OpenAI - Codex Docs Changes 2026-04-13 00:44 UTC → 2026-04-21 06:45 UTC

9By default, the agent runs with network access turned off. Locally, Codex uses an OS-enforced sandbox that limits what it can touch (typically to the current workspace), plus an approval policy that controls when it must stop and ask you before acting.9By default, the agent runs with network access turned off. Locally, Codex uses an OS-enforced sandbox that limits what it can touch (typically to the current workspace), plus an approval policy that controls when it must stop and ask you before acting.

10 10 

11For a high-level explanation of how sandboxing works across the Codex app, IDE11For a high-level explanation of how sandboxing works across the Codex app, IDE

12extension, and CLI, see [Sandboxing](https://developers.openai.com/codex/concepts/sandboxing).12extension, and CLI, see [sandboxing](https://developers.openai.com/codex/concepts/sandboxing).

13For a broader enterprise security overview, see the [Codex security white paper](https://trust.openai.com/?itemUid=382f924d-54f3-43a8-a9df-c39e6c959958&source=click).13For a broader enterprise security overview, see the [Codex security white paper](https://trust.openai.com/?itemUid=382f924d-54f3-43a8-a9df-c39e6c959958&source=click).

14 14 

15## Sandbox and approvals15## Sandbox and approvals

81 81 

82If you need Codex to read files, make edits, and run commands with network access without approval prompts, use `--sandbox danger-full-access` (or the `--dangerously-bypass-approvals-and-sandbox` flag). Use caution before doing so.82If you need Codex to read files, make edits, and run commands with network access without approval prompts, use `--sandbox danger-full-access` (or the `--dangerously-bypass-approvals-and-sandbox` flag). Use caution before doing so.

83 83 

84For a middle ground, `approval_policy = { granular = { ... } }` lets you keep specific approval prompt categories interactive while automatically rejecting others. The granular policy covers sandbox approvals, execpolicy-rule prompts, MCP elicitations, `request_permissions` prompts, and skill-script approvals.84For a middle ground, `approval_policy = { granular = { ... } }` lets you keep specific approval prompt categories interactive while automatically rejecting others. The granular policy covers sandbox approvals, execpolicy-rule prompts, MCP prompts, `request_permissions` prompts, and skill-script approvals.

85 

86Set `approvals_reviewer = "guardian_subagent"` to route eligible approval reviews through the Guardian reviewer subagent instead of prompting the user directly. Admin requirements can constrain this with `allowed_approvals_reviewers`.

85 87 

86### Common sandbox and approval combinations88### Common sandbox and approval combinations

87 89 

151Codex enforces the sandbox differently depending on your OS:153Codex enforces the sandbox differently depending on your OS:

152 154 

153- **macOS** uses Seatbelt policies and runs commands using `sandbox-exec` with a profile (`-p`) that corresponds to the `--sandbox` mode you selected. When restricted read access enables platform defaults, Codex appends a curated macOS platform policy (instead of broadly allowing `/System`) to preserve common tool compatibility.155- **macOS** uses Seatbelt policies and runs commands using `sandbox-exec` with a profile (`-p`) that corresponds to the `--sandbox` mode you selected. When restricted read access enables platform defaults, Codex appends a curated macOS platform policy (instead of broadly allowing `/System`) to preserve common tool compatibility.

154- **Linux** uses the bubblewrap pipeline plus `seccomp` by default. `use_legacy_landlock` is available when you need the older path. In managed proxy mode, the default bubblewrap pipeline routes egress through a proxy-only bridge and fails closed if it cannot build valid loopback proxy routes.156- **Linux** uses `bwrap` plus `seccomp` by default.

155- **Windows** uses the Linux sandbox implementation when running in [Windows Subsystem for Linux 2 (WSL2)](https://developers.openai.com/codex/windows#windows-subsystem-for-linux). WSL1 was supported through Codex `0.114`; starting in `0.115`, the Linux sandbox moved to `bubblewrap`, so WSL1 is no longer supported. When running natively on Windows, Codex uses a [Windows sandbox](https://developers.openai.com/codex/windows#windows-sandbox) implementation.157- **Windows** uses the Linux sandbox implementation when running in [Windows Subsystem for Linux 2 (WSL2)](https://developers.openai.com/codex/windows#windows-subsystem-for-linux). WSL1 was supported through Codex `0.114`; starting in `0.115`, the Linux sandbox moved to `bwrap`, so WSL1 is no longer supported. When running natively on Windows, Codex uses a [Windows sandbox](https://developers.openai.com/codex/windows#windows-sandbox) implementation.

156 158 

157If you use the Codex IDE extension on Windows, it supports WSL2 directly. Set the following in your VS Code settings to keep the agent inside WSL2 whenever it's available:159If you use the Codex IDE extension on Windows, it supports WSL2 directly. Set the following in your VS Code settings to keep the agent inside WSL2 whenever it's available:

158 160 

174 176 

175See the [Windows setup guide](https://developers.openai.com/codex/windows#windows-sandbox) for details.177See the [Windows setup guide](https://developers.openai.com/codex/windows#windows-sandbox) for details.

176 178 

177When you run Linux in a containerized environment such as Docker, the sandbox may not work if the host or container configuration doesn’t support the required `Landlock` and `seccomp` features.179When you run Linux in a containerized environment such as Docker, the sandbox may not work if the host or container configuration blocks the namespace, setuid `bwrap`, or `seccomp` operations that Codex needs.

178 180 

179In that case, configure your Docker container to provide the isolation you need, then run `codex` with `--sandbox danger-full-access` (or the `--dangerously-bypass-approvals-and-sandbox` flag) inside the container.181In that case, configure your Docker container to provide the isolation you need, then run `codex` with `--sandbox danger-full-access` (or the `--dangerously-bypass-approvals-and-sandbox` flag) inside the container.

180 182 

183### Run Codex in Dev Containers

184 

185If your host cannot run the Linux sandbox directly, or if your organization already standardizes on containerized development, run Codex with Dev Containers and let Docker provide the outer isolation boundary. This works with Visual Studio Code Dev Containers and compatible tools.

186 

187Use the [Codex secure devcontainer example](https://github.com/openai/codex/tree/main/.devcontainer) as a reference implementation. The example installs Codex, common development tools, `bubblewrap`, and firewall-based outbound controls.

188 

189Devcontainers provide substantial protection, but they do not prevent every

190 attack. If you run Codex with `--sandbox danger-full-access` or

191 `--dangerously-bypass-approvals-and-sandbox` inside the container, a malicious

192 project can exfiltrate anything available inside the devcontainer, including

193 Codex credentials. Use this pattern only with trusted repositories, and

194 monitor Codex activity as you would in any other elevated environment.

195 

196The reference implementation includes:

197 

198- an Ubuntu 24.04 base image with Codex and common development tools installed;

199- an allowlist-driven firewall profile for outbound access;

200- VS Code settings and extension recommendations for reopening the workspace in a container;

201- persistent mounts for command history and Codex configuration;

202- `bubblewrap`, so Codex can still use its Linux sandbox when the container grants the needed capabilities.

203 

204To try it:

205 

2061. Install Visual Studio Code and the [Dev Containers extension](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers).

2072. Copy the Codex example `.devcontainer` setup into your repository, or start from the Codex repository directly.

2083. In VS Code, run **Dev Containers: Open Folder in Container…** and select `.devcontainer/devcontainer.secure.json`.

2094. After the container starts, open a terminal and run `codex`.

210 

211You can also start the container from the CLI:

212 

213```bash

214devcontainer up --workspace-folder . --config .devcontainer/devcontainer.secure.json

215```

216 

217The example has three main pieces:

218 

219- `.devcontainer/devcontainer.secure.json` controls container settings, capabilities, mounts, environment variables, and VS Code extensions.

220- `.devcontainer/Dockerfile.secure` defines the Ubuntu-based image and installed tools.

221- `.devcontainer/init-firewall.sh` applies the outbound network policy.

222 

223The reference firewall is intentionally a starting point. If you depend on domain allowlisting for isolation, implement DNS rebinding and DNS refresh protections that fit your environment, such as TTL-aware refreshes or a DNS-aware firewall.

224 

225Inside the container, choose one of these modes:

226 

227- Keep Codex's Linux sandbox enabled if the Dev Container profile grants the capabilities needed for `bwrap` to create the inner sandbox.

228- If the container is your intended security boundary, run Codex with `--sandbox danger-full-access` inside the container so Codex does not try to create a second sandbox layer.

229 

181## Version control230## Version control

182 231 

183Codex works best with a version control workflow:232Codex works best with a version control workflow:

10 10 

11## Getting started11## Getting started

12 12 

13The Codex app is available on macOS (Apple Silicon).13The Codex app is available on macOS and Windows.

14 14 

151. Download and install the Codex app151. Download and install the Codex app

16 16 

17 Download the Codex app for Windows or macOS.17 Download the Codex app for Windows or macOS. Choose the Intel build if you’re using an Intel-based Mac.

18 18 

19 [Download for macOS](https://persistent.oaistatic.com/codex-app-prod/Codex.dmg)19 [Download for macOS (Apple Silicon)](https://persistent.oaistatic.com/codex-app-prod/Codex.dmg)[Download for macOS (Intel)](https://persistent.oaistatic.com/codex-app-prod/Codex-latest-x64.dmg)

20 

21 Need a different operating system?

22 

23 [Download for Windows](https://get.microsoft.com/installer/download/9PLM9XGG6VKS?cid=website_cta_psi)

20 24 

21 [Get notified for Linux](https://openai.com/form/codex-app/)25 [Get notified for Linux](https://openai.com/form/codex-app/)

222. Open Codex and sign in262. Open Codex and sign in

40- Build a classic Snake game in this repo.44- Build a classic Snake game in this repo.

41- Find and fix bugs in my codebase with minimal, high-confidence changes.45- Find and fix bugs in my codebase with minimal, high-confidence changes.

42 46 

43 If you need more inspiration, check out the [explore section](https://developers.openai.com/codex/explore).47 If you need more inspiration, explore [Codex use cases](https://developers.openai.com/codex/use-cases).

44 If you're new to Codex, read the [best practices guide](https://developers.openai.com/codex/learn/best-practices).48 If you're new to Codex, read the [best practices guide](https://developers.openai.com/codex/learn/best-practices).

45 49 

46---50---

49 53 

50[### Multitask across projects54[### Multitask across projects

51 55 

52Run multiple tasks in parallel and switch quickly between them.](https://developers.openai.com/codex/app/features#multitask-across-projects)[### Built-in Git tools56Run project threads side by side and switch between them quickly.](https://developers.openai.com/codex/app/features#multitask-across-projects)[### Worktrees

57 

58Keep parallel code changes isolated with built-in Git worktree support.](https://developers.openai.com/codex/app/worktrees)[### Computer use

59 

60Let Codex use macOS apps for GUI tasks, browser flows, and native app testing.](https://developers.openai.com/codex/app/computer-use)[### Review and ship changes

61 

62Inspect diffs, address PR feedback, stage files, commit, and push.](https://developers.openai.com/codex/app/review)[### Terminal and actions

53 63 

54Review diffs, comment inline, stage or revert chunks, and commit without leaving the app.](https://developers.openai.com/codex/app/features#built-in-git-tools)[### Worktrees for parallel tasks64Run commands in each thread and launch repeatable project actions.](https://developers.openai.com/codex/app/features#integrated-terminal)[### In-app browser

55 65 

56Isolate changes of multiple Codex threads using built-in Git worktree support.](https://developers.openai.com/codex/app/worktrees)[### Skills support66Open unauthenticated local or public pages and comment on rendered output.](https://developers.openai.com/codex/app/browser)[### Image generation

57 67 

58Give your Codex agent additional capabilities and reuse skills across App, CLI, and IDE Extension.](https://developers.openai.com/codex/app/features#skills-support)[### Automations68Generate or edit images in a thread while you work on the surrounding code and assets.](https://developers.openai.com/codex/app/features#image-generation)[### Automations

59 69 

60Pair skills with automations to automate recurring tasks in the background. Codex adds findings to the inbox, or automatically archives runs if there’s nothing to report.](https://developers.openai.com/codex/app/automations)[### Built-in terminal70Schedule recurring tasks, or wake up the same thread for ongoing checks.](https://developers.openai.com/codex/app/automations)[### Skills

61 71 

62Open a terminal per thread to test your changes, run dev servers, scripts, and custom commands.](https://developers.openai.com/codex/app/features#integrated-terminal)[### Local environments72Reuse instructions and workflows across the app, CLI, and IDE Extension.](https://developers.openai.com/codex/app/features#skills-support)[### Sidebar and artifacts

63 73 

64Define worktree setup scripts and common project actions for easy access.](https://developers.openai.com/codex/app/local-environments)[### Sync with the IDE extension74Follow plans, sources, task summaries, and generated file previews.](https://developers.openai.com/codex/app/features#richer-outputs-and-artifacts)[### Plugins

65 75 

66Share Auto Context and active threads across app and IDE sessions.](https://developers.openai.com/codex/app/features#sync-with-the-ide-extension)[### MCP support76Connect apps, skills, and MCP servers to extend what Codex can do.](https://developers.openai.com/codex/plugins)[### IDE Extension sync

67 77 

68Connect your Codex agent to additional services using MCP.](https://developers.openai.com/codex/app/features#mcp-support)78Share Auto Context and active threads across app and IDE sessions.](https://developers.openai.com/codex/app/features#sync-with-the-ide-extension)

69 79 

70---80---

71 81 

207- `thread/unarchive` - restore an archived thread rollout back into the active sessions directory; returns the restored `thread` and emits `thread/unarchived`.207- `thread/unarchive` - restore an archived thread rollout back into the active sessions directory; returns the restored `thread` and emits `thread/unarchived`.

208- `thread/status/changed` - notification emitted when a loaded thread's runtime `status` changes.208- `thread/status/changed` - notification emitted when a loaded thread's runtime `status` changes.

209- `thread/compact/start` - trigger conversation history compaction for a thread; returns `{}` immediately while progress streams via `turn/*` and `item/*` notifications.209- `thread/compact/start` - trigger conversation history compaction for a thread; returns `{}` immediately while progress streams via `turn/*` and `item/*` notifications.

210- `thread/shellCommand` - run a user-initiated shell command against a thread. This runs outside the sandbox with full access and doesn't inherit the thread sandbox policy.

211- `thread/backgroundTerminals/clean` - stop all running background terminals for a thread (experimental; requires `capabilities.experimentalApi`).

210- `thread/rollback` - drop the last N turns from the in-memory context and persist a rollback marker; returns the updated `thread`.212- `thread/rollback` - drop the last N turns from the in-memory context and persist a rollback marker; returns the updated `thread`.

211- `turn/start` - add user input to a thread and begin Codex generation; responds with the initial `turn` and streams events. For `collaborationMode`, `settings.developer_instructions: null` means "use built-in instructions for the selected mode."213- `turn/start` - add user input to a thread and begin Codex generation; responds with the initial `turn` and streams events. For `collaborationMode`, `settings.developer_instructions: null` means "use built-in instructions for the selected mode."

212- `turn/steer` - append user input to the active in-flight turn for a thread; returns the accepted `turnId`.214- `turn/steer` - append user input to the active in-flight turn for a thread; returns the accepted `turnId`.

213- `turn/interrupt` - request cancellation of an in-flight turn; success is `{}` and the turn ends with `status: "interrupted"`.215- `turn/interrupt` - request cancellation of an in-flight turn; success is `{}` and the turn ends with `status: "interrupted"`.

214- `review/start` - kick off the Codex reviewer for a thread; emits `enteredReviewMode` and `exitedReviewMode` items.216- `review/start` - kick off the Codex reviewer for a thread; emits `enteredReviewMode` and `exitedReviewMode` items.

215- `command/exec` - run a single command under the server sandbox without starting a thread/turn.217- `command/exec` - run a single command under the server sandbox without starting a thread/turn.

216- `command/exec/write` - write stdin bytes to a running `command/exec` session or close stdin.218- `command/exec/write` - write `stdin` bytes to a running `command/exec` session or close `stdin`.

217- `command/exec/resize` - resize a running PTY-backed `command/exec` session.219- `command/exec/resize` - resize a running PTY-backed `command/exec` session.

218- `command/exec/terminate` - terminate a running `command/exec` session.220- `command/exec/terminate` - stop a running `command/exec` session.

219- `model/list` - list available models (set `includeHidden: true` to include entries with `hidden: true`) with effort options, optional `upgrade`, and `inputModalities`.221- `model/list` - list available models (set `includeHidden: true` to include entries with `hidden: true`) with effort options, optional `upgrade`, and `inputModalities`.

220- `experimentalFeature/list` - list feature flags with lifecycle stage metadata and cursor pagination.222- `experimentalFeature/list` - list feature flags with lifecycle stage metadata and cursor pagination.

221- `collaborationMode/list` - list collaboration mode presets (experimental, no pagination).223- `collaborationMode/list` - list collaboration mode presets (experimental, no pagination).

222- `skills/list` - list skills for one or more `cwd` values (supports `forceReload` and optional `perCwdExtraUserRoots`).224- `skills/list` - list skills for one or more `cwd` values (supports `forceReload` and optional `perCwdExtraUserRoots`).

223- `plugin/list` - list discovered plugin marketplaces and plugin state, including install/auth policy metadata.225- `plugin/list` - list discovered plugin marketplaces and plugin state, including install/auth policy metadata, marketplace errors, featured plugin ids, and the development-only `forceRemoteSync` option.

224- `plugin/read` - read one plugin by marketplace path and plugin name, including bundled skills, apps, and MCP server names.226- `plugin/read` - read one plugin by marketplace path and plugin name, including bundled skills, apps, and MCP server names.

227- `plugin/install` - install a plugin from a marketplace path.

228- `plugin/uninstall` - uninstall an installed plugin.

225- `app/list` - list available apps (connectors) with pagination plus accessibility/enabled metadata.229- `app/list` - list available apps (connectors) with pagination plus accessibility/enabled metadata.

226- `skills/config/write` - enable or disable skills by path.230- `skills/config/write` - enable or disable skills by path.

227- `mcpServer/oauth/login` - start an OAuth login for a configured MCP server; returns an authorization URL and emits `mcpServer/oauthLogin/completed` on completion.231- `mcpServer/oauth/login` - start an OAuth login for a configured MCP server; returns an authorization URL and emits `mcpServer/oauthLogin/completed` on completion.

228- `tool/requestUserInput` - prompt the user with 1-3 short questions for a tool call (experimental); questions can set `isOther` for a free-form option.232- `tool/requestUserInput` - prompt the user with 1-3 short questions for a tool call (experimental); questions can set `isOther` for a free-form option.

229- `config/mcpServer/reload` - reload MCP server configuration from disk and queue a refresh for loaded threads.233- `config/mcpServer/reload` - reload MCP server configuration from disk and queue a refresh for loaded threads.

230- `mcpServerStatus/list` - list MCP servers, tools, resources, and auth status (cursor + limit pagination).234- `mcpServerStatus/list` - list MCP servers, tools, resources, and auth status (cursor + limit pagination). Use `detail: "full"` for full data or `detail: "toolsAndAuthOnly"` to omit resources.

235- `mcpServer/resource/read` - read a single MCP resource through an initialized MCP server.

231- `windowsSandbox/setupStart` - start Windows sandbox setup for `elevated` or `unelevated` mode; returns quickly and later emits `windowsSandbox/setupCompleted`.236- `windowsSandbox/setupStart` - start Windows sandbox setup for `elevated` or `unelevated` mode; returns quickly and later emits `windowsSandbox/setupCompleted`.

232- `feedback/upload` - submit a feedback report (classification + optional reason/logs + conversation id, plus optional `extraLogFiles` attachments).237- `feedback/upload` - submit a feedback report (classification + optional reason/logs + conversation id, plus optional `extraLogFiles` attachments).

233- `config/read` - fetch the effective configuration on disk after resolving configuration layering.238- `config/read` - fetch the effective configuration on disk after resolving configuration layering.

234- `externalAgentConfig/detect` - detect migratable external-agent artifacts with `includeHome` and optional `cwds`; each detected item includes `cwd` (`null` for home).239- `externalAgentConfig/detect` - detect external-agent artifacts that can be migrated with `includeHome` and optional `cwds`; each detected item includes `cwd` (`null` for home).

235- `externalAgentConfig/import` - apply selected external-agent migration items by passing explicit `migrationItems` with `cwd` (`null` for home).240- `externalAgentConfig/import` - apply selected external-agent migration items by passing explicit `migrationItems` with `cwd` (`null` for home).

236- `config/value/write` - write a single configuration key/value to the user's `config.toml` on disk.241- `config/value/write` - write a single configuration key/value to the user's `config.toml` on disk.

237- `config/batchWrite` - apply configuration edits atomically to the user's `config.toml` on disk.242- `config/batchWrite` - apply configuration edits atomically to the user's `config.toml` on disk.

454`thread/unsubscribe` removes the current connection's subscription to a thread. The response status is one of:459`thread/unsubscribe` removes the current connection's subscription to a thread. The response status is one of:

455 460 

456- `unsubscribed` when the connection was subscribed and is now removed.461- `unsubscribed` when the connection was subscribed and is now removed.

457- `notSubscribed` when the connection was not subscribed to that thread.462- `notSubscribed` when the connection wasn't subscribed to that thread.

458- `notLoaded` when the thread is not loaded.463- `notLoaded` when the thread isn't loaded.

459 464 

460If this was the last subscriber, the server unloads the thread and emits a `thread/status/changed` transition to `notLoaded` plus `thread/closed`.465If this was the last subscriber, the server unloads the thread and emits a `thread/status/changed` transition to `notLoaded` plus `thread/closed`.

461 466 

502{ "id": 25, "result": {} }507{ "id": 25, "result": {} }

503```508```

504 509 

510### Run a thread shell command

511 

512Use `thread/shellCommand` for user-initiated shell commands that belong to a thread. The request returns immediately with `{}` while progress streams through standard `turn/*` and `item/*` notifications.

513 

514This API runs outside the sandbox with full access and doesn't inherit the thread sandbox policy. Clients should expose it only for explicit user-initiated commands.

515 

516If the thread already has an active turn, the command runs as an auxiliary action on that turn and its formatted output is injected into the turn's message stream. If the thread is idle, app-server starts a standalone turn for the shell command.

517 

518```json

519{ "method": "thread/shellCommand", "id": 26, "params": { "threadId": "thr_b", "command": "git status --short" } }

520{ "id": 26, "result": {} }

521```

522 

523### Clean background terminals

524 

525Use `thread/backgroundTerminals/clean` to stop all running background terminals associated with a thread. This method is experimental and requires `capabilities.experimentalApi = true`.

526 

527```json

528{ "method": "thread/backgroundTerminals/clean", "id": 27, "params": { "threadId": "thr_b" } }

529{ "id": 27, "result": {} }

530```

531 

505### Roll back recent turns532### Roll back recent turns

506 533 

507Use `thread/rollback` to remove the last `numTurns` entries from the in-memory context and persist a rollback marker in the rollout log. The returned `thread` includes `turns` populated after the rollback.534Use `thread/rollback` to remove the last `numTurns` entries from the in-memory context and persist a rollback marker in the rollout log. The returned `thread` includes `turns` populated after the rollback.

508 535 

509```json536```json

510{ "method": "thread/rollback", "id": 26, "params": { "threadId": "thr_b", "numTurns": 1 } }537{ "method": "thread/rollback", "id": 28, "params": { "threadId": "thr_b", "numTurns": 1 } }

511{ "id": 26, "result": { "thread": { "id": "thr_b", "name": "Bug bash notes", "ephemeral": false } } }538{ "id": 28, "result": { "thread": { "id": "thr_b", "name": "Bug bash notes", "ephemeral": false } } }

512```539```

513 540 

514## Turns541## Turns

1155 1182 

1156### Detect and import external agent config1183### Detect and import external agent config

1157 1184 

1158Use `externalAgentConfig/detect` to discover migratable external-agent artifacts, then pass the selected entries to `externalAgentConfig/import`.1185Use `externalAgentConfig/detect` to discover external-agent artifacts that can be migrated, then pass the selected entries to `externalAgentConfig/import`.

1159 1186 

1160Detection example:1187Detection example:

1161 1188 

1195{ "id": 64, "result": {} }1222{ "id": 64, "result": {} }

1196```1223```

1197 1224 

1198Supported `itemType` values are `AGENTS_MD`, `CONFIG`, `SKILLS`, and `MCP_SERVER_CONFIG`. Detection returns only items that still have work to do. For example, AGENTS migration is skipped when `AGENTS.md` already exists and is non-empty, and skill imports do not overwrite existing skill directories.1225Supported `itemType` values are `AGENTS_MD`, `CONFIG`, `SKILLS`, and `MCP_SERVER_CONFIG`. Detection returns only items that still have work to do. For example, AGENTS migration is skipped when `AGENTS.md` already exists and is non-empty, and skill imports don’t overwrite existing skill directories.

1199 1226 

1200## Auth endpoints1227## Auth endpoints

1201 1228 

2 2 

3Automate recurring tasks in the background. Codex adds findings to the inbox, or automatically archives the task if there's nothing to report. You can combine automations with [skills](https://developers.openai.com/codex/skills) for more complex tasks.3Automate recurring tasks in the background. Codex adds findings to the inbox, or automatically archives the task if there's nothing to report. You can combine automations with [skills](https://developers.openai.com/codex/skills) for more complex tasks.

4 4 

5Automations run in the background in the Codex app. The app needs to be5For project-scoped automations, the app needs to be running, and the selected

6running, and the selected project needs to be available on disk.6project needs to be available on disk.

7 7 

8In Git repositories, you can choose whether an automation runs in your local8In Git repositories, you can choose whether an automation runs in your local

9project or on a new [worktree](https://developers.openai.com/codex/app/worktrees). Both options run in the9project or on a new [worktree](https://developers.openai.com/codex/app/worktrees). Both options run in the

19 19 

20## Managing tasks20## Managing tasks

21 21 

22All automations and their runs can be found in the automations pane inside your Codex app sidebar.22Find all automations and their runs in the automations pane inside your Codex app sidebar.

23 23 

24The "Triage" section acts as your inbox. Automation runs with findings show up there, and you can filter your inbox to show all automation runs or only unread ones.24The "Triage" section acts as your inbox. Automation runs with findings show up there, and you can filter your inbox to show all automation runs or only unread ones.

25 25 

26Standalone automations start fresh runs on a schedule and report results in

27Triage. Use them when each run should be independent or when one automation

28should run across one or more projects. If you need a custom cadence, choose a

29custom schedule and enter cron syntax.

30 

26For Git repositories, each automation can run either in your local project or31For Git repositories, each automation can run either in your local project or

27on a dedicated background [worktree](https://developers.openai.com/codex/app/features#worktree-support). Use32on a dedicated background [worktree](https://developers.openai.com/codex/app/features#worktree-support). Use

28worktrees when you want to isolate automation changes from unfinished local33worktrees when you want to isolate automation changes from unfinished local

29work. Use local mode when you want the automation to work directly in your main34work. Use local mode when you want the automation to work directly in your main

30checkout, keeping in mind that it can modify files you are actively editing.35checkout, keeping in mind that it can change files you are actively editing.

31In non-version-controlled projects, automations run directly in the project36In non-version-controlled projects, automations run directly in the project

32directory. You can have the same automation run on multiple projects.37directory. You can have the same automation run on more than one project.

33 38 

34Automations use your default sandbox settings. In read-only mode, tool calls fail if they require modifying files, network access, or working with apps on your computer. With full access enabled, background automations carry elevated risk. You can adjust sandbox settings in [Settings](https://developers.openai.com/codex/app/settings) and selectively allowlist commands with [rules](https://developers.openai.com/codex/rules).39Automations use your default sandbox settings. In read-only mode, tool calls fail if they require modifying files, network access, or working with apps on your computer. With full access enabled, background automations carry elevated risk. You can adjust sandbox settings in [Settings](https://developers.openai.com/codex/app/settings) and selectively allowlist commands with [rules](https://developers.openai.com/codex/rules).

35 40 

36To keep automations maintainable and shareable across teams, you can use [skills](https://developers.openai.com/codex/skills) to define the action and provide tools and context to Codex. You can explicitly trigger a skill as part of an automation by using `$skill-name` inside your automation.41Automations can use the same plugins and skills available to Codex. To keep

42automations maintainable and shareable across teams, use [skills](https://developers.openai.com/codex/skills)

43to define the action and provide tools and context. You can explicitly trigger a

44skill as part of an automation by using `$skill-name` inside your automation.

45 

46## Ask Codex to create or update automations

47 

48You can create and update automations from a regular Codex thread. Describe the

49task, the schedule, and whether the automation should stay attached to the

50current thread or start fresh runs. Codex can draft the automation prompt, choose

51the right automation type, and update it when the scope or cadence changes.

52 

53For example, ask Codex to remind you in this thread while a deployment finishes,

54or ask it to create a standalone automation that checks a project on a recurring

55schedule.

56 

57Skills can also create or update automations. For example, a skill for

58babysitting a pull request could set up a recurring automation that checks the

59PR status with the GitHub plugin and fixes new review feedback.

60 

61## Thread automations

62 

63Thread automations are heartbeat-style recurring wake-up calls attached to the

64current thread. Use them when you want Codex to keep returning to the same

65conversation on a schedule.

66 

67Use a thread automation when the scheduled work should preserve the thread's

68context instead of starting from a new prompt each time.

69 

70Thread automations can use minute-based intervals for active follow-up loops,

71or daily and weekly schedules when you need a check-in at a specific time.

72 

73Thread automations are useful for:

74 

75- checking a long-running command until it finishes

76- polling Slack, GitHub, or another connected source when the results should

77 stay in the same thread

78- reminding Codex to continue a review loop at a fixed cadence

79- running a skill-driven workflow that uses plugins, such as checking PR status

80 and addressing new feedback

81- keeping a chat focused on an ongoing research or triage task

82 

83Use a standalone or project automation when each run should be independent,

84when it should run across more than one project, or when findings should appear

85as separate automation runs in Triage.

86 

87When you create a thread automation, make the prompt durable. It should

88describe what Codex should do each time the thread wakes up, how to decide

89whether there is anything important to report, and when to stop or ask you for

90input.

37 91 

38## Testing automations safely92## Test automations

39 93 

40Before you schedule an automation, test the prompt manually in a regular thread94Before you schedule an automation, test the prompt manually in a regular thread

41first. This helps you confirm:95first. This helps you confirm:

44- The selected or default model, reasoning effort, and tools behave as expected.98- The selected or default model, reasoning effort, and tools behave as expected.

45- The resulting diff is reviewable.99- The resulting diff is reviewable.

46 100 

47When you start scheduling runs, review the first few outputs closely and adjust101When you start scheduling runs, review the first few outputs and adjust the

48the prompt or cadence as needed.102prompt or cadence as needed.

49 103 

50## Worktree cleanup for automations104## Worktree cleanup for automations

51 105 

55 109 

56## Permissions and security model110## Permissions and security model

57 111 

58Automations are designed to run unattended and use your default sandbox112Automations run unattended and use your default sandbox settings.

59settings.

60 113 

61- If your sandbox mode is **read-only**, tool calls fail if they require114- If your sandbox mode is **read-only**, tool calls fail if they require

62 modifying files, accessing network, or working with apps on your computer.115 modifying files, accessing network, or working with apps on your computer.

66 on your computer. You can selectively allowlist commands to run outside the119 on your computer. You can selectively allowlist commands to run outside the

67 sandbox using [rules](https://developers.openai.com/codex/rules).120 sandbox using [rules](https://developers.openai.com/codex/rules).

68- If your sandbox mode is **full access**, background automations carry121- If your sandbox mode is **full access**, background automations carry

69 elevated risk, as Codex may modify files, run commands, and access network122 elevated risk, as Codex may change files, run commands, and access network

70 without asking. Consider updating sandbox settings to workspace write, and123 without asking. Consider updating sandbox settings to workspace write, and

71 using [rules](https://developers.openai.com/codex/rules) to selectively define which commands the agent124 using [rules](https://developers.openai.com/codex/rules) to selectively define which commands the agent

72 can run with full access.125 can run with full access.

76[Admin-enforced requirements (`requirements.toml`)](https://developers.openai.com/codex/enterprise/managed-configuration#admin-enforced-requirements-requirementstoml).129[Admin-enforced requirements (`requirements.toml`)](https://developers.openai.com/codex/enterprise/managed-configuration#admin-enforced-requirements-requirementstoml).

77 130 

78Automations use `approval_policy = "never"` when your organization policy131Automations use `approval_policy = "never"` when your organization policy

79allows it. If `approval_policy = "never"` is disallowed by admin requirements,132allows it. If admin requirements disallow `approval_policy = "never"`,

80automations fall back to the approval behavior of your selected mode.133automations fall back to the approval behavior of your selected mode.

81 134 

82## Examples135## Examples

1# In-app browser

2 

3The in-app browser gives you and Codex a shared view of rendered web pages

4inside a thread. Use it when you're building or debugging a web app and want to

5preview pages and attach visual comments.

6 

7Use it for local development servers, file-backed previews, and public pages

8that don't require sign-in. For anything that depends on login state or browser

9extensions, use your regular browser.

10 

11Open the in-app browser from the toolbar, by clicking a URL, by navigating

12manually in the browser, or by pressing <kbd>Cmd</kbd>+<kbd>Shift</kbd>+<kbd>B</kbd>

13(<kbd>Ctrl</kbd>+<kbd>Shift</kbd>+<kbd>B</kbd> on Windows).

14 

15The in-app browser does not support authentication flows, signed-in pages,

16 your regular browser profile, cookies, extensions, or existing tabs. Use it

17 for pages Codex can open without logging in.

18 

19Treat page content as untrusted context. Don't paste secrets into browser flows.

20 

21![Codex app showing a browser comment on a local web app preview](/images/codex/app/in-app-browser-light.webp)

22 

23## Preview a page

24 

251. Start your app's development server in the [integrated terminal](https://developers.openai.com/codex/app/features#integrated-terminal) or with a [local environment action](https://developers.openai.com/codex/app/local-environments#actions).

262. Open an unauthenticated local route, file-backed page, or public page by

27 clicking a URL or navigating manually in the browser.

283. Review the rendered state alongside the code diff.

294. Leave browser comments on the elements or areas that need changes.

305. Ask Codex to address the comments and keep the scope narrow.

31 

32Example feedback:

33 

34```text

35I left comments on the pricing page in the in-app browser. Address the mobile

36layout issues and keep the card structure unchanged.

37```

38 

39## Comment on the page

40 

41When a bug is visible only in the rendered page, use browser comments to give

42Codex precise feedback on the page.

43 

44- Turn on comment mode, select an element or area, and submit a comment.

45- In comment mode, hold <kbd>Shift</kbd> and click to select an area.

46- Hold <kbd>Cmd</kbd> while clicking to send a comment immediately.

47 

48After you leave comments, send a message in the thread asking Codex to address

49them. Comments are most useful when Codex needs to make a precise visual change.

50 

51Good feedback is specific:

52 

53```text

54This button overflows on mobile. Keep the label on one line if it fits,

55otherwise wrap it without changing the card height.

56```

57 

58```text

59This tooltip covers the data point under the cursor. Reposition the tooltip so

60it stays inside the chart bounds.

61```

62 

63## Keep browser tasks scoped

64 

65The in-app browser is for review and iteration. Keep each browser task small

66enough to review in one pass.

67 

68- Name the page, route, or local URL.

69- Name the visual state you care about, such as loading, empty, error, or

70 success.

71- Leave comments on the exact elements or areas that need changes.

72- Review the updated route after Codex changes the code.

73- Ask Codex to start or check the dev server before it uses the browser.

74 

75For repository changes, use the [review pane](https://developers.openai.com/codex/app/review) to inspect the

76changes and leave comments.

36 36 

37You can also explicitly invoke skills by typing `$` in the thread composer. See [Skills](https://developers.openai.com/codex/skills).37You can also explicitly invoke skills by typing `$` in the thread composer. See [Skills](https://developers.openai.com/codex/skills).

38 38 

39Enabled skills also appear in the slash command list (for example, `/imagegen`).39Enabled skills also appear in the slash command list.

40 40 

41### Available slash commands41### Available slash commands

42 42 

62 62 

63For new-thread deeplinks:63For new-thread deeplinks:

64 64 

65- `prompt` prefills the composer.65- `prompt` sets the initial composer text.

66- `path` must be an absolute path to a local directory and, when valid, makes that directory the active workspace for the new thread.66- `path` must be an absolute path to a local directory and, when valid, makes that directory the active workspace for the new thread.

67- `originUrl` tries to match one of your current workspace roots by Git remote URL. If both `path` and `originUrl` are present, Codex resolves `path` first.67- `originUrl` tries to match one of your current workspace roots by Git remote URL. If both `path` and `originUrl` are present, Codex resolves `path` first.

68 68 

1# Computer Use

2 

3In the Codex app, computer use is currently available on macOS, except in the

4 European Economic Area, the United Kingdom, and Switzerland at launch. Install

5 the Computer Use plugin, then grant Screen Recording and Accessibility

6 permissions when macOS prompts you.

7 

8With computer use, Codex can see and operate graphical user interfaces on macOS.

9Use it for tasks where command-line tools or structured integrations aren't

10enough, such as checking a desktop app, using a browser, changing app settings,

11working with a data source that isn't available as a plugin, or reproducing a

12bug that only happens in a graphical user interface.

13 

14Because computer use can affect app and system state outside your project

15workspace, use it for scoped tasks and review permission prompts before

16continuing.

17 

18## Set up computer use

19 

20In Codex settings, open **Computer Use** and click **Install** to install the

21Computer Use plugin before you ask Codex to operate desktop apps. When macOS

22prompts for access, grant Screen Recording and Accessibility permissions if you

23want Codex to see and interact with the target app.

24 

25To use computer use, grant:

26 

27- **Screen Recording** permission so Codex can see the target app.

28- **Accessibility** permission so Codex can click, type, and navigate.

29 

30## When to use computer use

31 

32Choose computer use when the task depends on a graphical user interface that's

33hard to verify through files or command output alone.

34 

35Good fits include:

36 

37- Testing a macOS app, an iOS simulator flow, or another desktop app that Codex

38 is building.

39- Performing a task that requires your web browser.

40- Reproducing a bug that only appears in a graphical interface.

41- Changing app settings that require clicking through a UI.

42- Inspecting information in an app or data source that isn't available through a

43 plugin.

44- Running a scoped task in the background while you keep working elsewhere.

45- Executing a workflow that spans more than one app.

46 

47For web apps you are building locally, use the

48[in-app browser](https://developers.openai.com/codex/app/browser) first.

49 

50## Start a computer use task

51 

52Mention `@Computer Use` or `@AppName` in your prompt, or ask Codex to use

53computer use. Describe the exact app, window, or flow Codex should operate.

54 

55```text

56Open the app with computer use, reproduce the onboarding bug, and fix the

57smallest code path that causes it. After each change, run the same UI flow

58again.

59```

60 

61```text

62Open @Chrome and verify the checkout page still works after the latest changes.

63```

64 

65If the target app exposes a dedicated plugin or MCP server, prefer that

66structured integration for data access and repeatable operations. Choose

67computer use when Codex needs to inspect or operate the app visually.

68 

69## Permissions and approvals

70 

71The macOS system permissions for computer use are separate from app approvals in

72Codex. The macOS permissions let Codex see and operate apps. App approvals

73determine which apps you allow Codex to use. File reads, file edits, and shell

74commands still follow the sandbox and approval settings for the thread.

75 

76With computer use, Codex can see and take action only in the apps you allow.

77During a task, Codex asks for your permission before it can use an app on your

78computer. You can choose **Always allow** so Codex can use that app in the future

79without asking again. You can remove apps from the **Always allow** list in the

80**Computer Use** section of Codex settings.

81 

82![Codex app asking for permission to use Calculator with computer use](/images/codex/app/computer-use-approval-light.webp)

83 

84Codex may also ask for permission before taking sensitive or disruptive actions.

85 

86If Codex can't see or control an app, open **System Settings > Privacy &

87Security** and check **Screen Recording** and **Accessibility** for the Codex

88app.

89 

90## Safety guidance

91 

92With computer use, Codex can view screen content, take screenshots, and interact

93with windows, menus, keyboard input, and clipboard state in the target app.

94Treat visible app content, browser pages, screenshots, and files opened in the

95target app as context Codex may process while the task runs.

96 

97Keep tasks narrow and stay present for sensitive flows:

98 

99- Give Codex one clear target app or flow at a time.

100- You can stop the task or take over your computer at any time.

101- Keep sensitive apps closed unless they're required for the task.

102- Avoid tasks that require secrets unless you're present and can approve each

103 step.

104- Review app permission prompts before allowing Codex to use an app.

105- Use **Always allow** only for apps you trust Codex to use automatically in

106 future tasks.

107- Stay present for account, security, privacy, network, payment, or

108 credential-related settings.

109- Cancel the task if Codex starts interacting with the wrong window.

110 

111If Codex uses your browser, it can interact with pages where you're already

112signed in. Review website actions as if you were taking them yourself: web pages

113can contain malicious or misleading content, and sites may treat approved clicks,

114form submissions, and signed-in actions as coming from your account. To keep

115using your browser while Codex works, ask Codex to use a different browser.

116 

117The feature can't automate terminal apps or Codex itself, since automating them

118could bypass Codex security policies. It also can't authenticate as an

119administrator or approve security and privacy permission prompts on your

120computer.

121 

122File edits and shell commands still follow Codex approval and sandbox settings

123where applicable. Changes made through desktop apps may not appear in the review

124pane until they're saved to disk and tracked by the project. Your ChatGPT data

125controls apply to content processed through Codex, including screenshots taken

126by computer use.

31 31 

32You can also combine skills with [automations](https://developers.openai.com/codex/app/automations) to perform routine tasks32You can also combine skills with [automations](https://developers.openai.com/codex/app/automations) to perform routine tasks

33such as evaluating errors in your telemetry and submitting fixes or creating reports on recent33such as evaluating errors in your telemetry and submitting fixes or creating reports on recent

34codebase changes.34codebase changes. For ongoing work that should stay in one thread, use a

35[thread automation](https://developers.openai.com/codex/app/automations#thread-automations).

35 36 

36![Automation creation form with schedule and prompt fields](/images/codex/app/create-automation-light.webp)37![Automation creation form with schedule and prompt fields](/images/codex/app/create-automation-light.webp)

37 38 

130 131 

131![Pop-out window preview in light mode](/images/codex/app/popover-light.webp)132![Pop-out window preview in light mode](/images/codex/app/popover-light.webp)

132 133 

134## In-app browser

135 

136Use the [in-app browser](https://developers.openai.com/codex/app/browser) to preview, review, and comment on

137local development servers, file-backed previews, and public pages that don't

138require sign-in while you iterate on a web app.

139 

140The in-app browser doesn't support authentication flows, signed-in pages, your

141regular browser profile, cookies, extensions, or existing tabs.

142 

143Use browser comments to mark specific elements or areas on a page, then ask

144Codex to address that feedback.

145 

146![Codex app showing a browser comment on a local web app preview](/images/codex/app/in-app-browser-light.webp)

147 

148## Computer use

149 

150[Computer use](https://developers.openai.com/codex/app/computer-use) helps Codex operate a macOS app by

151seeing, clicking, and typing. This is useful for testing desktop apps, checking

152browser or simulator flows, working with data sources that aren't available as

153plugins, changing app settings, and reproducing GUI-only bugs.

154 

155Because computer use can affect app and system state outside your project

156workspace, keep tasks narrow and review permission prompts before continuing.

157 

158The feature isn't available in the European Economic Area, the United Kingdom, or

159Switzerland at launch.

160 

161![Codex app asking for permission to use Calculator with computer use](/images/codex/app/computer-use-approval-light.webp)

162 

163## Work with non-code artifacts

164 

165When a task produces non-code artifacts, the sidebar can preview PDF files,

166spreadsheets, documents, and presentations. Give Codex the source data, expected

167file type, structure, and review criteria you care about.

168 

169For spreadsheets and presentations, describe the sheets, columns, charts, slide

170sections, and checks that matter. Ask Codex to explain where it saved the output

171and how it checked the result.

172 

173Use the task sidebar to follow what Codex is doing while a thread runs. It can

174surface the agent's plan, sources, generated artifacts, and task summary so you

175can steer the work, inspect generated files, and decide what needs another pass.

176 

177![Codex app showing a generated presentation in the artifact viewer](/images/codex/app/artifact-viewer-light.webp)

178 

133---179---

134 180 

135## Sync with the IDE extension181## Sync with the IDE extension

146If you're unsure whether the app includes context, toggle it off and ask the192If you're unsure whether the app includes context, toggle it off and ask the

147same question again to compare results.193same question again to compare results.

148 194 

195## Thread automations

196 

197Automations can also attach to a single thread. These thread automations are

198recurring wake-up calls that preserve the thread's context so Codex can check

199on long-running work, poll a source for new information, or continue a follow-up

200loop. Use them for heartbeat-style automations that should keep returning to the

201same conversation on a schedule.

202 

203Use a thread automation when the next run depends on the current conversation.

204Use a standalone or project [automation](https://developers.openai.com/codex/app/automations) when you want

205Codex to start a fresh recurring task for one or more projects.

206 

149## Approvals and sandboxing207## Approvals and sandboxing

150 208 

151Your approval and sandbox settings constrain Codex actions.209Your approval and sandbox settings constrain Codex actions.

164opening separate projects or using worktrees rather than asking Codex to roam222opening separate projects or using worktrees rather than asking Codex to roam

165outside the project root.223outside the project root.

166 224 

167For a high-level overview, see [Sandboxing](https://developers.openai.com/codex/concepts/sandboxing). For225For a high-level overview, see [sandboxing](https://developers.openai.com/codex/concepts/sandboxing). For

168configuration details, see the226configuration details, see the

169[agent approvals & security documentation](https://developers.openai.com/codex/agent-approvals-security).227[agent approvals & security documentation](https://developers.openai.com/codex/agent-approvals-security).

170 228 

177 235 

178## Web search236## Web search

179 237 

180Codex ships with a first-party web search tool. For local tasks in the Codex IDE Extension, Codex238Codex ships with a first-party web search tool. For local tasks in the Codex app, Codex

181enables web search by default and serves results from a web search cache. If you configure your239enables web search by default and serves results from a web search cache. If you configure your

182sandbox for [full access](https://developers.openai.com/codex/agent-approvals-security), web search defaults to live results. See240sandbox for [full access](https://developers.openai.com/codex/agent-approvals-security), web search defaults to live results. See

183[Config basics](https://developers.openai.com/codex/config-basic) to disable web search or switch to live results that fetch the241[Config basics](https://developers.openai.com/codex/config-basic) to disable web search or switch to live results that fetch the

184most recent data.242most recent data.

185 243 

244## Image generation

245 

246Ask Codex to generate or edit images directly in a thread. This is useful for UI assets, banners, backgrounds, illustrations, sprite sheets, and placeholders you want to create alongside code. Add a reference image when you want Codex to transform or extend an existing asset.

247 

248You can ask in natural language or explicitly invoke the image generation skill by including `$imagegen` in your prompt.

249 

250Built-in image generation uses `gpt-image-1.5`, counts toward your general Codex usage limits, and uses included limits 3-5x faster on average than similar turns without image generation, depending on image quality and size. For details, see [Pricing](https://developers.openai.com/codex/pricing#image-generation-usage-limits). For prompting tips and model details, see the [image generation guide](https://developers.openai.com/api/docs/guides/image-generation).

251 

252For larger batches of image generation, set `OPENAI_API_KEY` in your environment variables and ask Codex to generate images through the API so API pricing applies instead.

253 

186## Image input254## Image input

187 255 

188You can drag and drop images into the prompt composer to include them as context. Hold down `Shift`256You can drag and drop images into the prompt composer to include them as context. Hold down `Shift`

191You can also ask Codex to view images on your system. By giving Codex tools to take screenshots of259You can also ask Codex to view images on your system. By giving Codex tools to take screenshots of

192the app you are working on, Codex can verify the work it's doing.260the app you are working on, Codex can verify the work it's doing.

193 261 

262## Chats

263 

264Chats are threads you can start when the task doesn't need a specific project

265folder or Git repository. Use them for research, triage, planning,

266plugin-heavy workflows, and other conversations where Codex should use connected

267tools instead of editing a codebase.

268 

269Chats use a Codex-managed `threads` directory under your Codex home as their

270working location. By default, that location is `~/.codex/threads`.

271 

272## Memories

273 

274[Memories](https://developers.openai.com/codex/memories), where available, let Codex carry useful context

275from past tasks into future threads. They're most useful for stable preferences,

276project conventions, recurring work patterns, and known pitfalls that would

277otherwise need to repeat.

278 

194## Notifications279## Notifications

195 280 

196By default, the Codex app sends notifications when a task completes or needs approval while the app281By default, the Codex app sends notifications when a task completes or needs approval while the app

208 293 

209- [Settings](https://developers.openai.com/codex/app/settings)294- [Settings](https://developers.openai.com/codex/app/settings)

210- [Automations](https://developers.openai.com/codex/app/automations)295- [Automations](https://developers.openai.com/codex/app/automations)

296- [In-app browser](https://developers.openai.com/codex/app/browser)

297- [Computer use](https://developers.openai.com/codex/app/computer-use)

298- [Review pane](https://developers.openai.com/codex/app/review)

211- [Local environments](https://developers.openai.com/codex/app/local-environments)299- [Local environments](https://developers.openai.com/codex/app/local-environments)

212- [Worktrees](https://developers.openai.com/codex/app/worktrees)300- [Worktrees](https://developers.openai.com/codex/app/worktrees)

412. Hover the line you want to comment on.412. Hover the line you want to comment on.

423. Click the **+** button that appears.423. Click the **+** button that appears.

434. Write your feedback and submit it.434. Write your feedback and submit it.

445. Once you are done with all your feedback, send a message back to the thread.445. After you finish leaving feedback, send a message back to the thread.

45 45 

46Because the comment is anchored to a line, Codex can usually respond more46Because comments are line-specific, Codex can respond more precisely than with a

47precisely than with a general instruction.47general instruction.

48 48 

49Inline comments are treated as review guidance. After leaving comments, send a49Codex treats inline comments as review guidance. After leaving comments, send a

50follow-up message that makes your intent explicit, for example “Address the50follow-up message that makes your intent explicit, for example “Address the

51inline comments and keep the scope minimal.”51inline comments and keep the scope minimal.”

52 52 

57 57 

58![Inline code review comments displayed in the review pane](/images/codex/app/inline-code-review-light.webp)58![Inline code review comments displayed in the review pane](/images/codex/app/inline-code-review-light.webp)

59 59 

60## Pull request reviews

61 

62When Codex has GitHub access for your repository and the current project is on

63the pull request branch, the Codex app can help you work through pull request

64feedback without leaving the app. The sidebar shows pull request context and

65feedback from reviewers, and the review pane shows comments alongside the diff

66so you can ask Codex to address issues in the same thread.

67 

68Install the GitHub CLI (`gh`) and authenticate it with `gh auth login` so Codex

69can load pull request context, review comments, and changed files. If `gh` is

70missing or unauthenticated, pull request details may not appear in the sidebar

71or review pane.

72 

73Use this flow when you want to keep the full fix loop in one place:

74 

751. Open the review pane on the pull request branch.

762. Review the pull request context, comments, and changed files.

773. Ask Codex to fix the specific comments you want handled.

784. Inspect the resulting diff in the review pane.

795. Stage, commit, and push the changes to the PR branch when you are ready.

80 

81For GitHub-triggered reviews, see [Use Codex in GitHub](https://developers.openai.com/codex/integrations/github).

82 

60## Staging and reverting files83## Staging and reverting files

61 84 

62The review pane includes Git actions so you can shape the diff before you85The review pane includes Git actions so you can shape the diff before you

63commit.86commit.

64 87 

65You can stage, unstage, or revert changes at multiple levels:88You can stage, unstage, or revert changes at these levels:

66 89 

67- **Entire diff**: use the action buttons in the review header (for example,90- **Entire diff**: use the action buttons in the review header (for example,

68 "Stage all" or "Revert all")91 "Stage all" or "Revert all")

72Use staging when you want to accept part of the work, and revert when you want95Use staging when you want to accept part of the work, and revert when you want

73to discard it.96to discard it.

74 97 

75### Partially staged states98### Staged and unstaged states

76 99 

77Git can represent both staged and unstaged changes in the same file. When that100Git can represent both staged and unstaged changes in the same file. When that

78happens, it can look like the pane is showing “the same file twice” across101happens, it can look like the pane is showing “the same file twice” across

43also apply to the Codex CLI and IDE extension because the MCP configuration lives in43also apply to the Codex CLI and IDE extension because the MCP configuration lives in

44`config.toml`. See the [Model Context Protocol docs](https://developers.openai.com/codex/mcp) for details.44`config.toml`. See the [Model Context Protocol docs](https://developers.openai.com/codex/mcp) for details.

45 45 

46## Computer Use

47 

48On macOS, check your Computer Use settings to review desktop-app access and related

49preferences after setup. To revoke system-level access, update Screen Recording

50or Accessibility permissions in macOS Privacy & Security settings. The feature

51isn’t available in the European Economic Area, the United Kingdom, or Switzerland

52at launch.

53 

46## Personalization54## Personalization

47 55 

48Choose **Friendly**, **Pragmatic**, or **None** as your default personality. Use56Choose **Friendly**, **Pragmatic**, or **None** as your default personality. Use

51You can also add your own custom instructions. Editing custom instructions updates your59You can also add your own custom instructions. Editing custom instructions updates your

52[personal instructions in `AGENTS.md`](https://developers.openai.com/codex/guides/agents-md).60[personal instructions in `AGENTS.md`](https://developers.openai.com/codex/guides/agents-md).

53 61 

62## Context-aware suggestions

63 

64Use context-aware suggestions to surface follow-ups and tasks you may want to resume when you

65start or return to Codex.

66 

67## Memories

68 

69Enable Memories, where available, to let Codex carry useful context from past

70threads into future work. See [Memories](https://developers.openai.com/codex/memories) for setup, storage,

71and per-thread controls.

72 

54## Archived threads73## Archived threads

55 74 

56The **Archived threads** section lists archived chats with dates and project75The **Archived threads** section lists archived chats with dates and project

184`%USERPROFILE%\.codex`.184`%USERPROFILE%\.codex`.

185 185 

186If you also run the Codex CLI inside WSL, the CLI uses the Linux home186If you also run the Codex CLI inside WSL, the CLI uses the Linux home

187directory by default, so it does not automatically share configuration, cached187directory by default, so it doesn't automatically share configuration, cached

188auth, or session history with the Windows app.188auth, or session history with the Windows app.

189 189 

190To share them, use one of these approaches:190To share them, use one of these approaches:

206 206 

207### Git isn't detected for projects opened from `\\wsl$`207### Git isn't detected for projects opened from `\\wsl$`

208 208 

209For now, if you want to use the Windows-native agent with a project that is209For now, if you want to use the Windows-native agent with a project also

210also accessible from WSL, the most reliable workaround is to store the project210accessible from WSL, the most reliable workaround is to store the project

211on the native Windows drive and access it in WSL through `/mnt/<drive>/...`.211on the native Windows drive and access it in WSL through `/mnt/<drive>/...`.

212 212 

213### Cmder is not listed in the open dialog213### `Cmder` isn't listed in the open dialog

214 214 

215If Cmder is installed but doesn’t show in Codex’s open dialog, add it to the215If `Cmder` is installed but doesn't show in Codex's open dialog, add it to the

216Windows Start Menu: right-click Cmder and choose **Add to Start**, then restart216Windows Start Menu: right-click `Cmder` and choose **Add to Start**, then

217Codex or reboot.217restart Codex or reboot.

59 59 

60Use `/model` to switch between GPT-5.4, GPT-5.3-Codex, and other available models, or adjust reasoning levels.](https://developers.openai.com/codex/cli/features#models-reasoning)[### Image inputs60Use `/model` to switch between GPT-5.4, GPT-5.3-Codex, and other available models, or adjust reasoning levels.](https://developers.openai.com/codex/cli/features#models-reasoning)[### Image inputs

61 61 

62Attach screenshots or design specs so Codex reads them alongside your prompt.](https://developers.openai.com/codex/cli/features#image-inputs)[### Run local code review62Attach screenshots or design specs so Codex reads them alongside your prompt.](https://developers.openai.com/codex/cli/features#image-inputs)[### Image generation

63 

64Generate or edit images directly in the CLI, and attach references when you want Codex to iterate on an existing asset.](https://developers.openai.com/codex/cli/features#image-generation)[### Run local code review

63 65 

64Get your code reviewed by a separate Codex agent before you commit or push your changes.](https://developers.openai.com/codex/cli/features#running-local-code-review)[### Use subagents66Get your code reviewed by a separate Codex agent before you commit or push your changes.](https://developers.openai.com/codex/cli/features#running-local-code-review)[### Use subagents

65 67 

154 154 

155Codex accepts common formats such as PNG and JPEG. Use comma-separated filenames for two or more images, and combine them with text instructions to add context.155Codex accepts common formats such as PNG and JPEG. Use comma-separated filenames for two or more images, and combine them with text instructions to add context.

156 156 

157## Image generation

158 

159Ask Codex to generate or edit images directly in the CLI. This works well for assets such as icons, banners, illustrations, sprite sheets, and placeholder art. If you want Codex to transform or extend an existing asset, attach a reference image with your prompt.

160 

161You can ask in natural language or explicitly invoke the image generation skill by including `$imagegen` in your prompt.

162 

163Built-in image generation uses `gpt-image-1.5`, counts toward your general Codex usage limits, and uses included limits 3-5x faster on average than similar turns without image generation, depending on image quality and size. For details, see [Pricing](https://developers.openai.com/codex/pricing#image-generation-usage-limits). For prompting tips and model details, see the [image generation guide](https://developers.openai.com/api/docs/guides/image-generation).

164 

165For larger batches of image generation, set `OPENAI_API_KEY` in your environment variables and ask Codex to generate images through the API so API pricing applies instead.

166 

157## Syntax highlighting and themes167## Syntax highlighting and themes

158 168 

159The TUI syntax-highlights fenced markdown code blocks and file diffs so code is easier to scan during reviews and debugging.169The TUI syntax-highlights fenced markdown code blocks and file diffs so code is easier to scan during reviews and debugging.

22| [`/sandbox-add-read-dir`](#grant-sandbox-read-access-with-sandbox-add-read-dir) | Grant sandbox read access to an extra directory (Windows only). | Unblock commands that need to read an absolute directory path outside the current readable roots. |22| [`/sandbox-add-read-dir`](#grant-sandbox-read-access-with-sandbox-add-read-dir) | Grant sandbox read access to an extra directory (Windows only). | Unblock commands that need to read an absolute directory path outside the current readable roots. |

23| [`/agent`](#switch-agent-threads-with-agent) | Switch the active agent thread. | Inspect or continue work in a spawned subagent thread. |23| [`/agent`](#switch-agent-threads-with-agent) | Switch the active agent thread. | Inspect or continue work in a spawned subagent thread. |

24| [`/apps`](#browse-apps-with-apps) | Browse apps (connectors) and insert them into your prompt. | Attach an app as `$app-slug` before asking Codex to use it. |24| [`/apps`](#browse-apps-with-apps) | Browse apps (connectors) and insert them into your prompt. | Attach an app as `$app-slug` before asking Codex to use it. |

25| [`/clear`](#clear-the-terminal-and-start-a-new-chat-with-clear) | Clear the terminal and start a fresh chat. | Reset the visible UI and conversation together when you want a clean slate. |25| [`/plugins`](#browse-plugins-with-plugins) | Browse installed and discoverable plugins. | Inspect plugin tools, install suggested plugins, or manage plugin availability. |

26| [`/clear`](#clear-the-terminal-and-start-a-new-chat-with-clear) | Clear the terminal and start a fresh chat. | Reset the visible UI and conversation together when you want a fresh start. |

26| [`/compact`](#keep-transcripts-lean-with-compact) | Summarize the visible conversation to free tokens. | Use after long runs so Codex retains key points without blowing the context window. |27| [`/compact`](#keep-transcripts-lean-with-compact) | Summarize the visible conversation to free tokens. | Use after long runs so Codex retains key points without blowing the context window. |

27| [`/copy`](#copy-the-latest-response-with-copy) | Copy the latest completed Codex output. | Grab the latest finished response or plan text without manually selecting it. |28| [`/copy`](#copy-the-latest-response-with-copy) | Copy the latest completed Codex output. | Grab the latest finished response or plan text without manually selecting it. |

28| [`/diff`](#review-changes-with-diff) | Show the Git diff, including files Git isn't tracking yet. | Review Codex's edits before you commit or run tests. |29| [`/diff`](#review-changes-with-diff) | Show the Git diff, including files Git isn't tracking yet. | Review Codex's edits before you commit or run tests. |

38| [`/plan`](#switch-to-plan-mode-with-plan) | Switch to plan mode and optionally send a prompt. | Ask Codex to propose an execution plan before implementation work starts. |39| [`/plan`](#switch-to-plan-mode-with-plan) | Switch to plan mode and optionally send a prompt. | Ask Codex to propose an execution plan before implementation work starts. |

39| [`/personality`](#set-a-communication-style-with-personality) | Choose a communication style for responses. | Make Codex more concise, more explanatory, or more collaborative without changing your instructions. |40| [`/personality`](#set-a-communication-style-with-personality) | Choose a communication style for responses. | Make Codex more concise, more explanatory, or more collaborative without changing your instructions. |

40| [`/ps`](#check-background-terminals-with-ps) | Show experimental background terminals and their recent output. | Check long-running commands without leaving the main transcript. |41| [`/ps`](#check-background-terminals-with-ps) | Show experimental background terminals and their recent output. | Check long-running commands without leaving the main transcript. |

42| [`/stop`](#stop-background-terminals-with-stop) | Stop all background terminals. | Cancel background terminal work started by the current session. |

41| [`/fork`](#fork-the-current-conversation-with-fork) | Fork the current conversation into a new thread. | Branch the active session to explore a new approach without losing the current transcript. |43| [`/fork`](#fork-the-current-conversation-with-fork) | Fork the current conversation into a new thread. | Branch the active session to explore a new approach without losing the current transcript. |

42| [`/resume`](#resume-a-saved-conversation-with-resume) | Resume a saved conversation from your session list. | Continue work from a previous CLI session without starting over. |44| [`/resume`](#resume-a-saved-conversation-with-resume) | Resume a saved conversation from your session list. | Continue work from a previous CLI session without starting over. |

43| [`/new`](#start-a-new-conversation-with-new) | Start a new conversation inside the same CLI session. | Reset the chat context without leaving the CLI when you want a fresh prompt in the same repo. |45| [`/new`](#start-a-new-conversation-with-new) | Start a new conversation inside the same CLI session. | Reset the chat context without leaving the CLI when you want a fresh prompt in the same repo. |

46| [`/status`](#inspect-the-session-with-status) | Display session configuration and token usage. | Confirm the active model, approval policy, writable roots, and remaining context capacity. |48| [`/status`](#inspect-the-session-with-status) | Display session configuration and token usage. | Confirm the active model, approval policy, writable roots, and remaining context capacity. |

47| [`/debug-config`](#inspect-config-layers-with-debug-config) | Print config layer and requirements diagnostics. | Debug precedence and policy requirements, including experimental network constraints. |49| [`/debug-config`](#inspect-config-layers-with-debug-config) | Print config layer and requirements diagnostics. | Debug precedence and policy requirements, including experimental network constraints. |

48| [`/statusline`](#configure-footer-items-with-statusline) | Configure TUI status-line fields interactively. | Pick and reorder footer items (model/context/limits/git/tokens/session) and persist in config.toml. |50| [`/statusline`](#configure-footer-items-with-statusline) | Configure TUI status-line fields interactively. | Pick and reorder footer items (model/context/limits/git/tokens/session) and persist in config.toml. |

51| [`/title`](#configure-terminal-title-items-with-title) | Configure terminal window or tab title fields interactively. | Pick and reorder title items such as project, status, thread, branch, model, and task progress. |

49 52 

50`/quit` and `/exit` both exit the CLI. Use them only after you have saved or53`/quit` and `/exit` both exit the CLI. Use them only after you have saved or

51committed any important work.54committed any important work.

177limits, git branch, token counters, session id, current directory/project root,180limits, git branch, token counters, session id, current directory/project root,

178and Codex version.181and Codex version.

179 182 

183### Configure terminal title items with `/title`

184 

1851. Type `/title`.

1862. Use the picker to toggle and reorder items, then confirm.

187 

188Expected: The terminal window or tab title updates immediately and persists to

189`tui.terminal_title` in `config.toml`.

190 

191Available title items include app name, project, spinner, status, thread, git

192branch, model, and task progress.

193 

180### Check background terminals with `/ps`194### Check background terminals with `/ps`

181 195 

1821. Type `/ps`.1961. Type `/ps`.

187 201 

188Background terminals appear when `unified_exec` is in use; otherwise, the list may be empty.202Background terminals appear when `unified_exec` is in use; otherwise, the list may be empty.

189 203 

204### Stop background terminals with `/stop`

205 

2061. Type `/stop`.

2072. Confirm if Codex asks before stopping the listed terminals.

208 

209Expected: Codex stops all background terminals for the current session. `/clean`

210is still available as an alias for `/stop`.

211 

190### Keep transcripts lean with `/compact`212### Keep transcripts lean with `/compact`

191 213 

1921. After a long exchange, type `/compact`.2141. After a long exchange, type `/compact`.

217Expected: Codex starts a fresh conversation in the same CLI session, so you239Expected: Codex starts a fresh conversation in the same CLI session, so you

218can switch tasks without leaving your terminal.240can switch tasks without leaving your terminal.

219 241 

220Unlike `/clear`, `/new` does not clear the current terminal view first.242Unlike `/clear`, `/new` doesn't clear the current terminal view first.

221 243 

222### Resume a saved conversation with `/resume`244### Resume a saved conversation with `/resume`

223 245 

270Expected: Codex inserts the app mention into the composer as `$app-slug`, so292Expected: Codex inserts the app mention into the composer as `$app-slug`, so

271you can immediately ask Codex to use it.293you can immediately ask Codex to use it.

272 294 

295### Browse plugins with `/plugins`

296 

2971. Type `/plugins`.

2982. Pick a plugin from the list to inspect its capabilities or available actions.

299 

300Expected: Codex opens the plugin browser so you can review installed plugins and

301discoverable plugins that your configuration allows.

302 

273### Switch agent threads with `/agent`303### Switch agent threads with `/agent`

274 304 

2751. Type `/agent` and press Enter.3051. Type `/agent` and press Enter.

16 16 

17Download and start building with Codex.17Download and start building with Codex.

18 18 

19 Get started](https://developers.openai.com/codex/quickstart) [### Explore19 Get started](https://developers.openai.com/codex/quickstart) [### Explore use cases

20 20 

21Get inspirations on what you can build with Codex.21Get inspiration on what you can build with Codex.

22 22 

23 Learn more](https://developers.openai.com/codex/explore) [### Community23 Learn more](https://developers.openai.com/codex/use-cases) [### Community

24 24 

25Read community posts, explore meetups, and connect with Codex builders.25Read community posts, explore meetups, and connect with Codex builders.

26 26 

5In Codex, customization comes from a few layers that work together:5In Codex, customization comes from a few layers that work together:

6 6 

7- **Project guidance (`AGENTS.md`)** for persistent instructions7- **Project guidance (`AGENTS.md`)** for persistent instructions

8- **[Memories](https://developers.openai.com/codex/memories)** for useful context learned from prior work

8- **Skills** for reusable workflows and domain expertise9- **Skills** for reusable workflows and domain expertise

9- **[MCP](https://developers.openai.com/codex/mcp)** for access to external tools and shared systems10- **[MCP](https://developers.openai.com/codex/mcp)** for access to external tools and shared systems

10- **[Subagents](https://developers.openai.com/codex/concepts/subagents)** for delegating work to specialized subagents11- **[Subagents](https://developers.openai.com/codex/concepts/subagents)** for delegating work to specialized subagents

11 12 

12These are complementary, not competing. `AGENTS.md` shapes behavior, skills package repeatable processes, and [MCP](https://developers.openai.com/codex/mcp) connects Codex to systems outside the local workspace.13These are complementary, not competing. `AGENTS.md` shapes behavior, memories

14carry local context forward, skills package repeatable processes, and

15[MCP](https://developers.openai.com/codex/mcp) connects Codex to systems outside the local workspace.

13 16 

14## AGENTS Guidance17## AGENTS Guidance

15 18 

1# Sandboxing – Codex1# Sandbox

2 2 

3Sandboxing is the boundary that lets Codex act autonomously without giving it3The sandbox is the boundary that lets Codex act autonomously without giving it

4unrestricted access to your machine. When Codex runs local commands in the4unrestricted access to your machine. When Codex runs local commands in the

5**Codex app**, **IDE extension**, or **CLI**, those commands run inside a5**Codex app**, **IDE extension**, or **CLI**, those commands run inside a

6constrained environment instead of running with full access by default.6constrained environment instead of running with full access by default.

27 27 

28## Why it matters28## Why it matters

29 29 

30Sandboxing reduces approval fatigue. Instead of asking you to confirm every30The sandbox reduces approval fatigue. Instead of asking you to confirm every

31low-risk command, Codex can read files, make edits, and run routine project31low-risk command, Codex can read files, make edits, and run routine project

32commands within the boundary you already approved.32commands within the boundary you already approved.

33 33 

34It also gives you a clearer trust model for agentic work. You are not just34It also gives you a clearer trust model for agentic work. You aren't just

35trusting the agent's intentions; you are trusting that the agent is operating35trusting the agent's intentions; you are trusting that the agent is operating

36inside enforced limits. That makes it easier to let Codex work independently36inside enforced limits. That makes it easier to let Codex work independently

37while still knowing when it will stop and ask for help.37while still knowing when it will stop and ask for help.

62 62 

63Codex uses the first `bwrap` executable it finds on `PATH`. If no `bwrap`63Codex uses the first `bwrap` executable it finds on `PATH`. If no `bwrap`

64executable is available, Codex falls back to a bundled helper, but that helper64executable is available, Codex falls back to a bundled helper, but that helper

65requires unprivileged user namespaces. Installing your distro’s `bubblewrap`65requires support for unprivileged user namespace creation. Installing the

66package keeps this setup reliable.66distribution package that provides `bwrap` keeps this setup reliable.

67 67 

68Codex surfaces a startup warning when `bwrap` is missing or cannot create user68Codex surfaces a startup warning when `bwrap` is missing or when the helper

69namespaces. On distributions that restrict them with AppArmor, you can enable69can't create the needed user namespace. On distributions that restrict this

70them with:70AppArmor setting, you can enable it with:

71 71 

72```bash72```bash

73sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=073sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0

99 99 

100At a high level, the common sandbox modes are:100At a high level, the common sandbox modes are:

101 101 

102- `read-only`: Codex can inspect files, but it cannot edit files or run102- `read-only`: Codex can inspect files, but it can't edit files or run

103 commands without approval.103 commands without approval.

104- `workspace-write`: Codex can read files, edit within the workspace, and run104- `workspace-write`: Codex can read files, edit within the workspace, and run

105 routine local commands inside that boundary. This is the default low-friction105 routine local commands inside that boundary. This is the default low-friction

110 110 

111The common approval policies are:111The common approval policies are:

112 112 

113- `untrusted`: Codex asks before running commands that are not in its trusted113- `untrusted`: Codex asks before running commands that aren't in its trusted

114 set.114 set.

115- `on-request`: Codex works inside the sandbox by default and asks when it115- `on-request`: Codex works inside the sandbox by default and asks when it

116 needs to go beyond that boundary.116 needs to go beyond that boundary.

117- `never`: Codex does not stop for approval prompts.117- `never`: Codex doesn't stop for approval prompts.

118 118 

119Full access means using `sandbox_mode = "danger-full-access"` together with119Full access means using `sandbox_mode = "danger-full-access"` together with

120`approval_policy = "never"`. By contrast, `--full-auto` is the lower-risk local120`approval_policy = "never"`. By contrast, `--full-auto` is the lower-risk local

124If you need Codex to work across more than one directory, writable roots let124If you need Codex to work across more than one directory, writable roots let

125you extend the places it can modify without removing the sandbox entirely. If125you extend the places it can modify without removing the sandbox entirely. If

126you need a broader or narrower trust boundary, adjust the default sandbox mode126you need a broader or narrower trust boundary, adjust the default sandbox mode

127and approval policy instead of relying on ad hoc exceptions.127and approval policy instead of relying on one-off exceptions.

128 

129For reusable permission sets, set `default_permissions` to a named profile and

130define `[permissions.<name>.filesystem]` or `[permissions.<name>.network]`.

131Managed network profiles use map tables such as

132`[permissions.<name>.network.domains]` and

133`[permissions.<name>.network.unix_sockets]` for domain and socket rules.

128 134 

129When a workflow needs a specific exception, use [rules](https://developers.openai.com/codex/rules). Rules135When a workflow needs a specific exception, use [rules](https://developers.openai.com/codex/rules). Rules

130let you allow, prompt, or forbid command prefixes outside the sandbox, which is136let you allow, prompt, or forbid command prefixes outside the sandbox, which is

127 127 

128## Custom model providers128## Custom model providers

129 129 

130A model provider defines how Codex connects to a model (base URL, wire API, and optional HTTP headers).130A model provider defines how Codex connects to a model (base URL, wire API, authentication, and optional HTTP headers). Custom providers can't reuse the reserved built-in provider IDs: `openai`, `ollama`, and `lmstudio`.

131 131 

132Define additional providers and point `model_provider` at them:132Define additional providers and point `model_provider` at them:

133 133 

140base_url = "http://proxy.example.com"140base_url = "http://proxy.example.com"

141env_key = "OPENAI_API_KEY"141env_key = "OPENAI_API_KEY"

142 142 

143[model_providers.ollama]143[model_providers.local_ollama]

144name = "Ollama"144name = "Ollama"

145base_url = "http://localhost:11434/v1"145base_url = "http://localhost:11434/v1"

146 146 

158env_http_headers = { "X-Example-Features" = "EXAMPLE_FEATURES" }158env_http_headers = { "X-Example-Features" = "EXAMPLE_FEATURES" }

159```159```

160 160 

161Use command-backed authentication when a provider needs Codex to fetch bearer tokens from an external credential helper:

162 

163```toml

164[model_providers.proxy]

165name = "OpenAI using LLM proxy"

166base_url = "https://proxy.example.com/v1"

167wire_api = "responses"

168 

169[model_providers.proxy.auth]

170command = "/usr/local/bin/fetch-codex-token"

171args = ["--audience", "codex"]

172timeout_ms = 5000

173refresh_interval_ms = 300000

174```

175 

176The auth command receives no `stdin` and must print the token to stdout. Codex trims surrounding whitespace, treats an empty token as an error, and refreshes proactively at `refresh_interval_ms`; set `refresh_interval_ms = 0` to refresh only after an authentication retry. Don't combine `[model_providers.<id>.auth]` with `env_key`, `experimental_bearer_token`, or `requires_openai_auth`.

177 

161## OSS mode (local providers)178## OSS mode (local providers)

162 179 

163Codex can run against a local "open source" provider (for example, Ollama or LM Studio) when you pass `--oss`. If you pass `--oss` without specifying a provider, Codex uses `oss_provider` as the default.180Codex can run against a local "open source" provider (for example, Ollama or LM Studio) when you pass `--oss`. If you pass `--oss` without specifying a provider, Codex uses `oss_provider` as the default.

176env_key = "AZURE_OPENAI_API_KEY"193env_key = "AZURE_OPENAI_API_KEY"

177query_params = { api-version = "2025-04-01-preview" }194query_params = { api-version = "2025-04-01-preview" }

178wire_api = "responses"195wire_api = "responses"

179 

180[model_providers.openai]

181request_max_retries = 4196request_max_retries = 4

182stream_max_retries = 10197stream_max_retries = 10

183stream_idle_timeout_ms = 300000198stream_idle_timeout_ms = 300000

184```199```

185 200 

201To change the base URL for the built-in OpenAI provider, use `openai_base_url`; don't create `[model_providers.openai]`, because you can't override built-in provider IDs.

202 

186## ChatGPT customers using data residency203## ChatGPT customers using data residency

187 204 

188Projects created with [data residency](https://help.openai.com/en/articles/9903489-data-residency-and-inference-residency-for-chatgpt) enabled can create a model provider to update the base_url with the [correct prefix](https://platform.openai.com/docs/guides/your-data#which-models-and-features-are-eligible-for-data-residency).205Projects created with [data residency](https://help.openai.com/en/articles/9903489-data-residency-and-inference-residency-for-chatgpt) enabled can create a model provider to update the base_url with the [correct prefix](https://platform.openai.com/docs/guides/your-data#which-models-and-features-are-eligible-for-data-residency).

150| `apps` | false | Experimental | Enable ChatGPT Apps/connectors support |150| `apps` | false | Experimental | Enable ChatGPT Apps/connectors support |

151| `codex_hooks` | false | Under development | Enable lifecycle hooks from `hooks.json`. See [Hooks](https://developers.openai.com/codex/hooks). |151| `codex_hooks` | false | Under development | Enable lifecycle hooks from `hooks.json`. See [Hooks](https://developers.openai.com/codex/hooks). |

152| `fast_mode` | true | Stable | Enable Fast mode selection and the `service_tier = "fast"` path |152| `fast_mode` | true | Stable | Enable Fast mode selection and the `service_tier = "fast"` path |

153| `memories` | false | Stable | Enable [Memories](https://developers.openai.com/codex/memories) |

153| `multi_agent` | true | Stable | Enable subagent collaboration tools |154| `multi_agent` | true | Stable | Enable subagent collaboration tools |

154| `personality` | true | Stable | Enable personality selection controls |155| `personality` | true | Stable | Enable personality selection controls |

155| `shell_snapshot` | true | Stable | Snapshot your shell environment to speed up repeated commands |156| `shell_snapshot` | true | Stable | Snapshot your shell environment to speed up repeated commands |

156| `shell_tool` | true | Stable | Enable the default `shell` tool |157| `shell_tool` | true | Stable | Enable the default `shell` tool |

157| `smart_approvals` | false | Experimental | Route eligible approval requests through the guardian reviewer subagent |158| `guardian_approval` | false | Experimental | Route eligible approval requests through the guardian reviewer subagent (set `approvals_reviewer = "guardian_subagent"`). |

158| `unified_exec` | `true` except Windows | Stable | Use the unified PTY-backed exec tool |159| `unified_exec` | `true` except Windows | Stable | Use the unified PTY-backed exec tool |

159| `undo` | false | Stable | Enable undo via per-turn git ghost snapshots |160| `undo` | false | Stable | Enable undo via per-turn git ghost snapshots |

160| `web_search` | true | Deprecated | Legacy toggle; prefer the top-level `web_search` setting |161| `web_search` | true | Deprecated | Legacy toggle; prefer the top-level `web_search` setting |

24| `approval_policy.granular.rules` | `boolean` | When `true`, approvals triggered by execpolicy `prompt` rules are allowed to surface. |24| `approval_policy.granular.rules` | `boolean` | When `true`, approvals triggered by execpolicy `prompt` rules are allowed to surface. |

25| `approval_policy.granular.sandbox_approval` | `boolean` | When `true`, sandbox escalation approval prompts are allowed to surface. |25| `approval_policy.granular.sandbox_approval` | `boolean` | When `true`, sandbox escalation approval prompts are allowed to surface. |

26| `approval_policy.granular.skill_approval` | `boolean` | When `true`, skill-script approval prompts are allowed to surface. |26| `approval_policy.granular.skill_approval` | `boolean` | When `true`, skill-script approval prompts are allowed to surface. |

27| `approvals_reviewer` | `user | guardian_subagent` | Select who reviews eligible approval prompts. Defaults to `user`; `guardian_subagent` routes supported reviews through the Guardian reviewer subagent. |

27| `apps._default.destructive_enabled` | `boolean` | Default allow/deny for app tools with `destructive_hint = true`. |28| `apps._default.destructive_enabled` | `boolean` | Default allow/deny for app tools with `destructive_hint = true`. |

28| `apps._default.enabled` | `boolean` | Default app enabled state for all apps unless overridden per app. |29| `apps._default.enabled` | `boolean` | Default app enabled state for all apps unless overridden per app. |

29| `apps._default.open_world_enabled` | `boolean` | Default allow/deny for app tools with `open_world_hint = true`. |30| `apps._default.open_world_enabled` | `boolean` | Default allow/deny for app tools with `open_world_hint = true`. |

49| `features.codex_hooks` | `boolean` | Enable lifecycle hooks loaded from `hooks.json` (under development; off by default). |50| `features.codex_hooks` | `boolean` | Enable lifecycle hooks loaded from `hooks.json` (under development; off by default). |

50| `features.enable_request_compression` | `boolean` | Compress streaming request bodies with zstd when supported (stable; on by default). |51| `features.enable_request_compression` | `boolean` | Compress streaming request bodies with zstd when supported (stable; on by default). |

51| `features.fast_mode` | `boolean` | Enable Fast mode selection and the `service_tier = "fast"` path (stable; on by default). |52| `features.fast_mode` | `boolean` | Enable Fast mode selection and the `service_tier = "fast"` path (stable; on by default). |

53| `features.guardian_approval` | `boolean` | Route eligible approval requests through the guardian reviewer subagent (experimental; off by default). Use with `approvals_reviewer = "guardian_subagent"`. |

54| `features.memories` | `boolean` | Enable [Memories](https://developers.openai.com/codex/memories) (off by default). |

52| `features.multi_agent` | `boolean` | Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait_agent`, and `close_agent`) (stable; on by default). |55| `features.multi_agent` | `boolean` | Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait_agent`, and `close_agent`) (stable; on by default). |

53| `features.personality` | `boolean` | Enable personality selection controls (stable; on by default). |56| `features.personality` | `boolean` | Enable personality selection controls (stable; on by default). |

54| `features.prevent_idle_sleep` | `boolean` | Prevent the machine from sleeping while a turn is actively running (experimental; off by default). |57| `features.prevent_idle_sleep` | `boolean` | Prevent the machine from sleeping while a turn is actively running (experimental; off by default). |

55| `features.shell_snapshot` | `boolean` | Snapshot shell environment to speed up repeated commands (stable; on by default). |58| `features.shell_snapshot` | `boolean` | Snapshot shell environment to speed up repeated commands (stable; on by default). |

56| `features.shell_tool` | `boolean` | Enable the default `shell` tool for running commands (stable; on by default). |59| `features.shell_tool` | `boolean` | Enable the default `shell` tool for running commands (stable; on by default). |

57| `features.skill_mcp_dependency_install` | `boolean` | Allow prompting and installing missing MCP dependencies for skills (stable; on by default). |60| `features.skill_mcp_dependency_install` | `boolean` | Allow prompting and installing missing MCP dependencies for skills (stable; on by default). |

58| `features.smart_approvals` | `boolean` | Route eligible approval requests through the guardian reviewer subagent (experimental; off by default). |

59| `features.undo` | `boolean` | Enable undo support (stable; off by default). |61| `features.undo` | `boolean` | Enable undo support (stable; off by default). |

60| `features.unified_exec` | `boolean` | Use the unified PTY-backed exec tool (stable; enabled by default except on Windows). |62| `features.unified_exec` | `boolean` | Use the unified PTY-backed exec tool (stable; enabled by default except on Windows). |

61| `features.web_search` | `boolean` | Deprecated legacy toggle; prefer the top-level `web_search` setting. |63| `features.web_search` | `boolean` | Deprecated legacy toggle; prefer the top-level `web_search` setting. |

91| `mcp_servers.<id>.startup_timeout_sec` | `number` | Override the default 10s startup timeout for an MCP server. |93| `mcp_servers.<id>.startup_timeout_sec` | `number` | Override the default 10s startup timeout for an MCP server. |

92| `mcp_servers.<id>.tool_timeout_sec` | `number` | Override the default 60s per-tool timeout for an MCP server. |94| `mcp_servers.<id>.tool_timeout_sec` | `number` | Override the default 60s per-tool timeout for an MCP server. |

93| `mcp_servers.<id>.url` | `string` | Endpoint for an MCP streamable HTTP server. |95| `mcp_servers.<id>.url` | `string` | Endpoint for an MCP streamable HTTP server. |

96| `memories.consolidation_model` | `string` | Optional model override for global memory consolidation. |

97| `memories.extract_model` | `string` | Optional model override for per-thread memory extraction. |

98| `memories.generate_memories` | `boolean` | When `false`, newly created threads are not stored as memory-generation inputs. Defaults to `true`. |

99| `memories.max_raw_memories_for_consolidation` | `number` | Maximum recent raw memories retained for global consolidation. Defaults to `256` and is capped at `4096`. |

100| `memories.max_rollout_age_days` | `number` | Maximum age of threads considered for memory generation. Defaults to `30` and is clamped to `0`-`90`. |

101| `memories.max_rollouts_per_startup` | `number` | Maximum rollout candidates processed per startup pass. Defaults to `16` and is capped at `128`. |

102| `memories.max_unused_days` | `number` | Maximum days since a memory was last used before it becomes ineligible for consolidation. Defaults to `30` and is clamped to `0`-`365`. |

103| `memories.min_rollout_idle_hours` | `number` | Minimum idle time before a thread is considered for memory generation. Defaults to `6` and is clamped to `1`-`48`. |

104| `memories.no_memories_if_mcp_or_web_search` | `boolean` | When `true`, threads that use MCP tool calls or web search are kept out of memory generation. Defaults to `false`. |

105| `memories.use_memories` | `boolean` | When `false`, Codex skips injecting existing memories into future sessions. Defaults to `true`. |

94| `model` | `string` | Model to use (e.g., `gpt-5.4`). |106| `model` | `string` | Model to use (e.g., `gpt-5.4`). |

95| `model_auto_compact_token_limit` | `number` | Token threshold that triggers automatic history compaction (unset uses model defaults). |107| `model_auto_compact_token_limit` | `number` | Token threshold that triggers automatic history compaction (unset uses model defaults). |

96| `model_catalog_json` | `string (path)` | Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile. |108| `model_catalog_json` | `string (path)` | Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile. |

97| `model_context_window` | `number` | Context window tokens available to the active model. |109| `model_context_window` | `number` | Context window tokens available to the active model. |

98| `model_instructions_file` | `string (path)` | Replacement for built-in instructions instead of `AGENTS.md`. |110| `model_instructions_file` | `string (path)` | Replacement for built-in instructions instead of `AGENTS.md`. |

99| `model_provider` | `string` | Provider id from `model_providers` (default: `openai`). |111| `model_provider` | `string` | Provider id from `model_providers` (default: `openai`). |

112| `model_providers.<id>` | `table` | Custom provider definition. Built-in provider IDs (`openai`, `ollama`, and `lmstudio`) are reserved and cannot be overridden. |

113| `model_providers.<id>.auth` | `table` | Command-backed bearer token configuration for a custom provider. Do not combine with `env_key`, `experimental_bearer_token`, or `requires_openai_auth`. |

114| `model_providers.<id>.auth.args` | `array<string>` | Arguments passed to the token command. |

115| `model_providers.<id>.auth.command` | `string` | Command to run when Codex needs a bearer token. The command must print the token to stdout. |

116| `model_providers.<id>.auth.cwd` | `string (path)` | Working directory for the token command. |

117| `model_providers.<id>.auth.refresh_interval_ms` | `number` | How often Codex proactively refreshes the token in milliseconds (default: 300000). Set to `0` to refresh only after an authentication retry. |

118| `model_providers.<id>.auth.timeout_ms` | `number` | Maximum token command runtime in milliseconds (default: 5000). |

100| `model_providers.<id>.base_url` | `string` | API base URL for the model provider. |119| `model_providers.<id>.base_url` | `string` | API base URL for the model provider. |

101| `model_providers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables when present. |120| `model_providers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables when present. |

102| `model_providers.<id>.env_key` | `string` | Environment variable supplying the provider API key. |121| `model_providers.<id>.env_key` | `string` | Environment variable supplying the provider API key. |

145| `permissions.<name>.filesystem.":project_roots".<subpath>` | `"read" | "write" | "none"` | Scoped filesystem access relative to the detected project roots. Use `"."` for the root itself. |164| `permissions.<name>.filesystem.":project_roots".<subpath>` | `"read" | "write" | "none"` | Scoped filesystem access relative to the detected project roots. Use `"."` for the root itself. |

146| `permissions.<name>.filesystem.<path>` | `"read" | "write" | "none" | table` | Grant direct access for a path or special token, or scope nested entries under that root. |165| `permissions.<name>.filesystem.<path>` | `"read" | "write" | "none" | table` | Grant direct access for a path or special token, or scope nested entries under that root. |

147| `permissions.<name>.network.allow_local_binding` | `boolean` | Permit local bind/listen operations through the managed proxy. |166| `permissions.<name>.network.allow_local_binding` | `boolean` | Permit local bind/listen operations through the managed proxy. |

148| `permissions.<name>.network.allow_unix_sockets` | `array<string>` | Allowlist of Unix socket paths permitted through the managed proxy. |

149| `permissions.<name>.network.allow_upstream_proxy` | `boolean` | Allow the managed proxy to chain to another upstream proxy. |167| `permissions.<name>.network.allow_upstream_proxy` | `boolean` | Allow the managed proxy to chain to another upstream proxy. |

150| `permissions.<name>.network.allowed_domains` | `array<string>` | Allowlist of domains permitted through the managed proxy. |

151| `permissions.<name>.network.dangerously_allow_all_unix_sockets` | `boolean` | Allow the proxy to use arbitrary Unix sockets instead of the default restricted set. |168| `permissions.<name>.network.dangerously_allow_all_unix_sockets` | `boolean` | Allow the proxy to use arbitrary Unix sockets instead of the default restricted set. |

152| `permissions.<name>.network.dangerously_allow_non_loopback_proxy` | `boolean` | Permit non-loopback bind addresses for the managed proxy listener. |169| `permissions.<name>.network.dangerously_allow_non_loopback_proxy` | `boolean` | Permit non-loopback bind addresses for the managed proxy listener. |

153| `permissions.<name>.network.denied_domains` | `array<string>` | Denylist of domains blocked by the managed proxy. |170| `permissions.<name>.network.domains` | `map<string, allow | deny>` | Domain rules for the managed proxy. Use domain names or wildcard patterns as keys, with `allow` or `deny` values. |

154| `permissions.<name>.network.enable_socks5` | `boolean` | Expose a SOCKS5 listener when this permissions profile enables the managed network proxy. |171| `permissions.<name>.network.enable_socks5` | `boolean` | Expose a SOCKS5 listener when this permissions profile enables the managed network proxy. |

155| `permissions.<name>.network.enable_socks5_udp` | `boolean` | Allow UDP over the SOCKS5 listener when enabled. |172| `permissions.<name>.network.enable_socks5_udp` | `boolean` | Allow UDP over the SOCKS5 listener when enabled. |

156| `permissions.<name>.network.enabled` | `boolean` | Enable network access for this named permissions profile. |173| `permissions.<name>.network.enabled` | `boolean` | Enable network access for this named permissions profile. |

157| `permissions.<name>.network.mode` | `limited | full` | Network proxy mode used for subprocess traffic. |174| `permissions.<name>.network.mode` | `limited | full` | Network proxy mode used for subprocess traffic. |

158| `permissions.<name>.network.proxy_url` | `string` | HTTP proxy endpoint used when this permissions profile enables the managed network proxy. |175| `permissions.<name>.network.proxy_url` | `string` | HTTP proxy endpoint used when this permissions profile enables the managed network proxy. |

159| `permissions.<name>.network.socks_url` | `string` | SOCKS5 proxy endpoint used by this permissions profile. |176| `permissions.<name>.network.socks_url` | `string` | SOCKS5 proxy endpoint used by this permissions profile. |

177| `permissions.<name>.network.unix_sockets` | `map<string, allow | none>` | Unix socket rules for the managed proxy. Use socket paths as keys, with `allow` or `none` values. |

160| `personality` | `none | friendly | pragmatic` | Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`. |178| `personality` | `none | friendly | pragmatic` | Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`. |

161| `plan_mode_reasoning_effort` | `none | minimal | low | medium | high | xhigh` | Plan-mode-specific reasoning override. When unset, Plan mode uses its built-in preset default. |179| `plan_mode_reasoning_effort` | `none | minimal | low | medium | high | xhigh` | Plan-mode-specific reasoning override. When unset, Plan mode uses its built-in preset default. |

162| `profile` | `string` | Default profile applied at startup (equivalent to `--profile`). |180| `profile` | `string` | Default profile applied at startup (equivalent to `--profile`). |

196| `sqlite_home` | `string (path)` | Directory where Codex stores the SQLite-backed state DB used by agent jobs and other resumable runtime state. |214| `sqlite_home` | `string (path)` | Directory where Codex stores the SQLite-backed state DB used by agent jobs and other resumable runtime state. |

197| `suppress_unstable_features_warning` | `boolean` | Suppress the warning that appears when under-development feature flags are enabled. |215| `suppress_unstable_features_warning` | `boolean` | Suppress the warning that appears when under-development feature flags are enabled. |

198| `tool_output_token_limit` | `number` | Token budget for storing individual tool/function outputs in history. |216| `tool_output_token_limit` | `number` | Token budget for storing individual tool/function outputs in history. |

217| `tool_suggest.discoverables` | `array<table>` | Allow tool suggestions for additional discoverable connectors or plugins. Each entry uses `type = "connector"` or `"plugin"` and an `id`. |

199| `tools.view_image` | `boolean` | Enable the local-image attachment tool `view_image`. |218| `tools.view_image` | `boolean` | Enable the local-image attachment tool `view_image`. |

200| `tools.web_search` | `boolean | { context_size = "low|medium|high", allowed_domains = [string], location = { country, region, city, timezone } }` | Optional web search tool configuration. The legacy boolean form is still accepted, but the object form lets you set search context size, allowed domains, and approximate user location. |219| `tools.web_search` | `boolean | { context_size = "low|medium|high", allowed_domains = [string], location = { country, region, city, timezone } }` | Optional web search tool configuration. The legacy boolean form is still accepted, but the object form lets you set search context size, allowed domains, and approximate user location. |

201| `tui` | `table` | TUI-specific options such as enabling inline desktop notifications. |220| `tui` | `table` | TUI-specific options such as enabling inline desktop notifications. |

206| `tui.notifications` | `boolean | array<string>` | Enable TUI notifications; optionally restrict to specific event types. |225| `tui.notifications` | `boolean | array<string>` | Enable TUI notifications; optionally restrict to specific event types. |

207| `tui.show_tooltips` | `boolean` | Show onboarding tooltips in the TUI welcome screen (default: true). |226| `tui.show_tooltips` | `boolean` | Show onboarding tooltips in the TUI welcome screen (default: true). |

208| `tui.status_line` | `array<string> | null` | Ordered list of TUI footer status-line item identifiers. `null` disables the status line. |227| `tui.status_line` | `array<string> | null` | Ordered list of TUI footer status-line item identifiers. `null` disables the status line. |

228| `tui.terminal_title` | `array<string> | null` | Ordered list of terminal window/tab title item identifiers. Defaults to `["spinner", "project"]`; `null` disables title updates. |

209| `tui.theme` | `string` | Syntax-highlighting theme override (kebab-case theme name). |229| `tui.theme` | `string` | Syntax-highlighting theme override (kebab-case theme name). |

210| `web_search` | `disabled | cached | live` | Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool. |230| `web_search` | `disabled | cached | live` | Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool. |

211| `windows_wsl_setup_acknowledged` | `boolean` | Track Windows onboarding acknowledgement (Windows only). |231| `windows_wsl_setup_acknowledged` | `boolean` | Track Windows onboarding acknowledgement (Windows only). |

382 402 

383Key403Key

384 404 

405`approvals_reviewer`

406 

407Type / Values

408 

409`user | guardian_subagent`

410 

411Details

412 

413Select who reviews eligible approval prompts. Defaults to `user`; `guardian_subagent` routes supported reviews through the Guardian reviewer subagent.

414 

415Key

416 

385`apps._default.destructive_enabled`417`apps._default.destructive_enabled`

386 418 

387Type / Values419Type / Values

682 714 

683Key715Key

684 716 

717`features.guardian_approval`

718 

719Type / Values

720 

721`boolean`

722 

723Details

724 

725Route eligible approval requests through the guardian reviewer subagent (experimental; off by default). Use with `approvals_reviewer = "guardian_subagent"`.

726 

727Key

728 

729`features.memories`

730 

731Type / Values

732 

733`boolean`

734 

735Details

736 

737Enable [Memories](https://developers.openai.com/codex/memories) (off by default).

738 

739Key

740 

685`features.multi_agent`741`features.multi_agent`

686 742 

687Type / Values743Type / Values

754 810 

755Key811Key

756 812 

757`features.smart_approvals`

758 

759Type / Values

760 

761`boolean`

762 

763Details

764 

765Route eligible approval requests through the guardian reviewer subagent (experimental; off by default).

766 

767Key

768 

769`features.undo`813`features.undo`

770 814 

771Type / Values815Type / Values

1186 1230 

1187Key1231Key

1188 1232 

1233`memories.consolidation_model`

1234 

1235Type / Values

1236 

1237`string`

1238 

1239Details

1240 

1241Optional model override for global memory consolidation.

1242 

1243Key

1244 

1245`memories.extract_model`

1246 

1247Type / Values

1248 

1249`string`

1250 

1251Details

1252 

1253Optional model override for per-thread memory extraction.

1254 

1255Key

1256 

1257`memories.generate_memories`

1258 

1259Type / Values

1260 

1261`boolean`

1262 

1263Details

1264 

1265When `false`, newly created threads are not stored as memory-generation inputs. Defaults to `true`.

1266 

1267Key

1268 

1269`memories.max_raw_memories_for_consolidation`

1270 

1271Type / Values

1272 

1273`number`

1274 

1275Details

1276 

1277Maximum recent raw memories retained for global consolidation. Defaults to `256` and is capped at `4096`.

1278 

1279Key

1280 

1281`memories.max_rollout_age_days`

1282 

1283Type / Values

1284 

1285`number`

1286 

1287Details

1288 

1289Maximum age of threads considered for memory generation. Defaults to `30` and is clamped to `0`-`90`.

1290 

1291Key

1292 

1293`memories.max_rollouts_per_startup`

1294 

1295Type / Values

1296 

1297`number`

1298 

1299Details

1300 

1301Maximum rollout candidates processed per startup pass. Defaults to `16` and is capped at `128`.

1302 

1303Key

1304 

1305`memories.max_unused_days`

1306 

1307Type / Values

1308 

1309`number`

1310 

1311Details

1312 

1313Maximum days since a memory was last used before it becomes ineligible for consolidation. Defaults to `30` and is clamped to `0`-`365`.

1314 

1315Key

1316 

1317`memories.min_rollout_idle_hours`

1318 

1319Type / Values

1320 

1321`number`

1322 

1323Details

1324 

1325Minimum idle time before a thread is considered for memory generation. Defaults to `6` and is clamped to `1`-`48`.

1326 

1327Key

1328 

1329`memories.no_memories_if_mcp_or_web_search`

1330 

1331Type / Values

1332 

1333`boolean`

1334 

1335Details

1336 

1337When `true`, threads that use MCP tool calls or web search are kept out of memory generation. Defaults to `false`.

1338 

1339Key

1340 

1341`memories.use_memories`

1342 

1343Type / Values

1344 

1345`boolean`

1346 

1347Details

1348 

1349When `false`, Codex skips injecting existing memories into future sessions. Defaults to `true`.

1350 

1351Key

1352 

1189`model`1353`model`

1190 1354 

1191Type / Values1355Type / Values

1258 1422 

1259Key1423Key

1260 1424 

1425`model_providers.<id>`

1426 

1427Type / Values

1428 

1429`table`

1430 

1431Details

1432 

1433Custom provider definition. Built-in provider IDs (`openai`, `ollama`, and `lmstudio`) are reserved and cannot be overridden.

1434 

1435Key

1436 

1437`model_providers.<id>.auth`

1438 

1439Type / Values

1440 

1441`table`

1442 

1443Details

1444 

1445Command-backed bearer token configuration for a custom provider. Do not combine with `env_key`, `experimental_bearer_token`, or `requires_openai_auth`.

1446 

1447Key

1448 

1449`model_providers.<id>.auth.args`

1450 

1451Type / Values

1452 

1453`array<string>`

1454 

1455Details

1456 

1457Arguments passed to the token command.

1458 

1459Key

1460 

1461`model_providers.<id>.auth.command`

1462 

1463Type / Values

1464 

1465`string`