config-basic.md +19 −7
1# Config basics1# Config basics
2 2
3Learn the basics of configuring your local Codex client
4
5Codex reads configuration details from more than one location. Your personal defaults live in `~/.codex/config.toml`, and you can add project overrides with `.codex/config.toml` files. For security, Codex loads project config files only when you trust the project.3Codex reads configuration details from more than one location. Your personal defaults live in `~/.codex/config.toml`, and you can add project overrides with `.codex/config.toml` files. For security, Codex loads project config files only when you trust the project.
6 4
7## Codex configuration file5## Codex configuration file
13The CLI and IDE extension share the same configuration layers. You can use them to:11The CLI and IDE extension share the same configuration layers. You can use them to:
14 12
15- Set the default model and provider.13- Set the default model and provider.
1614- Configure [approval policies and sandbox settings](https://developers.openai.com/codex/security).- Configure [approval policies and sandbox settings](https://developers.openai.com/codex/security#sandbox-and-approvals).
17- Configure [MCP servers](https://developers.openai.com/codex/mcp).15- Configure [MCP servers](https://developers.openai.com/codex/mcp).
18 16
19## Configuration precedence17## Configuration precedence
35 33
36On managed machines, your organization may also enforce constraints via34On managed machines, your organization may also enforce constraints via
37 `requirements.toml` (for example, disallowing `approval_policy = "never"` or35 `requirements.toml` (for example, disallowing `approval_policy = "never"` or
3836`sandbox_mode = "danger-full-access"`). See [Security](https://developers.openai.com/codex/security). `sandbox_mode = "danger-full-access"`). See [Managed
37configuration](https://developers.openai.com/codex/security#managed-configuration) and [Admin-enforced
38 requirements](https://developers.openai.com/codex/enterprise/managed-configuration#admin-enforced-requirements-requirementstoml).
39 39
40## Common configuration options40## Common configuration options
41 41
57approval_policy = "on-request"57approval_policy = "on-request"
58```58```
59 59
60For behavior differences between `untrusted`, `on-request`, and `never`, see [Run without approval prompts](https://developers.openai.com/codex/security#run-without-approval-prompts) and [Common sandbox and approval combinations](https://developers.openai.com/codex/security#common-sandbox-and-approval-combinations).
61
60#### Sandbox level62#### Sandbox level
61 63
62Adjust how much filesystem and network access Codex has while executing commands.64Adjust how much filesystem and network access Codex has while executing commands.
65sandbox_mode = "workspace-write"67sandbox_mode = "workspace-write"
66```68```
67 69
70For mode-by-mode behavior (including protected `.git`/`.codex` paths and network defaults), see [Sandbox and approvals](https://developers.openai.com/codex/security#sandbox-and-approvals), [Protected paths in writable roots](https://developers.openai.com/codex/security#protected-paths-in-writable-roots), and [Network access](https://developers.openai.com/codex/security#network-access).
71
72#### Windows sandbox mode
73
74When running Codex natively on Windows, set the native sandbox mode to `elevated` in the `windows` table. Use `unelevated` only if you do not have administrator permissions or if elevated setup fails.
75
76```toml
77[windows]
78sandbox = "elevated" # Recommended
79# sandbox = "unelevated" # Fallback if admin permissions/setup are unavailable
80```
81
68#### Web search mode82#### Web search mode
69 83
7084Codex enables web search by default for local tasks and serves results from a web search cache. The cache is an OpenAI-maintained index of web results, so cached mode returns pre-indexed results instead of fetching live pages. This reduces exposure to prompt injection from arbitrary live content, but you should still treat web results as untrusted. If you are using `--yolo` or another [full access sandbox setting](https://developers.openai.com/codex/security), web search defaults to live results. Choose a mode with `web_search`:Codex enables web search by default for local tasks and serves results from a web search cache. The cache is an OpenAI-maintained index of web results, so cached mode returns pre-indexed results instead of fetching live pages. This reduces exposure to prompt injection from arbitrary live content, but you should still treat web results as untrusted. If you are using `--yolo` or another [full access sandbox setting](https://developers.openai.com/codex/security#common-sandbox-and-approval-combinations), web search defaults to live results. Choose a mode with `web_search`:
71 85
72- `"cached"` (default) serves results from the web search cache.86- `"cached"` (default) serves results from the web search cache.
73- `"live"` fetches the most recent data from the web (same as `--search`).87- `"live"` fetches the most recent data from the web (same as `--search`).
136| `apply_patch_freeform` | false | Experimental | Include the freeform `apply_patch` tool |150| `apply_patch_freeform` | false | Experimental | Include the freeform `apply_patch` tool |
137| `apps` | false | Experimental | Enable ChatGPT Apps/connectors support |151| `apps` | false | Experimental | Enable ChatGPT Apps/connectors support |
138| `apps_mcp_gateway` | false | Experimental | Route Apps MCP calls through `https://api.openai.com/v1/connectors/mcp/` instead of legacy routing |152| `apps_mcp_gateway` | false | Experimental | Route Apps MCP calls through `https://api.openai.com/v1/connectors/mcp/` instead of legacy routing |
139| `elevated_windows_sandbox` | false | Experimental | Use the elevated Windows sandbox pipeline |
140| `collaboration_modes` | true | Stable | Enable collaboration modes such as plan mode |153| `collaboration_modes` | true | Stable | Enable collaboration modes such as plan mode |
141| `experimental_windows_sandbox` | false | Experimental | Use the Windows restricted-token sandbox |
142| `multi_agent` | false | Experimental | Enable multi-agent collaboration tools |154| `multi_agent` | false | Experimental | Enable multi-agent collaboration tools |
143| `personality` | true | Stable | Enable personality selection controls |155| `personality` | true | Stable | Enable personality selection controls |
144| `remote_models` | false | Experimental | Refresh remote model list before showing readiness |156| `remote_models` | false | Experimental | Refresh remote model list before showing readiness |