stored thread logs; supports cursor-based pagination plus `modelProviders`, `sourceKinds`, `archived`, and `cwd` filters.205- `thread/list` - page through stored thread logs; supports cursor-based pagination plus `modelProviders`, `sourceKinds`, `archived`, and `cwd` filters. Returned `thread` objects include runtime `status`.
208- `thread/loaded/list` - list the thread ids currently loaded in memory.206- `thread/loaded/list` - list the thread ids currently loaded in memory.
209- `thread/archive` - move a thread’s log file into the archived directory; returns `{}` on success.207- `thread/archive` - move a thread's log file into the archived directory; returns `{}` on success and emits `thread/archived`.
210- `thread/unarchive` - restore an archived thread rollout back into the active sessions directory; returns the restored `thread`.208- `thread/unsubscribe` - unsubscribe this connection from thread turn/item events. If this was the last subscriber, the server unloads the thread and emits `thread/closed`.
209- `thread/unarchive` - restore an archived thread rollout back into the active sessions directory; returns the restored `thread` and emits `thread/unarchived`.
210- `thread/status/changed` - notification emitted when a loaded thread's runtime `status` changes.
211- `thread/compact/start` - trigger conversation history compaction for a thread; returns `{}` immediately while progress streams via `turn/*` and `item/*` notifications.211- `thread/compact/start` - trigger conversation history compaction for a thread; returns `{}` immediately while progress streams via `turn/*` and `item/*` notifications.
212- `thread/rollback` - drop the last N turns from the in-memory context and persist a rollback marker; returns the updated `thread`.212- `thread/rollback` - drop the last N turns from the in-memory context and persist a rollback marker; returns the updated `thread`.
213- `turn/start` - add user input to a thread and begin Codex generation; responds with the initial `turn` and streams events. For `collaborationMode`, `settings.developer_instructions: null` means "use built-in instructions for the selected mode."213- `turn/start` - add user input to a thread and begin Codex generation; responds with the initial `turn` and streams events. For `collaborationMode`, `settings.developer_instructions: null` means "use built-in instructions for the selected mode."
225- `tool/requestUserInput` - prompt the user with 1-3 short questions for a tool call (experimental); questions can set `isOther` for a free-form option.225- `tool/requestUserInput` - prompt the user with 1-3 short questions for a tool call (experimental); questions can set `isOther` for a free-form option.
226- `config/mcpServer/reload` - reload MCP server configuration from disk and queue a refresh for loaded threads.226- `config/mcpServer/reload` - reload MCP server configuration from disk and queue a refresh for loaded threads.
227- `mcpServerStatus/list` - list MCP servers, tools, resources, and auth status (cursor + limit pagination).227- `mcpServerStatus/list` - list MCP servers, tools, resources, and auth status (cursor + limit pagination).
228- `feedback/upload` - submit a feedback report (classification + optional reason/logs + conversation id).228- `windowsSandbox/setupStart` - start Windows sandbox setup for `elevated` or `unelevated` mode; returns quickly and later emits `windowsSandbox/setupCompleted`.
229- `feedback/upload` - submit a feedback report (classification + optional reason/logs + conversation id, plus optional `extraLogFiles` attachments).
229- `config/read` - fetch the effective configuration on disk after resolving configuration layering.230- `config/read` - fetch the effective configuration on disk after resolving configuration layering.
231- `externalAgentConfig/detect` - detect migratable external-agent artifacts with `includeHome` and optional `cwds`; each detected item includes `cwd` (`null` for home).
232- `externalAgentConfig/import` - apply selected external-agent migration items by passing explicit `migrationItems` with `cwd` (`null` for home).
230- `config/value/write` - write a single configuration key/value to the user's `config.toml` on disk.233- `config/value/write` - write a single configuration key/value to the user's `config.toml` on disk.
231- `config/batchWrite` - apply configuration edits atomically to the user's `config.toml` on disk.234- `config/batchWrite` - apply configuration edits atomically to the user's `config.toml` on disk.
232- `configRequirements/read` - fetch requirements from `requirements.toml` and/or MDM, including allow-lists and residency requirements (or `null` if you haven’t set any up).235- `configRequirements/read` - fetch requirements from `requirements.toml` and/or MDM, including allow-lists and residency requirements (or `null` if you haven’t set any up).
301- `thread/list` supports cursor pagination plus `modelProviders`, `sourceKinds`, `archived`, and `cwd` filtering.304- `thread/list` supports cursor pagination plus `modelProviders`, `sourceKinds`, `archived`, and `cwd` filtering.
302- `thread/loaded/list` returns the thread IDs currently in memory.305- `thread/loaded/list` returns the thread IDs currently in memory.
303- `thread/archive` moves the thread's persisted JSONL log into the archived directory.306- `thread/archive` moves the thread's persisted JSONL log into the archived directory.
307- `thread/unsubscribe` unsubscribes the current connection from a loaded thread and can trigger `thread/closed`.
304- `thread/unarchive` restores an archived thread rollout back into the active sessions directory.308- `thread/unarchive` restores an archived thread rollout back into the active sessions directory.
305- `thread/compact/start` triggers compaction and returns `{}` immediately.309- `thread/compact/start` triggers compaction and returns `{}` immediately.
306- `thread/rollback` drops the last N turns from the in-memory context and records a rollback marker in the thread's persisted JSONL log.310- `thread/rollback` drops the last N turns from the in-memory context and records a rollback marker in the thread's persisted JSONL log.
315 "cwd": "/Users/me/project",319 "cwd": "/Users/me/project",
316 "approvalPolicy": "never",320 "approvalPolicy": "never",
317 "sandbox": "workspaceWrite",321 "sandbox": "workspaceWrite",
318 "personality": "friendly"322 "personality": "friendly",
323 "serviceName": "my_app_server_client"
319} }324} }
320{ "id": 10, "result": {325{ "id": 10, "result": {
321 "thread": {326 "thread": {
322 "id": "thr_123",327 "id": "thr_123",
323 "preview": "",328 "preview": "",
329 "ephemeral": false,
324 "modelProvider": "openai",330 "modelProvider": "openai",
325 "createdAt": 1730910000331 "createdAt": 1730910000
326 }332 }
328{ "method": "thread/started", "params": { "thread": { "id": "thr_123" } } }334{ "method": "thread/started", "params": { "thread": { "id": "thr_123" } } }
329```335```
330 336
337`serviceName` is optional. Set it when you want app-server to tag thread-level metrics with your integration's service name.
338
331To continue a stored session, call `thread/resume` with the `thread.id` you recorded earlier. The response shape matches `thread/start`. You can also pass the same configuration overrides supported by `thread/start`, such as `personality`:339To continue a stored session, call `thread/resume` with the `thread.id` you recorded earlier. The response shape matches `thread/start`. You can also pass the same configuration overrides supported by `thread/start`, such as `personality`:
332 340
333```json341```json
335 "threadId": "thr_123",343 "threadId": "thr_123",
336 "personality": "friendly"344 "personality": "friendly"
337} }345} }
338{ "id": 11, "result": { "thread": { "id": "thr_123" } } }346{ "id": 11, "result": { "thread": { "id": "thr_123", "name": "Bug bash notes", "ephemeral": false } } }
339```347```
340 348
341Resuming a thread doesn't update `thread.updatedAt` (or the rollout file's modified time) by itself. The timestamp updates when you start a turn.349Resuming a thread doesn't update `thread.updatedAt` (or the rollout file's modified time) by itself. The timestamp updates when you start a turn.
354{ "method": "thread/started", "params": { "thread": { "id": "thr_456" } } }362{ "method": "thread/started", "params": { "thread": { "id": "thr_456" } } }
355```363```
356 364
365When a user-facing thread title has been set, app-server hydrates `thread.name` on `thread/list`, `thread/read`, `thread/resume`, `thread/unarchive`, and `thread/rollback` responses. `thread/start` and `thread/fork` may omit `name` (or return `null`) until a title is set later.
366
357### Read a stored thread (without resuming)367### Read a stored thread (without resuming)
358 368
359Use `thread/read` when you want stored thread data but don't want to resume the thread or subscribe to its events.369Use `thread/read` when you want stored thread data but don't want to resume the thread or subscribe to its events.
360 370
361- `includeTurns` - when `true`, the response includes the thread's turns; when `false` or omitted, you get the thread summary only.371- `includeTurns` - when `true`, the response includes the thread's turns; when `false` or omitted, you get the thread summary only.
372- Returned `thread` objects include runtime `status` (`notLoaded`, `idle`, `systemError`, or `active` with `activeFlags`).
362 373
363```json374```json
364{ "method": "thread/read", "id": 19, "params": { "threadId": "thr_123", "includeTurns": true } }375{ "method": "thread/read", "id": 19, "params": { "threadId": "thr_123", "includeTurns": true } }
365{ "id": 19, "result": { "thread": { "id": "thr_123", "turns": [] } } }376{ "id": 19, "result": { "thread": { "id": "thr_123", "name": "Bug bash notes", "ephemeral": false, "status": { "type": "notLoaded" }, "turns": [] } } }
366```377```
367 378
368Unlike `thread/resume`, `thread/read` doesn't load the thread into memory or emit `thread/started`.379Unlike `thread/resume`, `thread/read` doesn't load the thread into memory or emit `thread/started`.
402} }413} }
403{ "id": 20, "result": {414{ "id": 20, "result": {
404 "data": [415 "data": [
405 { "id": "thr_a", "preview": "Create a TUI", "modelProvider": "openai", "createdAt": 1730831111, "updatedAt": 1730831111 },416 { "id": "thr_a", "preview": "Create a TUI", "ephemeral": false, "modelProvider": "openai", "createdAt": 1730831111, "updatedAt": 1730831111, "name": "TUI prototype", "status": { "type": "notLoaded" } },
406 { "id": "thr_b", "preview": "Fix tests", "modelProvider": "openai", "createdAt": 1730750000, "updatedAt": 1730750000 }417 { "id": "thr_b", "preview": "Fix tests", "ephemeral": true, "modelProvider": "openai", "createdAt": 1730750000, "updatedAt": 1730750000, "status": { "type": "notLoaded" } }
407 ],418 ],
408 "nextCursor": "opaque-token-or-null"419 "nextCursor": "opaque-token-or-null"
409} }420} }
411 422
412When `nextCursor` is `null`, you have reached the final page.423When `nextCursor` is `null`, you have reached the final page.
413 424
425### Track thread status changes
426
427`thread/status/changed` is emitted whenever a loaded thread's runtime status changes. The payload includes `threadId` and the new `status`.
428
429```json
430{
431 "method": "thread/status/changed",
432 "params": {
433 "threadId": "thr_123",
434 "status": { "type": "active", "activeFlags": ["waitingOnApproval"] }
435 }
436}
437```
438
414### List loaded threads439### List loaded threads
415 440
416`thread/loaded/list` returns thread IDs currently loaded in memory.441`thread/loaded/list` returns thread IDs currently loaded in memory.
420{ "id": 21, "result": { "data": ["thr_123", "thr_456"] } }445{ "id": 21, "result": { "data": ["thr_123", "thr_456"] } }
421```446```
422 447
448### Unsubscribe from a loaded thread
449
450`thread/unsubscribe` removes the current connection's subscription to a thread. The response status is one of:
451
452- `unsubscribed` when the connection was subscribed and is now removed.
453- `notSubscribed` when the connection was not subscribed to that thread.
454- `notLoaded` when the thread is not loaded.
455
456If this was the last subscriber, the server unloads the thread and emits a `thread/status/changed` transition to `notLoaded` plus `thread/closed`.
457
458```json
459{ "method": "thread/unsubscribe", "id": 22, "params": { "threadId": "thr_123" } }
460{ "id": 22, "result": { "status": "unsubscribed" } }
461{ "method": "thread/status/changed", "params": {
462 "threadId": "thr_123",
463 "status": { "type": "notLoaded" }
464} }
465{ "method": "thread/closed", "params": { "threadId": "thr_123" } }
466```
467
423### Archive a thread468### Archive a thread
424 469
425Use `thread/archive` to move the persisted thread log (stored as a JSONL file on disk) into the archived sessions directory.470Use `thread/archive` to move the persisted thread log (stored as a JSONL file on disk) into the archived sessions directory.
427```json472```json
428{ "method": "thread/archive", "id": 22, "params": { "threadId": "thr_b" } }473{ "method": "thread/archive", "id": 22, "params": { "threadId": "thr_b" } }
429{ "id": 22, "result": {} }474{ "id": 22, "result": {} }
475{ "method": "thread/archived", "params": { "threadId": "thr_b" } }
430```476```
431 477
432Archived threads won't appear in future calls to `thread/list` unless you pass `archived: true`.478Archived threads won't appear in future calls to `thread/list` unless you pass `archived: true`.
437 483
438```json484```json
439{ "method": "thread/unarchive", "id": 24, "params": { "threadId": "thr_b" } }485{ "method": "thread/unarchive", "id": 24, "params": { "threadId": "thr_b" } }
440{ "id": 24, "result": { "thread": { "id": "thr_b" } } }486{ "id": 24, "result": { "thread": { "id": "thr_b", "name": "Bug bash notes" } } }
487{ "method": "thread/unarchived", "params": { "threadId": "thr_b" } }
441```488```
442 489
443### Trigger thread compaction490### Trigger thread compaction
451{ "id": 25, "result": {} }498{ "id": 25, "result": {} }
452```499```
453 500
501### Roll back recent turns
502
503Use `thread/rollback` to remove the last `numTurns` entries from the in-memory context and persist a rollback marker in the rollout log. The returned `thread` includes `turns` populated after the rollback.
504
505```json
506{ "method": "thread/rollback", "id": 26, "params": { "threadId": "thr_b", "numTurns": 1 } }
507{ "id": 26, "result": { "thread": { "id": "thr_b", "name": "Bug bash notes", "ephemeral": false } } }
508```
509
454## Turns510## Turns
455 511
456The `input` field accepts a list of items:512The `input` field accepts a list of items:
480}536}
481```537```
482 538
539On macOS, `includePlatformDefaults: true` appends a curated platform-default Seatbelt policy for restricted-read sessions. This improves tool compatibility without broadly allowing all of `/System`.
540
483Examples:541Examples:
484 542
485```json543```json
656- `sandboxPolicy` accepts the same shape used by `turn/start` (for example, `dangerFullAccess`, `readOnly`, `workspaceWrite`, `externalSandbox`).714- `sandboxPolicy` accepts the same shape used by `turn/start` (for example, `dangerFullAccess`, `readOnly`, `workspaceWrite`, `externalSandbox`).
657- When omitted, `timeoutMs` falls back to the server default.715- When omitted, `timeoutMs` falls back to the server default.
658 716
717### Read admin requirements (`configRequirements/read`)
718
719Use `configRequirements/read` to inspect the effective admin requirements loaded from `requirements.toml` and/or MDM.
720
721```json
722{ "method": "configRequirements/read", "id": 52, "params": {} }
723{ "id": 52, "result": {
724 "requirements": {
725 "allowedApprovalPolicies": ["onRequest", "unlessTrusted"],
726 "allowedSandboxModes": ["readOnly", "workspaceWrite"],
727 "network": {
728 "enabled": true,
729 "allowedDomains": ["api.openai.com"],
730 "allowUnixSockets": ["/tmp/example.sock"],
731 "dangerouslyAllowAllUnixSockets": false
732 }
733 }
734} }
735```
736
737`result.requirements` is `null` when no requirements are configured. When present, the optional `network` object carries managed proxy constraints (domain rules, proxy settings, and unix-socket policy).
738
739### Windows sandbox setup (`windowsSandbox/setupStart`)
740
741Custom Windows clients can trigger sandbox setup asynchronously instead of blocking on startup checks.
742
743```json
744{ "method": "windowsSandbox/setupStart", "id": 53, "params": { "mode": "elevated" } }
745{ "id": 53, "result": { "started": true } }
746```
747
748App-server starts setup in the background and later emits a completion notification:
749
750```json
751{
752 "method": "windowsSandbox/setupCompleted",
753 "params": { "mode": "elevated", "success": true, "error": null }
754}
755```
756
757Modes:
758
759- `elevated` - run the elevated Windows sandbox setup path.
760- `unelevated` - run the legacy setup/preflight path.
761
659## Events762## Events
660 763
661Event notifications are the server-initiated stream for thread lifecycles, turn lifecycles, and the items within them. After you start or resume a thread, keep reading the active transport stream for `thread/started`, `turn/*`, and `item/*` notifications.764Event notifications are the server-initiated stream for thread lifecycles, turn lifecycles, and the items within them. After you start or resume a thread, keep reading the active transport stream for `thread/started`, `thread/archived`, `thread/unarchived`, `thread/closed`, `thread/status/changed`, `turn/*`, `item/*`, and `serverRequest/resolved` notifications.
662 765
663### Notification opt-out766### Notification opt-out
664 767
676- `fuzzyFileSearch/sessionUpdated` - `{ sessionId, query, files }` with the current matches for the active query.779- `fuzzyFileSearch/sessionUpdated` - `{ sessionId, query, files }` with the current matches for the active query.
677- `fuzzyFileSearch/sessionCompleted` - `{ sessionId }` once indexing and matching for that query completes.780- `fuzzyFileSearch/sessionCompleted` - `{ sessionId }` once indexing and matching for that query completes.
678 781
782### Windows sandbox setup events
783
784- `windowsSandbox/setupCompleted` - `{ mode, success, error }` emitted after a `windowsSandbox/setupStart` request finishes.
785
679### Turn events786### Turn events
680 787
681- `turn/started` - `{ turn }` with the turn id, empty `items`, and `status: "inProgress"`.788- `turn/started` - `{ turn }` with the turn id, empty `items`, and `status: "inProgress"`.
691`ThreadItem` is the tagged union carried in turn responses and `item/*` notifications. Common item types include:798`ThreadItem` is the tagged union carried in turn responses and `item/*` notifications. Common item types include:
692 799
693- `userMessage` - `{id, content}` where `content` is a list of user inputs (`text`, `image`, or `localImage`).800- `userMessage` - `{id, content}` where `content` is a list of user inputs (`text`, `image`, or `localImage`).
694- `agentMessage` - `{id, text}` containing the accumulated agent reply.801- `agentMessage` - `{id, text, phase?}` containing the accumulated agent reply. When present, `phase` uses Responses API wire values (`commentary`, `final_answer`).
695- `plan` - `{id, text}` containing proposed plan text in plan mode. Treat the final `plan` item from `item/completed` as authoritative.802- `plan` - `{id, text}` containing proposed plan text in plan mode. Treat the final `plan` item from `item/completed` as authoritative.
696- `reasoning` - `{id, summary, content}` where `summary` holds streamed reasoning summaries and `content` holds raw reasoning blocks.803- `reasoning` - `{id, summary, content}` where `summary` holds streamed reasoning summaries and `content` holds raw reasoning blocks.
697- `commandExecution` - `{id, command, cwd, status, commandActions, aggregatedOutput?, exitCode?, durationMs?}`.804- `commandExecution` - `{id, command, cwd, status, commandActions, aggregatedOutput?, exitCode?, durationMs?}`.
698- `fileChange` - `{id, changes, status}` describing proposed edits; `changes` list `{path, kind, diff}`.805- `fileChange` - `{id, changes, status}` describing proposed edits; `changes` list `{path, kind, diff}`.
699- `mcpToolCall` - `{id, server, tool, status, arguments, result?, error?}`.806- `mcpToolCall` - `{id, server, tool, status, arguments, result?, error?}`.
807- `dynamicToolCall` - `{id, tool, arguments, status, contentItems?, success?, durationMs?}` for client-executed dynamic tool invocations.
700- `collabToolCall` - `{id, tool, status, senderThreadId, receiverThreadId?, newThreadId?, prompt?, agentStatus?}`.808- `collabToolCall` - `{id, tool, status, senderThreadId, receiverThreadId?, newThreadId?, prompt?, agentStatus?}`.
701- `webSearch` - `{id, query, action?}` for web search requests issued by the agent.809- `webSearch` - `{id, query, action?}` for web search requests issued by the agent.
702- `imageView` - `{id, path}` emitted when the agent invokes the image viewer tool.810- `imageView` - `{id, path}` emitted when the agent invokes the image viewer tool.
753Order of messages:861Order of messages:
754 862
7551. `item/started` shows the pending `commandExecution` item with `command`, `cwd`, and other fields.8631. `item/started` shows the pending `commandExecution` item with `command`, `cwd`, and other fields.
7562. `item/commandExecution/requestApproval` includes `itemId`, `threadId`, `turnId`, optional `reason`, optional `command`, optional `cwd`, optional `commandActions`, and optional `proposedExecpolicyAmendment`.8642. `item/commandExecution/requestApproval` includes `itemId`, `threadId`, `turnId`, optional `reason`, optional `command`, optional `cwd`, optional `commandActions`, optional `proposedExecpolicyAmendment`, optional `networkApprovalContext`, and optional `availableDecisions`. When `initialize.params.capabilities.experimentalApi = true`, the payload can also include experimental `additionalPermissions` describing requested per-command sandbox access. Any filesystem paths inside `additionalPermissions` are absolute on the wire.
7573. Client responds with one of the command execution approval decisions above.8653. Client responds with one of the command execution approval decisions above.
7584. `item/completed` returns the final `commandExecution` item with `status: completed | failed | declined`.8664. `serverRequest/resolved` confirms that the pending request has been answered or cleared.
8675. `item/completed` returns the final `commandExecution` item with `status: completed | failed | declined`.
868
869When `networkApprovalContext` is present, the prompt is for managed network access (not a general shell-command approval). The current v2 schema exposes the target `host` and `protocol`; clients should render a network-specific prompt and not rely on `command` being a user-meaningful shell command preview.
870
871Codex deduplicates concurrent network approval prompts by destination (`host`, protocol, and port). The app-server may therefore send one prompt that unblocks multiple queued requests to the same destination, while different ports on the same host are treated separately.
759 872
760### File change approvals873### File change approvals
761 874
7641. `item/started` emits a `fileChange` item with proposed `changes` and `status: "inProgress"`.8771. `item/started` emits a `fileChange` item with proposed `changes` and `status: "inProgress"`.
7652. `item/fileChange/requestApproval` includes `itemId`, `threadId`, `turnId`, optional `reason`, and optional `grantRoot`.8782. `item/fileChange/requestApproval` includes `itemId`, `threadId`, `turnId`, optional `reason`, and optional `grantRoot`.
7663. Client responds with one of the file change approval decisions above.8793. Client responds with one of the file change approval decisions above.
7674. `item/completed` returns the final `fileChange` item with `status: completed | failed | declined`.8804. `serverRequest/resolved` confirms that the pending request has been answered or cleared.
8815. `item/completed` returns the final `fileChange` item with `status: completed | failed | declined`.
882
883### `tool/requestUserInput`
884
885When the client responds to `item/tool/requestUserInput`, app-server emits `serverRequest/resolved` with `{ threadId, requestId }`. If the pending request is cleared by turn start, turn completion, or turn interruption before the client answers, the server emits the same notification for that cleanup.
886
887### Dynamic tool calls (experimental)
888
889`dynamicTools` on `thread/start` and the corresponding `item/tool/call` request or response flow are experimental APIs.
890
891When a dynamic tool is invoked during a turn, app-server emits:
892
8931. `item/started` with `item.type = "dynamicToolCall"`, `status = "inProgress"`, plus `tool` and `arguments`.
8942. `item/tool/call` as a server request to the client.
8953. The client response payload with returned content items.
8964. `item/completed` with `item.type = "dynamicToolCall"`, the final `status`, and any returned `contentItems` or `success` value.
768 897
769### MCP tool-call approvals (apps)898### MCP tool-call approvals (apps)
770 899
771App (connector) tool calls can also require approval. When an app tool call has side effects, the server may elicit approval with `tool/requestUserInput` and options such as **Accept**, **Decline**, and **Cancel**. If the user declines or cancels, the related `mcpToolCall` item completes with an error instead of running the tool.900App (connector) tool calls can also require approval. When an app tool call has side effects, the server may elicit approval with `tool/requestUserInput` and options such as **Accept**, **Decline**, and **Cancel**. Destructive tool annotations always trigger approval even when the tool also advertises less-privileged hints. If the user declines or cancels, the related `mcpToolCall` item completes with an error instead of running the tool.
772 901
773## Skills902## Skills
774 903
865 994
866## Apps (connectors)995## Apps (connectors)
867 996
868Use `app/list` to fetch available apps. In the CLI/TUI, `/apps` is the user-facing picker; in custom clients, call `app/list` directly. Each entry includes both `isAccessible` (available to the user) and `isEnabled` (enabled in `config.toml`) so clients can distinguish install/access from local enabled state.997Use `app/list` to fetch available apps. In the CLI/TUI, `/apps` is the user-facing picker; in custom clients, call `app/list` directly. Each entry includes both `isAccessible` (available to the user) and `isEnabled` (enabled in `config.toml`) so clients can distinguish install/access from local enabled state. App entries can also include optional `branding`, `appMetadata`, and `labels` fields.
869 998
870```json999```json
871{ "method": "app/list", "id": 50, "params": {1000{ "method": "app/list", "id": 50, "params": {
881 "name": "Demo App",1010 "name": "Demo App",
882 "description": "Example connector for documentation.",1011 "description": "Example connector for documentation.",
883 "logoUrl": "https://example.com/demo-app.png",1012 "logoUrl": "https://example.com/demo-app.png",
1013 "logoUrlDark": null,
1014 "distributionChannel": null,
1015 "branding": null,
1016 "appMetadata": null,
1017 "labels": null,
884 "installUrl": "https://chatgpt.com/apps/demo-app/demo-app",1018 "installUrl": "https://chatgpt.com/apps/demo-app/demo-app",
885 "isAccessible": true,1019 "isAccessible": true,
886 "isEnabled": true1020 "isEnabled": true
906 "name": "Demo App",1040 "name": "Demo App",
907 "description": "Example connector for documentation.",1041 "description": "Example connector for documentation.",
908 "logoUrl": "https://example.com/demo-app.png",1042 "logoUrl": "https://example.com/demo-app.png",
1043 "logoUrlDark": null,
1044 "distributionChannel": null,
1045 "branding": null,
1046 "appMetadata": null,
1047 "labels": null,
909 "installUrl": "https://chatgpt.com/apps/demo-app/demo-app",1048 "installUrl": "https://chatgpt.com/apps/demo-app/demo-app",
910 "isAccessible": true,1049 "isAccessible": true,
911 "isEnabled": true1050 "isEnabled": true
938}1077}
939```1078```
940 1079
1080### Config RPC examples for app settings
1081
1082Use `config/read`, `config/value/write`, and `config/batchWrite` to inspect or update app controls in `config.toml`.
1083
1084Read the effective app config shape (including `_default` and per-tool overrides):
1085
1086```json
1087{ "method": "config/read", "id": 60, "params": { "includeLayers": false } }
1088{ "id": 60, "result": {
1089 "config": {
1090 "apps": {
1091 "_default": {
1092 "enabled": true,
1093 "destructive_enabled": true,
1094 "open_world_enabled": true
1095 },
1096 "google_drive": {
1097 "enabled": true,
1098 "destructive_enabled": false,
1099 "default_tools_approval_mode": "prompt",
1100 "tools": {
1101 "files/delete": { "enabled": false, "approval_mode": "approve" }
1102 }
1103 }
1104 }
1105 }
1106} }
1107```
1108
1109Update a single app setting:
1110
1111```json
1112{
1113 "method": "config/value/write",
1114 "id": 61,
1115 "params": {
1116 "keyPath": "apps.google_drive.default_tools_approval_mode",
1117 "value": "prompt",
1118 "mergeStrategy": "replace"
1119 }
1120}
1121```
1122
1123Apply multiple app edits atomically:
1124
1125```json
1126{
1127 "method": "config/batchWrite",
1128 "id": 62,
1129 "params": {
1130 "edits": [
1131 {
1132 "keyPath": "apps._default.destructive_enabled",
1133 "value": false,
1134 "mergeStrategy": "upsert"
1135 },
1136 {
1137 "keyPath": "apps.google_drive.tools.files/delete.approval_mode",
1138 "value": "approve",
1139 "mergeStrategy": "upsert"
1140 }
1141 ]
1142 }
1143}
1144```
1145
1146### Detect and import external agent config
1147
1148Use `externalAgentConfig/detect` to discover migratable external-agent artifacts, then pass the selected entries to `externalAgentConfig/import`.
1149
1150Detection example:
1151
1152```json
1153{ "method": "externalAgentConfig/detect", "id": 63, "params": {
1154 "includeHome": true,
1155 "cwds": ["/Users/me/project"]
1156} }
1157{ "id": 63, "result": {
1158 "items": [
1159 {
1160 "itemType": "AGENTS_MD",
1161 "description": "Import /Users/me/project/CLAUDE.md to /Users/me/project/AGENTS.md.",
1162 "cwd": "/Users/me/project"
1163 },
1164 {
1165 "itemType": "SKILLS",
1166 "description": "Copy skill folders from /Users/me/.claude/skills to /Users/me/.agents/skills.",
1167 "cwd": null
1168 }
1169 ]
1170} }
1171```
1172
1173Import example:
1174
1175```json
1176{ "method": "externalAgentConfig/import", "id": 64, "params": {
1177 "migrationItems": [
1178 {
1179 "itemType": "AGENTS_MD",
1180 "description": "Import /Users/me/project/CLAUDE.md to /Users/me/project/AGENTS.md.",
1181 "cwd": "/Users/me/project"
1182 }
1183 ]
1184} }
1185{ "id": 64, "result": {} }
1186```
1187
1188Supported `itemType` values are `AGENTS_MD`, `CONFIG`, `SKILLS`, and `MCP_SERVER_CONFIG`. Detection returns only items that still have work to do. For example, AGENTS migration is skipped when `AGENTS.md` already exists and is non-empty, and skill imports do not overwrite existing skill directories.
1189
941## Auth endpoints1190## Auth endpoints
942 1191
943The JSON-RPC auth/account surface exposes request/response methods plus server-initiated notifications (no `id`). Use these to determine auth state, start or cancel logins, logout, and inspect ChatGPT rate limits.1192The JSON-RPC auth/account surface exposes request/response methods plus server-initiated notifications (no `id`). Use these to determine auth state, start or cancel logins, logout, and inspect ChatGPT rate limits.
