SpyBara
Go Premium Account

config-reference.md Codex Docs, 2026-02-20 12:16 UTC → 2026-03-08 00:35 UTC

Inspect the documentation page or source diff for this selected snapshot comparison.

2026
20 Feb 2026, 12:16
14 May 2026, 21:00 14 May 2026, 07:00 13 May 2026, 00:57 12 May 2026, 01:59 11 May 2026, 18:00 7 May 2026, 20:02 7 May 2026, 17:08 5 May 2026, 23:00 2 May 2026, 06:45 2 May 2026, 00:48 1 May 2026, 18:29 30 Apr 2026, 18:36 29 Apr 2026, 12:40 29 Apr 2026, 00:50 25 Apr 2026, 06:37 25 Apr 2026, 00:42 24 Apr 2026, 18:20 24 Apr 2026, 12:28 23 Apr 2026, 18:31 23 Apr 2026, 12:28 23 Apr 2026, 00:46 22 Apr 2026, 18:29 22 Apr 2026, 00:42 21 Apr 2026, 18:29 21 Apr 2026, 12:30 21 Apr 2026, 06:45 20 Apr 2026, 18:26 20 Apr 2026, 06:53 18 Apr 2026, 18:18 17 Apr 2026, 00:44 16 Apr 2026, 18:31 16 Apr 2026, 00:46 15 Apr 2026, 18:31 15 Apr 2026, 06:44 14 Apr 2026, 18:31 14 Apr 2026, 12:29 13 Apr 2026, 18:37 13 Apr 2026, 00:44 12 Apr 2026, 06:38 10 Apr 2026, 18:23 9 Apr 2026, 00:33 8 Apr 2026, 18:32 8 Apr 2026, 00:40 7 Apr 2026, 00:40 2 Apr 2026, 18:23 31 Mar 2026, 06:35 31 Mar 2026, 00:39 28 Mar 2026, 06:26 28 Mar 2026, 00:36 27 Mar 2026, 18:23 27 Mar 2026, 00:39 26 Mar 2026, 18:27 25 Mar 2026, 18:24 23 Mar 2026, 18:22 20 Mar 2026, 00:35 18 Mar 2026, 12:23 18 Mar 2026, 00:36 17 Mar 2026, 18:24 17 Mar 2026, 00:33 16 Mar 2026, 18:25 16 Mar 2026, 12:23 14 Mar 2026, 00:32 13 Mar 2026, 18:15 13 Mar 2026, 00:34 11 Mar 2026, 00:31 9 Mar 2026, 00:34 8 Mar 2026, 18:10 8 Mar 2026, 00:35 7 Mar 2026, 18:10 7 Mar 2026, 06:14 7 Mar 2026, 00:33 6 Mar 2026, 00:38 5 Mar 2026, 18:41 5 Mar 2026, 06:22 5 Mar 2026, 00:34 4 Mar 2026, 18:18 4 Mar 2026, 06:20 3 Mar 2026, 18:20 3 Mar 2026, 00:35 27 Feb 2026, 18:15 24 Feb 2026, 06:27 24 Feb 2026, 00:33 23 Feb 2026, 18:27 21 Feb 2026, 00:33 20 Feb 2026, 12:16 19 Feb 2026, 20:53 19 Feb 2026, 20:37
8 Mar 2026, 00:35
14 May 2026, 21:00 14 May 2026, 07:00 13 May 2026, 00:57 12 May 2026, 01:59 11 May 2026, 18:00 7 May 2026, 20:02 7 May 2026, 17:08 5 May 2026, 23:00 2 May 2026, 06:45 2 May 2026, 00:48 1 May 2026, 18:29 30 Apr 2026, 18:36 29 Apr 2026, 12:40 29 Apr 2026, 00:50 25 Apr 2026, 06:37 25 Apr 2026, 00:42 24 Apr 2026, 18:20 24 Apr 2026, 12:28 23 Apr 2026, 18:31 23 Apr 2026, 12:28 23 Apr 2026, 00:46 22 Apr 2026, 18:29 22 Apr 2026, 00:42 21 Apr 2026, 18:29 21 Apr 2026, 12:30 21 Apr 2026, 06:45 20 Apr 2026, 18:26 20 Apr 2026, 06:53 18 Apr 2026, 18:18 17 Apr 2026, 00:44 16 Apr 2026, 18:31 16 Apr 2026, 00:46 15 Apr 2026, 18:31 15 Apr 2026, 06:44 14 Apr 2026, 18:31 14 Apr 2026, 12:29 13 Apr 2026, 18:37 13 Apr 2026, 00:44 12 Apr 2026, 06:38 10 Apr 2026, 18:23 9 Apr 2026, 00:33 8 Apr 2026, 18:32 8 Apr 2026, 00:40 7 Apr 2026, 00:40 2 Apr 2026, 18:23 31 Mar 2026, 06:35 31 Mar 2026, 00:39 28 Mar 2026, 06:26 28 Mar 2026, 00:36 27 Mar 2026, 18:23 27 Mar 2026, 00:39 26 Mar 2026, 18:27 25 Mar 2026, 18:24 23 Mar 2026, 18:22 20 Mar 2026, 00:35 18 Mar 2026, 12:23 18 Mar 2026, 00:36 17 Mar 2026, 18:24 17 Mar 2026, 00:33 16 Mar 2026, 18:25 16 Mar 2026, 12:23 14 Mar 2026, 00:32 13 Mar 2026, 18:15 13 Mar 2026, 00:34 11 Mar 2026, 00:31 9 Mar 2026, 00:34 8 Mar 2026, 18:10 8 Mar 2026, 00:35 7 Mar 2026, 18:10 7 Mar 2026, 06:14 7 Mar 2026, 00:33 6 Mar 2026, 00:38 5 Mar 2026, 18:41 5 Mar 2026, 06:22 5 Mar 2026, 00:34 4 Mar 2026, 18:18 4 Mar 2026, 06:20 3 Mar 2026, 18:20 3 Mar 2026, 00:35 27 Feb 2026, 18:15 24 Feb 2026, 06:27 24 Feb 2026, 00:33 23 Feb 2026, 18:27 21 Feb 2026, 00:33 20 Feb 2026, 12:16 19 Feb 2026, 20:53 19 Feb 2026, 20:37
Tue 3 00:35 Tue 3 18:20 Wed 4 06:20 Wed 4 18:18 Thu 5 00:34 Thu 5 06:22 Thu 5 18:41 Fri 6 00:38 Sat 7 00:33 Sat 7 06:14 Sat 7 18:10 Sun 8 00:35 Sun 8 18:10 Mon 9 00:34 Wed 11 00:31 Fri 13 00:34 Fri 13 18:15 Sat 14 00:32 Mon 16 12:23 Mon 16 18:25 Tue 17 00:33 Tue 17 18:24 Wed 18 00:36 Wed 18 12:23 Fri 20 00:35 Mon 23 18:22 Wed 25 18:24 Thu 26 18:27 Fri 27 00:39 Fri 27 18:23 Sat 28 00:36 Sat 28 06:26 Tue 31 00:39 Tue 31 06:35

config-reference.md +1175 −338

Details

6 6 

7User-level configuration lives in `~/.codex/config.toml`. You can also add project-scoped overrides in `.codex/config.toml` files. Codex loads project-scoped config files only when you trust the project.7User-level configuration lives in `~/.codex/config.toml`. You can also add project-scoped overrides in `.codex/config.toml` files. Codex loads project-scoped config files only when you trust the project.

8 8 

9For sandbox and approval keys (`approval_policy`, `sandbox_mode`, and `sandbox_workspace_write.*`), pair this reference with [Sandbox and approvals](https://developers.openai.com/codex/agent-approvals-security#sandbox-and-approvals), [Protected paths in writable roots](https://developers.openai.com/codex/agent-approvals-security#protected-paths-in-writable-roots), and [Network access](https://developers.openai.com/codex/agent-approvals-security#network-access).

10 

9| Key | Type / Values | Details |11| Key | Type / Values | Details |

10| --- | --- | --- |12| --- | --- | --- |

11| `agents.<name>.config_file` | `string (path)` | Path to a TOML config layer for that role; relative paths resolve from the config file that declares the role. |13| `agents.<name>.config_file` | `string (path)` | Path to a TOML config layer for that role; relative paths resolve from the config file that declares the role. |

12| `agents.<name>.description` | `string` | Role guidance shown to Codex when choosing and spawning that agent type. |14| `agents.<name>.description` | `string` | Role guidance shown to Codex when choosing and spawning that agent type. |

15| `agents.<name>.nickname_candidates` | `array<string>` | Optional pool of display nicknames for spawned agents in that role. |

16| `agents.job_max_runtime_seconds` | `number` | Default per-worker timeout for `spawn_agents_on_csv` jobs. When unset, the tool falls back to 1800 seconds per worker. |

17| `agents.max_depth` | `number` | Maximum nesting depth allowed for spawned agent threads (root sessions start at depth 0; default: 1). |

13| `agents.max_threads` | `number` | Maximum number of agent threads that can be open concurrently. |18| `agents.max_threads` | `number` | Maximum number of agent threads that can be open concurrently. |

14| `approval_policy` | `untrusted | on-request | never` | Controls when Codex pauses for approval before executing commands. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs. |19| `allow_login_shell` | `boolean` | Allow shell-based tools to use login-shell semantics. Defaults to `true`; when `false`, `login = true` requests are rejected and omitted `login` defaults to non-login shells. |

15| `apps.<id>.disabled_reason` | `unknown | user` | Optional reason attached when an app/connector is disabled. |20| `analytics.enabled` | `boolean` | Enable or disable analytics for this machine/profile. When unset, the client default applies. |

21| `approval_policy` | `untrusted | on-request | never | { reject = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool } }` | Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { reject = { ... } }` to auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs. |

22| `approval_policy.reject.mcp_elicitations` | `boolean` | When `true`, MCP elicitation prompts are auto-rejected instead of shown to the user. |

23| `approval_policy.reject.rules` | `boolean` | When `true`, approvals triggered by execpolicy `prompt` rules are auto-rejected. |

24| `approval_policy.reject.sandbox_approval` | `boolean` | When `true`, sandbox escalation approval prompts are auto-rejected. |

25| `apps._default.destructive_enabled` | `boolean` | Default allow/deny for app tools with `destructive_hint = true`. |

26| `apps._default.enabled` | `boolean` | Default app enabled state for all apps unless overridden per app. |

27| `apps._default.open_world_enabled` | `boolean` | Default allow/deny for app tools with `open_world_hint = true`. |

28| `apps.<id>.default_tools_approval_mode` | `auto | prompt | approve` | Default approval behavior for tools in this app unless a per-tool override exists. |

29| `apps.<id>.default_tools_enabled` | `boolean` | Default enabled state for tools in this app unless a per-tool override exists. |

30| `apps.<id>.destructive_enabled` | `boolean` | Allow or block tools in this app that advertise `destructive_hint = true`. |

16| `apps.<id>.enabled` | `boolean` | Enable or disable a specific app/connector by id (default: true). |31| `apps.<id>.enabled` | `boolean` | Enable or disable a specific app/connector by id (default: true). |

32| `apps.<id>.open_world_enabled` | `boolean` | Allow or block tools in this app that advertise `open_world_hint = true`. |

33| `apps.<id>.tools.<tool>.approval_mode` | `auto | prompt | approve` | Per-tool approval behavior override for a single app tool. |

34| `apps.<id>.tools.<tool>.enabled` | `boolean` | Per-tool enabled override for an app tool (for example `repos/list`). |

35| `background_terminal_max_timeout` | `number` | Maximum poll window in milliseconds for empty `write_stdin` polls (background terminal polling). Default: `300000` (5 minutes). Replaces the older `background_terminal_timeout` key. |

17| `chatgpt_base_url` | `string` | Override the base URL used during the ChatGPT login flow. |36| `chatgpt_base_url` | `string` | Override the base URL used during the ChatGPT login flow. |

18| `check_for_update_on_startup` | `boolean` | Check for Codex updates on startup (set to false only when updates are centrally managed). |37| `check_for_update_on_startup` | `boolean` | Check for Codex updates on startup (set to false only when updates are centrally managed). |

19| `cli_auth_credentials_store` | `file | keyring | auto` | Control where the CLI stores cached credentials (file-based auth.json vs OS keychain). |38| `cli_auth_credentials_store` | `file | keyring | auto` | Control where the CLI stores cached credentials (file-based auth.json vs OS keychain). |

39| `commit_attribution` | `string` | Override the commit co-author trailer text. Set an empty string to disable automatic attribution. |

20| `compact_prompt` | `string` | Inline override for the history compaction prompt. |40| `compact_prompt` | `string` | Inline override for the history compaction prompt. |

21| `developer_instructions` | `string` | Additional developer instructions injected into the session (optional). |41| `developer_instructions` | `string` | Additional developer instructions injected into the session (optional). |

22| `disable_paste_burst` | `boolean` | Disable burst-paste detection in the TUI. |42| `disable_paste_burst` | `boolean` | Disable burst-paste detection in the TUI. |

23| `experimental_compact_prompt_file` | `string (path)` | Load the compaction prompt override from a file (experimental). |43| `experimental_compact_prompt_file` | `string (path)` | Load the compaction prompt override from a file (experimental). |

24| `experimental_use_freeform_apply_patch` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform` or `codex --enable apply_patch_freeform`. |

25| `experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`. |44| `experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`. |

26| `features.apply_patch_freeform` | `boolean` | Expose the freeform `apply_patch` tool (experimental). |

27| `features.apps` | `boolean` | Enable ChatGPT Apps/connectors support (experimental). |45| `features.apps` | `boolean` | Enable ChatGPT Apps/connectors support (experimental). |

28| `features.apps_mcp_gateway` | `boolean` | Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental). |46| `features.apps_mcp_gateway` | `boolean` | Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental). |

47| `features.artifact` | `boolean` | Enable native artifact tools such as slides and spreadsheets (under development). |

29| `features.child_agents_md` | `boolean` | Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental). |48| `features.child_agents_md` | `boolean` | Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental). |

30| `features.collaboration_modes` | `boolean` | Enable collaboration modes such as plan mode (stable; on by default). |49| `features.collaboration_modes` | `boolean` | Legacy toggle for collaboration modes. Plan and default modes are available in current builds without setting this key. |

31| `features.elevated_windows_sandbox` | `boolean` | Enable the elevated Windows sandbox pipeline (experimental). |50| `features.default_mode_request_user_input` | `boolean` | Allow `request_user_input` in default collaboration mode (under development; off by default). |

32| `features.experimental_windows_sandbox` | `boolean` | Run the Windows restricted-token sandbox (experimental). |51| `features.elevated_windows_sandbox` | `boolean` | Legacy toggle for an earlier elevated Windows sandbox rollout. Current builds do not use it. |

33| `features.multi_agent` | `boolean` | Enable multi-agent collaboration tools (`spawn\_agent`, `send\_input`, `resume\_agent`, `wait`, and `close\_agent`) (experimental; off by default). |52| `features.enable_request_compression` | `boolean` | Compress streaming request bodies with zstd when supported (stable; on by default). |

53| `features.experimental_windows_sandbox` | `boolean` | Legacy toggle for an earlier Windows sandbox rollout. Current builds do not use it. |

54| `features.fast_mode` | `boolean` | Enable Fast mode selection and the `service_tier = "fast"` path (stable; on by default). |

55| `features.image_detail_original` | `boolean` | Allow image outputs with `detail = "original"` on supported models (under development). |

56| `features.image_generation` | `boolean` | Enable the built-in image generation tool (under development). |

57| `features.multi_agent` | `boolean` | Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait`, `close_agent`, and `spawn_agents_on_csv`) (experimental; off by default). |

34| `features.personality` | `boolean` | Enable personality selection controls (stable; on by default). |58| `features.personality` | `boolean` | Enable personality selection controls (stable; on by default). |

35| `features.powershell_utf8` | `boolean` | Force PowerShell UTF-8 output (defaults to true). |59| `features.powershell_utf8` | `boolean` | Force PowerShell UTF-8 output. Enabled by default on Windows and off elsewhere. |

36| `features.remote_models` | `boolean` | Refresh remote model list before showing readiness (experimental). |60| `features.prevent_idle_sleep` | `boolean` | Prevent the machine from sleeping while a turn is actively running (experimental; off by default). |

37| `features.request_rule` | `boolean` | Enable Smart approvals (`prefix_rule` suggestions on escalation requests; stable; on by default). |61| `features.remote_models` | `boolean` | Legacy toggle for an older remote-model readiness flow. Current builds do not use it. |

62| `features.request_rule` | `boolean` | Legacy toggle for Smart approvals. Current builds include this behavior by default, so most users can leave this unset. |

63| `features.responses_websockets` | `boolean` | Prefer the Responses API WebSocket transport for supported providers (under development). |

64| `features.responses_websockets_v2` | `boolean` | Enable Responses API WebSocket v2 mode (under development). |

38| `features.runtime_metrics` | `boolean` | Show runtime metrics summary in TUI turn separators (experimental). |65| `features.runtime_metrics` | `boolean` | Show runtime metrics summary in TUI turn separators (experimental). |

39| `features.search_tool` | `boolean` | Enable `search_tool_bm25` for Apps tool discovery before invoking app MCP tools (experimental). |66| `features.search_tool` | `boolean` | Legacy toggle for an older Apps discovery flow. Current builds do not use it. |

40| `features.shell_snapshot` | `boolean` | Snapshot shell environment to speed up repeated commands (beta). |67| `features.shell_snapshot` | `boolean` | Snapshot shell environment to speed up repeated commands (stable; on by default). |

41| `features.shell_tool` | `boolean` | Enable the default `shell` tool for running commands (stable; on by default). |68| `features.shell_tool` | `boolean` | Enable the default `shell` tool for running commands (stable; on by default). |

42| `features.unified_exec` | `boolean` | Use the unified PTY-backed exec tool (beta). |69| `features.skill_env_var_dependency_prompt` | `boolean` | Prompt for missing skill environment-variable dependencies (under development). |

70| `features.skill_mcp_dependency_install` | `boolean` | Allow prompting and installing missing MCP dependencies for skills (stable; on by default). |

71| `features.sqlite` | `boolean` | Enable SQLite-backed state persistence (stable; on by default). |

72| `features.steer` | `boolean` | Legacy toggle from an earlier Enter/Tab steering rollout. Current builds always use the current steering behavior. |

73| `features.undo` | `boolean` | Enable undo support (stable; off by default). |

74| `features.unified_exec` | `boolean` | Use the unified PTY-backed exec tool (stable; enabled by default except on Windows). |

43| `features.use_linux_sandbox_bwrap` | `boolean` | Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default). |75| `features.use_linux_sandbox_bwrap` | `boolean` | Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default). |

44| `features.web_search` | `boolean` | Deprecated legacy toggle; prefer the top-level `web_search` setting. |76| `features.web_search` | `boolean` | Deprecated legacy toggle; prefer the top-level `web_search` setting. |

45| `features.web_search_cached` | `boolean` | Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`. |77| `features.web_search_cached` | `boolean` | Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`. |

51| `hide_agent_reasoning` | `boolean` | Suppress reasoning events in both the TUI and `codex exec` output. |83| `hide_agent_reasoning` | `boolean` | Suppress reasoning events in both the TUI and `codex exec` output. |

52| `history.max_bytes` | `number` | If set, caps the history file size in bytes by dropping oldest entries. |84| `history.max_bytes` | `number` | If set, caps the history file size in bytes by dropping oldest entries. |

53| `history.persistence` | `save-all | none` | Control whether Codex saves session transcripts to history.jsonl. |85| `history.persistence` | `save-all | none` | Control whether Codex saves session transcripts to history.jsonl. |

54| `include_apply_patch_tool` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |

55| `instructions` | `string` | Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`. |86| `instructions` | `string` | Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`. |

56| `log_dir` | `string (path)` | Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`. |87| `log_dir` | `string (path)` | Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`. |

57| `mcp_oauth_callback_port` | `integer` | Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS. |88| `mcp_oauth_callback_port` | `integer` | Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS. |

89| `mcp_oauth_callback_url` | `string` | Optional redirect URI override for MCP OAuth login (for example, a devbox ingress URL). `mcp_oauth_callback_port` still controls the callback listener port. |

58| `mcp_oauth_credentials_store` | `auto | file | keyring` | Preferred store for MCP OAuth credentials. |90| `mcp_oauth_credentials_store` | `auto | file | keyring` | Preferred store for MCP OAuth credentials. |

59| `mcp_servers.<id>.args` | `array<string>` | Arguments passed to the MCP stdio server command. |91| `mcp_servers.<id>.args` | `array<string>` | Arguments passed to the MCP stdio server command. |

60| `mcp_servers.<id>.bearer_token_env_var` | `string` | Environment variable sourcing the bearer token for an MCP HTTP server. |92| `mcp_servers.<id>.bearer_token_env_var` | `string` | Environment variable sourcing the bearer token for an MCP HTTP server. |

67| `mcp_servers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables for an MCP HTTP server. |99| `mcp_servers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables for an MCP HTTP server. |

68| `mcp_servers.<id>.env_vars` | `array<string>` | Additional environment variables to whitelist for an MCP stdio server. |100| `mcp_servers.<id>.env_vars` | `array<string>` | Additional environment variables to whitelist for an MCP stdio server. |

69| `mcp_servers.<id>.http_headers` | `map<string,string>` | Static HTTP headers included with each MCP HTTP request. |101| `mcp_servers.<id>.http_headers` | `map<string,string>` | Static HTTP headers included with each MCP HTTP request. |

102| `mcp_servers.<id>.oauth_resource` | `string` | Optional RFC 8707 OAuth resource parameter to include during MCP login. |

70| `mcp_servers.<id>.required` | `boolean` | When true, fail startup/resume if this enabled MCP server cannot initialize. |103| `mcp_servers.<id>.required` | `boolean` | When true, fail startup/resume if this enabled MCP server cannot initialize. |

104| `mcp_servers.<id>.scopes` | `array<string>` | OAuth scopes to request when authenticating to that MCP server. |

71| `mcp_servers.<id>.startup_timeout_ms` | `number` | Alias for `startup_timeout_sec` in milliseconds. |105| `mcp_servers.<id>.startup_timeout_ms` | `number` | Alias for `startup_timeout_sec` in milliseconds. |

72| `mcp_servers.<id>.startup_timeout_sec` | `number` | Override the default 10s startup timeout for an MCP server. |106| `mcp_servers.<id>.startup_timeout_sec` | `number` | Override the default 10s startup timeout for an MCP server. |

73| `mcp_servers.<id>.tool_timeout_sec` | `number` | Override the default 60s per-tool timeout for an MCP server. |107| `mcp_servers.<id>.tool_timeout_sec` | `number` | Override the default 60s per-tool timeout for an MCP server. |

74| `mcp_servers.<id>.url` | `string` | Endpoint for an MCP streamable HTTP server. |108| `mcp_servers.<id>.url` | `string` | Endpoint for an MCP streamable HTTP server. |

75| `model` | `string` | Model to use (e.g., `gpt-5-codex`). |109| `model` | `string` | Model to use (e.g., `gpt-5-codex`). |

76| `model_auto_compact_token_limit` | `number` | Token threshold that triggers automatic history compaction (unset uses model defaults). |110| `model_auto_compact_token_limit` | `number` | Token threshold that triggers automatic history compaction (unset uses model defaults). |

111| `model_catalog_json` | `string (path)` | Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile. |

77| `model_context_window` | `number` | Context window tokens available to the active model. |112| `model_context_window` | `number` | Context window tokens available to the active model. |

78| `model_instructions_file` | `string (path)` | Replacement for built-in instructions instead of `AGENTS.md`. |113| `model_instructions_file` | `string (path)` | Replacement for built-in instructions instead of `AGENTS.md`. |

79| `model_provider` | `string` | Provider id from `model_providers` (default: `openai`). |114| `model_provider` | `string` | Provider id from `model_providers` (default: `openai`). |

89| `model_providers.<id>.requires_openai_auth` | `boolean` | The provider uses OpenAI authentication (defaults to false). |124| `model_providers.<id>.requires_openai_auth` | `boolean` | The provider uses OpenAI authentication (defaults to false). |

90| `model_providers.<id>.stream_idle_timeout_ms` | `number` | Idle timeout for SSE streams in milliseconds (default: 300000). |125| `model_providers.<id>.stream_idle_timeout_ms` | `number` | Idle timeout for SSE streams in milliseconds (default: 300000). |

91| `model_providers.<id>.stream_max_retries` | `number` | Retry count for SSE streaming interruptions (default: 5). |126| `model_providers.<id>.stream_max_retries` | `number` | Retry count for SSE streaming interruptions (default: 5). |

92| `model_providers.<id>.wire_api` | `chat | responses` | Protocol used by the provider (defaults to `chat` if omitted). |127| `model_providers.<id>.supports_websockets` | `boolean` | Whether that provider supports the Responses API WebSocket transport. |

128| `model_providers.<id>.wire_api` | `responses` | Protocol used by the provider. `responses` is the only supported value, and it is the default when omitted. |

93| `model_reasoning_effort` | `minimal | low | medium | high | xhigh` | Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent). |129| `model_reasoning_effort` | `minimal | low | medium | high | xhigh` | Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent). |

94| `model_reasoning_summary` | `auto | concise | detailed | none` | Select reasoning summary detail or disable summaries entirely. |130| `model_reasoning_summary` | `auto | concise | detailed | none` | Select reasoning summary detail or disable summaries entirely. |

95| `model_supports_reasoning_summaries` | `boolean` | Force Codex to send or not send reasoning metadata. |131| `model_supports_reasoning_summaries` | `boolean` | Force Codex to send or not send reasoning metadata. |

96| `model_verbosity` | `low | medium | high` | Control GPT-5 Responses API verbosity (defaults to `medium`). |132| `model_verbosity` | `low | medium | high` | Optional GPT-5 Responses API verbosity override; when unset, the selected model/preset default is used. |

97| `notice.hide_full_access_warning` | `boolean` | Track acknowledgement of the full access warning prompt. |133| `notice.hide_full_access_warning` | `boolean` | Track acknowledgement of the full access warning prompt. |

98| `notice.hide_gpt-5.1-codex-max_migration_prompt` | `boolean` | Track acknowledgement of the gpt-5.1-codex-max migration prompt. |134| `notice.hide_gpt-5.1-codex-max_migration_prompt` | `boolean` | Track acknowledgement of the gpt-5.1-codex-max migration prompt. |

99| `notice.hide_gpt5_1_migration_prompt` | `boolean` | Track acknowledgement of the GPT-5.1 migration prompt. |135| `notice.hide_gpt5_1_migration_prompt` | `boolean` | Track acknowledgement of the GPT-5.1 migration prompt. |

111| `otel.exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL exporter TLS. |147| `otel.exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL exporter TLS. |

112| `otel.exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL exporter TLS. |148| `otel.exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL exporter TLS. |

113| `otel.log_user_prompt` | `boolean` | Opt in to exporting raw user prompts with OpenTelemetry logs. |149| `otel.log_user_prompt` | `boolean` | Opt in to exporting raw user prompts with OpenTelemetry logs. |

150| `otel.metrics_exporter` | `none | statsig | otlp-http | otlp-grpc` | Select the OpenTelemetry metrics exporter (defaults to `statsig`). |

114| `otel.trace_exporter` | `none | otlp-http | otlp-grpc` | Select the OpenTelemetry trace exporter and provide any endpoint metadata. |151| `otel.trace_exporter` | `none | otlp-http | otlp-grpc` | Select the OpenTelemetry trace exporter and provide any endpoint metadata. |

115| `otel.trace_exporter.<id>.endpoint` | `string` | Trace exporter endpoint for OTEL logs. |152| `otel.trace_exporter.<id>.endpoint` | `string` | Trace exporter endpoint for OTEL logs. |

116| `otel.trace_exporter.<id>.headers` | `map<string,string>` | Static headers included with OTEL trace exporter requests. |153| `otel.trace_exporter.<id>.headers` | `map<string,string>` | Static headers included with OTEL trace exporter requests. |

118| `otel.trace_exporter.<id>.tls.ca-certificate` | `string` | CA certificate path for OTEL trace exporter TLS. |155| `otel.trace_exporter.<id>.tls.ca-certificate` | `string` | CA certificate path for OTEL trace exporter TLS. |

119| `otel.trace_exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL trace exporter TLS. |156| `otel.trace_exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL trace exporter TLS. |

120| `otel.trace_exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL trace exporter TLS. |157| `otel.trace_exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL trace exporter TLS. |

158| `permissions.network.admin_url` | `string` | Admin endpoint for the managed network proxy. |

159| `permissions.network.allow_local_binding` | `boolean` | Permit local bind/listen operations through the managed proxy. |

160| `permissions.network.allow_unix_sockets` | `array<string>` | Allowlist of Unix socket paths permitted through the managed proxy. |

161| `permissions.network.allow_upstream_proxy` | `boolean` | Allow the managed proxy to chain to another upstream proxy. |

162| `permissions.network.allowed_domains` | `array<string>` | Allowlist of domains permitted through the managed proxy. |

163| `permissions.network.dangerously_allow_all_unix_sockets` | `boolean` | Allow the proxy to use arbitrary Unix sockets instead of the default restricted set. |

164| `permissions.network.dangerously_allow_non_loopback_admin` | `boolean` | Permit non-loopback bind addresses for the managed proxy admin listener. |

165| `permissions.network.dangerously_allow_non_loopback_proxy` | `boolean` | Permit non-loopback bind addresses for the managed proxy listener. |

166| `permissions.network.denied_domains` | `array<string>` | Denylist of domains blocked by the managed proxy. |

167| `permissions.network.enable_socks5` | `boolean` | Expose a SOCKS5 listener from the managed network proxy. |

168| `permissions.network.enable_socks5_udp` | `boolean` | Allow UDP over the SOCKS5 listener when enabled. |

169| `permissions.network.enabled` | `boolean` | Enable the managed network proxy configuration for subprocesses. |

170| `permissions.network.mode` | `limited | full` | Network proxy mode used for subprocess traffic. |

171| `permissions.network.proxy_url` | `string` | HTTP proxy endpoint used by the managed network proxy. |

172| `permissions.network.socks_url` | `string` | SOCKS5 proxy endpoint used by the managed network proxy. |

121| `personality` | `none | friendly | pragmatic` | Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`. |173| `personality` | `none | friendly | pragmatic` | Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`. |

174| `plan_mode_reasoning_effort` | `none | minimal | low | medium | high | xhigh` | Plan-mode-specific reasoning override. When unset, Plan mode uses its built-in preset default. |

122| `profile` | `string` | Default profile applied at startup (equivalent to `--profile`). |175| `profile` | `string` | Default profile applied at startup (equivalent to `--profile`). |

123| `profiles.<name>.*` | `various` | Profile-scoped overrides for any of the supported configuration keys. |176| `profiles.<name>.*` | `various` | Profile-scoped overrides for any of the supported configuration keys. |

124| `profiles.<name>.experimental_use_freeform_apply_patch` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |177| `profiles.<name>.analytics.enabled` | `boolean` | Profile-scoped analytics enablement override. |

125| `profiles.<name>.experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec`. |178| `profiles.<name>.experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec`. |

126| `profiles.<name>.include_apply_patch_tool` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |179| `profiles.<name>.model_catalog_json` | `string (path)` | Profile-scoped model catalog JSON path override (applied on startup only; overrides the top-level `model_catalog_json` for that profile). |

180| `profiles.<name>.model_instructions_file` | `string (path)` | Profile-scoped replacement for the built-in instruction file. |

127| `profiles.<name>.oss_provider` | `lmstudio | ollama` | Profile-scoped OSS provider for `--oss` sessions. |181| `profiles.<name>.oss_provider` | `lmstudio | ollama` | Profile-scoped OSS provider for `--oss` sessions. |

128| `profiles.<name>.personality` | `none | friendly | pragmatic` | Profile-scoped communication style override for supported models. |182| `profiles.<name>.personality` | `none | friendly | pragmatic` | Profile-scoped communication style override for supported models. |

183| `profiles.<name>.plan_mode_reasoning_effort` | `none | minimal | low | medium | high | xhigh` | Profile-scoped Plan-mode reasoning override. |

184| `profiles.<name>.service_tier` | `flex | fast` | Profile-scoped service tier preference for new turns. |

185| `profiles.<name>.tools_view_image` | `boolean` | Enable or disable the `view_image` tool in that profile. |

129| `profiles.<name>.web_search` | `disabled | cached | live` | Profile-scoped web search mode override (default: `"cached"`). |186| `profiles.<name>.web_search` | `disabled | cached | live` | Profile-scoped web search mode override (default: `"cached"`). |

187| `profiles.<name>.windows.sandbox` | `unelevated | elevated` | Profile-scoped Windows sandbox mode override. |

130| `project_doc_fallback_filenames` | `array<string>` | Additional filenames to try when `AGENTS.md` is missing. |188| `project_doc_fallback_filenames` | `array<string>` | Additional filenames to try when `AGENTS.md` is missing. |

131| `project_doc_max_bytes` | `number` | Maximum bytes read from `AGENTS.md` when building project instructions. |189| `project_doc_max_bytes` | `number` | Maximum bytes read from `AGENTS.md` when building project instructions. |

132| `project_root_markers` | `array<string>` | List of project root marker filenames; used when searching parent directories for the project root. |190| `project_root_markers` | `array<string>` | List of project root marker filenames; used when searching parent directories for the project root. |

137| `sandbox_workspace_write.exclude_tmpdir_env_var` | `boolean` | Exclude `$TMPDIR` from writable roots in workspace-write mode. |195| `sandbox_workspace_write.exclude_tmpdir_env_var` | `boolean` | Exclude `$TMPDIR` from writable roots in workspace-write mode. |

138| `sandbox_workspace_write.network_access` | `boolean` | Allow outbound network access inside the workspace-write sandbox. |196| `sandbox_workspace_write.network_access` | `boolean` | Allow outbound network access inside the workspace-write sandbox. |

139| `sandbox_workspace_write.writable_roots` | `array<string>` | Additional writable roots when `sandbox_mode = "workspace-write"`. |197| `sandbox_workspace_write.writable_roots` | `array<string>` | Additional writable roots when `sandbox_mode = "workspace-write"`. |

198| `service_tier` | `flex | fast` | Preferred service tier for new turns. `fast` is honored only when the `features.fast_mode` gate is enabled. |

140| `shell_environment_policy.exclude` | `array<string>` | Glob patterns for removing environment variables after the defaults. |199| `shell_environment_policy.exclude` | `array<string>` | Glob patterns for removing environment variables after the defaults. |

141| `shell_environment_policy.experimental_use_profile` | `boolean` | Use the user shell profile when spawning subprocesses. |200| `shell_environment_policy.experimental_use_profile` | `boolean` | Use the user shell profile when spawning subprocesses. |

142| `shell_environment_policy.ignore_default_excludes` | `boolean` | Keep variables containing KEY/SECRET/TOKEN before other filters run. |201| `shell_environment_policy.ignore_default_excludes` | `boolean` | Keep variables containing KEY/SECRET/TOKEN before other filters run. |

147| `skills.config` | `array<object>` | Per-skill enablement overrides stored in config.toml. |206| `skills.config` | `array<object>` | Per-skill enablement overrides stored in config.toml. |

148| `skills.config.<index>.enabled` | `boolean` | Enable or disable the referenced skill. |207| `skills.config.<index>.enabled` | `boolean` | Enable or disable the referenced skill. |

149| `skills.config.<index>.path` | `string (path)` | Path to a skill folder containing `SKILL.md`. |208| `skills.config.<index>.path` | `string (path)` | Path to a skill folder containing `SKILL.md`. |

209| `sqlite_home` | `string (path)` | Directory where Codex stores the SQLite-backed state DB used by agent jobs and other resumable runtime state. |

150| `suppress_unstable_features_warning` | `boolean` | Suppress the warning that appears when under-development feature flags are enabled. |210| `suppress_unstable_features_warning` | `boolean` | Suppress the warning that appears when under-development feature flags are enabled. |

151| `tool_output_token_limit` | `number` | Token budget for storing individual tool/function outputs in history. |211| `tool_output_token_limit` | `number` | Token budget for storing individual tool/function outputs in history. |

212| `tools.view_image` | `boolean` | Enable the local-image attachment tool `view_image`. |

152| `tools.web_search` | `boolean` | Deprecated legacy toggle for web search; prefer the top-level `web_search` setting. |213| `tools.web_search` | `boolean` | Deprecated legacy toggle for web search; prefer the top-level `web_search` setting. |

153| `tui` | `table` | TUI-specific options such as enabling inline desktop notifications. |214| `tui` | `table` | TUI-specific options such as enabling inline desktop notifications. |

154| `tui.alternate_screen` | `auto | always | never` | Control alternate screen usage for the TUI (default: auto; auto skips it in Zellij to preserve scrollback). |215| `tui.alternate_screen` | `auto | always | never` | Control alternate screen usage for the TUI (default: auto; auto skips it in Zellij to preserve scrollback). |

155| `tui.animations` | `boolean` | Enable terminal animations (welcome screen, shimmer, spinner) (default: true). |216| `tui.animations` | `boolean` | Enable terminal animations (welcome screen, shimmer, spinner) (default: true). |

217| `tui.model_availability_nux.<model>` | `integer` | Internal startup-tooltip state keyed by model slug. |

156| `tui.notification_method` | `auto | osc9 | bel` | Notification method for unfocused terminal notifications (default: auto). |218| `tui.notification_method` | `auto | osc9 | bel` | Notification method for unfocused terminal notifications (default: auto). |

157| `tui.notifications` | `boolean | array<string>` | Enable TUI notifications; optionally restrict to specific event types. |219| `tui.notifications` | `boolean | array<string>` | Enable TUI notifications; optionally restrict to specific event types. |

158| `tui.show_tooltips` | `boolean` | Show onboarding tooltips in the TUI welcome screen (default: true). |220| `tui.show_tooltips` | `boolean` | Show onboarding tooltips in the TUI welcome screen (default: true). |

159| `tui.status_line` | `array<string> | null` | Ordered list of TUI footer status-line item identifiers. `null` disables the status line. |221| `tui.status_line` | `array<string> | null` | Ordered list of TUI footer status-line item identifiers. `null` disables the status line. |

222| `tui.theme` | `string` | Syntax-highlighting theme override (kebab-case theme name). |

160| `web_search` | `disabled | cached | live` | Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool. |223| `web_search` | `disabled | cached | live` | Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool. |

161| `windows_wsl_setup_acknowledged` | `boolean` | Track Windows onboarding acknowledgement (Windows only). |224| `windows_wsl_setup_acknowledged` | `boolean` | Track Windows onboarding acknowledgement (Windows only). |

225| `windows.sandbox` | `unelevated | elevated` | Windows-only native sandbox mode when running Codex natively on Windows. |

162 226 

163Key227Key

164 228 

186 250 

187Key251Key

188 252 

189`agents.max_threads`253`agents.<name>.nickname_candidates`

190 254 

191Type / Values255Type / Values

192 256 

193`number`257`array<string>`

194 258 

195Details259Details

196 260 

197Maximum number of agent threads that can be open concurrently.261Optional pool of display nicknames for spawned agents in that role.

198 262 

199Key263Key

200 264 

201`approval_policy`265`agents.job_max_runtime_seconds`

202 266 

203Type / Values267Type / Values

204 268 

205`untrusted | on-request | never`269`number`

206 270 

207Details271Details

208 272 

209Controls when Codex pauses for approval before executing commands. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs.273Default per-worker timeout for `spawn_agents_on_csv` jobs. When unset, the tool falls back to 1800 seconds per worker.

210 274 

211Key275Key

212 276 

213`apps.<id>.disabled_reason`277`agents.max_depth`

214 278 

215Type / Values279Type / Values

216 280 

217`unknown | user`281`number`

218 282 

219Details283Details

220 284 

221Optional reason attached when an app/connector is disabled.285Maximum nesting depth allowed for spawned agent threads (root sessions start at depth 0; default: 1).

222 286 

223Key287Key

224 288 

225`apps.<id>.enabled`289`agents.max_threads`

226 290 

227Type / Values291Type / Values

228 292 

229`boolean`293`number`

230 294 

231Details295Details

232 296 

233Enable or disable a specific app/connector by id (default: true).297Maximum number of agent threads that can be open concurrently.

234 298 

235Key299Key

236 300 

237`chatgpt_base_url`301`allow_login_shell`

238 302 

239Type / Values303Type / Values

240 304 

241`string`305`boolean`

242 306 

243Details307Details

244 308 

245Override the base URL used during the ChatGPT login flow.309Allow shell-based tools to use login-shell semantics. Defaults to `true`; when `false`, `login = true` requests are rejected and omitted `login` defaults to non-login shells.

246 310 

247Key311Key

248 312 

249`check_for_update_on_startup`313`analytics.enabled`

250 314 

251Type / Values315Type / Values

252 316 

254 318 

255Details319Details

256 320 

257Check for Codex updates on startup (set to false only when updates are centrally managed).321Enable or disable analytics for this machine/profile. When unset, the client default applies.

258 322 

259Key323Key

260 324 

261`cli_auth_credentials_store`325`approval_policy`

262 326 

263Type / Values327Type / Values

264 328 

265`file | keyring | auto`329`untrusted | on-request | never | { reject = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool } }`

266 330 

267Details331Details

268 332 

269Control where the CLI stores cached credentials (file-based auth.json vs OS keychain).333Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { reject = { ... } }` to auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs.

270 334 

271Key335Key

272 336 

273`compact_prompt`337`approval_policy.reject.mcp_elicitations`

274 338 

275Type / Values339Type / Values

276 340 

277`string`341`boolean`

278 342 

279Details343Details

280 344 

281Inline override for the history compaction prompt.345When `true`, MCP elicitation prompts are auto-rejected instead of shown to the user.

282 346 

283Key347Key

284 348 

285`developer_instructions`349`approval_policy.reject.rules`

286 350 

287Type / Values351Type / Values

288 352 

289`string`353`boolean`

290 354 

291Details355Details

292 356 

293Additional developer instructions injected into the session (optional).357When `true`, approvals triggered by execpolicy `prompt` rules are auto-rejected.

294 358 

295Key359Key

296 360 

297`disable_paste_burst`361`approval_policy.reject.sandbox_approval`

298 362 

299Type / Values363Type / Values

300 364 

302 366 

303Details367Details

304 368 

305Disable burst-paste detection in the TUI.369When `true`, sandbox escalation approval prompts are auto-rejected.

306 370 

307Key371Key

308 372 

309`experimental_compact_prompt_file`373`apps._default.destructive_enabled`

310 374 

311Type / Values375Type / Values

312 376 

313`string (path)`377`boolean`

314 378 

315Details379Details

316 380 

317Load the compaction prompt override from a file (experimental).381Default allow/deny for app tools with `destructive_hint = true`.

318 382 

319Key383Key

320 384 

321`experimental_use_freeform_apply_patch`385`apps._default.enabled`

322 386 

323Type / Values387Type / Values

324 388 

326 390 

327Details391Details

328 392 

329Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform` or `codex --enable apply_patch_freeform`.393Default app enabled state for all apps unless overridden per app.

330 394 

331Key395Key

332 396 

333`experimental_use_unified_exec_tool`397`apps._default.open_world_enabled`

334 398 

335Type / Values399Type / Values

336 400 

338 402 

339Details403Details

340 404 

341Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`.405Default allow/deny for app tools with `open_world_hint = true`.

342 406 

343Key407Key

344 408 

345`features.apply_patch_freeform`409`apps.<id>.default_tools_approval_mode`

346 410 

347Type / Values411Type / Values

348 412 

349`boolean`413`auto | prompt | approve`

350 414 

351Details415Details

352 416 

353Expose the freeform `apply_patch` tool (experimental).417Default approval behavior for tools in this app unless a per-tool override exists.

354 418 

355Key419Key

356 420 

357`features.apps`421`apps.<id>.default_tools_enabled`

358 422 

359Type / Values423Type / Values

360 424 

362 426 

363Details427Details

364 428 

365Enable ChatGPT Apps/connectors support (experimental).429Default enabled state for tools in this app unless a per-tool override exists.

366 430 

367Key431Key

368 432 

369`features.apps_mcp_gateway`433`apps.<id>.destructive_enabled`

370 434 

371Type / Values435Type / Values

372 436 

374 438 

375Details439Details

376 440 

377Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental).441Allow or block tools in this app that advertise `destructive_hint = true`.

378 442 

379Key443Key

380 444 

381`features.child_agents_md`445`apps.<id>.enabled`

382 446 

383Type / Values447Type / Values

384 448 

386 450 

387Details451Details

388 452 

389Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental).453Enable or disable a specific app/connector by id (default: true).

390 454 

391Key455Key

392 456 

393`features.collaboration_modes`457`apps.<id>.open_world_enabled`

394 458 

395Type / Values459Type / Values

396 460 

398 462 

399Details463Details

400 464 

401Enable collaboration modes such as plan mode (stable; on by default).465Allow or block tools in this app that advertise `open_world_hint = true`.

402 466 

403Key467Key

404 468 

405`features.elevated_windows_sandbox`469`apps.<id>.tools.<tool>.approval_mode`

406 470 

407Type / Values471Type / Values

408 472 

409`boolean`473`auto | prompt | approve`

410 474 

411Details475Details

412 476 

413Enable the elevated Windows sandbox pipeline (experimental).477Per-tool approval behavior override for a single app tool.

414 478 

415Key479Key

416 480 

417`features.experimental_windows_sandbox`481`apps.<id>.tools.<tool>.enabled`

418 482 

419Type / Values483Type / Values

420 484 

422 486 

423Details487Details

424 488 

425Run the Windows restricted-token sandbox (experimental).489Per-tool enabled override for an app tool (for example `repos/list`).

426 490 

427Key491Key

428 492 

429`features.multi_agent`493`background_terminal_max_timeout`

430 494 

431Type / Values495Type / Values

432 496 

433`boolean`497`number`

434 498 

435Details499Details

436 500 

437Enable multi-agent collaboration tools (`spawn\_agent`, `send\_input`, `resume\_agent`, `wait`, and `close\_agent`) (experimental; off by default).501Maximum poll window in milliseconds for empty `write_stdin` polls (background terminal polling). Default: `300000` (5 minutes). Replaces the older `background_terminal_timeout` key.

438 502 

439Key503Key

440 504 

441`features.personality`505`chatgpt_base_url`

442 506 

443Type / Values507Type / Values

444 508 

445`boolean`509`string`

446 510 

447Details511Details

448 512 

449Enable personality selection controls (stable; on by default).513Override the base URL used during the ChatGPT login flow.

450 514 

451Key515Key

452 516 

453`features.powershell_utf8`517`check_for_update_on_startup`

454 518 

455Type / Values519Type / Values

456 520 

458 522 

459Details523Details

460 524 

461Force PowerShell UTF-8 output (defaults to true).525Check for Codex updates on startup (set to false only when updates are centrally managed).

462 526 

463Key527Key

464 528 

465`features.remote_models`529`cli_auth_credentials_store`

466 530 

467Type / Values531Type / Values

468 532 

469`boolean`533`file | keyring | auto`

470 534 

471Details535Details

472 536 

473Refresh remote model list before showing readiness (experimental).537Control where the CLI stores cached credentials (file-based auth.json vs OS keychain).

474 538 

475Key539Key

476 540 

477`features.request_rule`541`commit_attribution`

478 542 

479Type / Values543Type / Values

480 544 

481`boolean`545`string`

482 546 

483Details547Details

484 548 

485Enable Smart approvals (`prefix_rule` suggestions on escalation requests; stable; on by default).549Override the commit co-author trailer text. Set an empty string to disable automatic attribution.

486 550 

487Key551Key

488 552 

489`features.runtime_metrics`553`compact_prompt`

490 554 

491Type / Values555Type / Values

492 556 

493`boolean`557`string`

494 558 

495Details559Details

496 560 

497Show runtime metrics summary in TUI turn separators (experimental).561Inline override for the history compaction prompt.

498 562 

499Key563Key

500 564 

501`features.search_tool`565`developer_instructions`

502 566 

503Type / Values567Type / Values

504 568 

505`boolean`569`string`

506 570 

507Details571Details

508 572 

509Enable `search_tool_bm25` for Apps tool discovery before invoking app MCP tools (experimental).573Additional developer instructions injected into the session (optional).

510 574 

511Key575Key

512 576 

513`features.shell_snapshot`577`disable_paste_burst`

514 578 

515Type / Values579Type / Values

516 580 

518 582 

519Details583Details

520 584 

521Snapshot shell environment to speed up repeated commands (beta).585Disable burst-paste detection in the TUI.

522 586 

523Key587Key

524 588 

525`features.shell_tool`589`experimental_compact_prompt_file`

526 590 

527Type / Values591Type / Values

528 592 

529`boolean`593`string (path)`

530 594 

531Details595Details

532 596 

533Enable the default `shell` tool for running commands (stable; on by default).597Load the compaction prompt override from a file (experimental).

534 598 

535Key599Key

536 600 

537`features.unified_exec`601`experimental_use_unified_exec_tool`

538 602 

539Type / Values603Type / Values

540 604 

542 606 

543Details607Details

544 608 

545Use the unified PTY-backed exec tool (beta).609Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`.

546 610 

547Key611Key

548 612 

549`features.use_linux_sandbox_bwrap`613`features.apps`

550 614 

551Type / Values615Type / Values

552 616 

554 618 

555Details619Details

556 620 

557Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default).621Enable ChatGPT Apps/connectors support (experimental).

558 622 

559Key623Key

560 624 

561`features.web_search`625`features.apps_mcp_gateway`

562 626 

563Type / Values627Type / Values

564 628 

566 630 

567Details631Details

568 632 

569Deprecated legacy toggle; prefer the top-level `web_search` setting.633Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental).

570 634 

571Key635Key

572 636 

573`features.web_search_cached`637`features.artifact`

574 638 

575Type / Values639Type / Values

576 640 

578 642 

579Details643Details

580 644 

581Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`.645Enable native artifact tools such as slides and spreadsheets (under development).

582 646 

583Key647Key

584 648 

585`features.web_search_request`649`features.child_agents_md`

586 650 

587Type / Values651Type / Values

588 652 

590 654 

591Details655Details

592 656 

593Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "live"`.657Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental).

594 658 

595Key659Key

596 660 

597`feedback.enabled`661`features.collaboration_modes`

598 662 

599Type / Values663Type / Values

600 664 

602 666 

603Details667Details

604 668 

605Enable feedback submission via `/feedback` across Codex surfaces (default: true).669Legacy toggle for collaboration modes. Plan and default modes are available in current builds without setting this key.

606 670 

607Key671Key

608 672 

609`file_opener`673`features.default_mode_request_user_input`

610 674 

611Type / Values675Type / Values

612 676 

613`vscode | vscode-insiders | windsurf | cursor | none`677`boolean`

614 678 

615Details679Details

616 680 

617URI scheme used to open citations from Codex output (default: `vscode`).681Allow `request_user_input` in default collaboration mode (under development; off by default).

618 682 

619Key683Key

620 684 

621`forced_chatgpt_workspace_id`685`features.elevated_windows_sandbox`

622 686 

623Type / Values687Type / Values

624 688 

625`string (uuid)`689`boolean`

626 690 

627Details691Details

628 692 

629Limit ChatGPT logins to a specific workspace identifier.693Legacy toggle for an earlier elevated Windows sandbox rollout. Current builds do not use it.

630 694 

631Key695Key

632 696 

633`forced_login_method`697`features.enable_request_compression`

634 698 

635Type / Values699Type / Values

636 700 

637`chatgpt | api`701`boolean`

638 702 

639Details703Details

640 704 

641Restrict Codex to a specific authentication method.705Compress streaming request bodies with zstd when supported (stable; on by default).

642 706 

643Key707Key

644 708 

645`hide_agent_reasoning`709`features.experimental_windows_sandbox`

646 710 

647Type / Values711Type / Values

648 712 

650 714 

651Details715Details

652 716 

653Suppress reasoning events in both the TUI and `codex exec` output.717Legacy toggle for an earlier Windows sandbox rollout. Current builds do not use it.

654 718 

655Key719Key

656 720 

657`history.max_bytes`721`features.fast_mode`

658 722 

659Type / Values723Type / Values

660 724 

661`number`725`boolean`

662 726 

663Details727Details

664 728 

665If set, caps the history file size in bytes by dropping oldest entries.729Enable Fast mode selection and the `service_tier = "fast"` path (stable; on by default).

666 730 

667Key731Key

668 732 

669`history.persistence`733`features.image_detail_original`

670 734 

671Type / Values735Type / Values

672 736 

673`save-all | none`737`boolean`

674 738 

675Details739Details

676 740 

677Control whether Codex saves session transcripts to history.jsonl.741Allow image outputs with `detail = "original"` on supported models (under development).

678 742 

679Key743Key

680 744 

681`include_apply_patch_tool`745`features.image_generation`

682 746 

683Type / Values747Type / Values

684 748 

686 750 

687Details751Details

688 752 

689Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.753Enable the built-in image generation tool (under development).

690 754 

691Key755Key

692 756 

693`instructions`757`features.multi_agent`

694 758 

695Type / Values759Type / Values

696 760 

697`string`761`boolean`

698 762 

699Details763Details

700 764 

701Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`.765Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait`, `close_agent`, and `spawn_agents_on_csv`) (experimental; off by default).

702 766 

703Key767Key

704 768 

705`log_dir`769`features.personality`

706 770 

707Type / Values771Type / Values

708 772 

709`string (path)`773`boolean`

710 774 

711Details775Details

712 776 

713Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`.777Enable personality selection controls (stable; on by default).

714 778 

715Key779Key

716 780 

717`mcp_oauth_callback_port`781`features.powershell_utf8`

718 782 

719Type / Values783Type / Values

720 784 

721`integer`785`boolean`

722 786 

723Details787Details

724 788 

725Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS.789Force PowerShell UTF-8 output. Enabled by default on Windows and off elsewhere.

726 790 

727Key791Key

728 792 

729`mcp_oauth_credentials_store`793`features.prevent_idle_sleep`

730 794 

731Type / Values795Type / Values

732 796 

733`auto | file | keyring`797`boolean`

734 798 

735Details799Details

736 800 

737Preferred store for MCP OAuth credentials.801Prevent the machine from sleeping while a turn is actively running (experimental; off by default).

738 802 

739Key803Key

740 804 

741`mcp_servers.<id>.args`805`features.remote_models`

742 806 

743Type / Values807Type / Values

744 808 

745`array<string>`809`boolean`

746 810 

747Details811Details

748 812 

749Arguments passed to the MCP stdio server command.813Legacy toggle for an older remote-model readiness flow. Current builds do not use it.

750 814 

751Key815Key

752 816 

753`mcp_servers.<id>.bearer_token_env_var`817`features.request_rule`

754 818 

755Type / Values819Type / Values

756 820 

757`string`821`boolean`

758 822 

759Details823Details

760 824 

761Environment variable sourcing the bearer token for an MCP HTTP server.825Legacy toggle for Smart approvals. Current builds include this behavior by default, so most users can leave this unset.

762 826 

763Key827Key

764 828 

765`mcp_servers.<id>.command`829`features.responses_websockets`

766 830 

767Type / Values831Type / Values

768 832 

769`string`833`boolean`

770 834 

771Details835Details

772 836 

773Launcher command for an MCP stdio server.837Prefer the Responses API WebSocket transport for supported providers (under development).

774 838 

775Key839Key

776 840 

777`mcp_servers.<id>.cwd`841`features.responses_websockets_v2`

778 842 

779Type / Values843Type / Values

780 844 

781`string`845`boolean`

782 846 

783Details847Details

784 848 

785Working directory for the MCP stdio server process.849Enable Responses API WebSocket v2 mode (under development).

786 850 

787Key851Key

788 852 

789`mcp_servers.<id>.disabled_tools`853`features.runtime_metrics`

790 854 

791Type / Values855Type / Values

792 856 

793`array<string>`857`boolean`

794 858 

795Details859Details

796 860 

797Deny list applied after `enabled_tools` for the MCP server.861Show runtime metrics summary in TUI turn separators (experimental).

798 862 

799Key863Key

800 864 

801`mcp_servers.<id>.enabled`865`features.search_tool`

802 866 

803Type / Values867Type / Values

804 868 

806 870 

807Details871Details

808 872 

809Disable an MCP server without removing its configuration.873Legacy toggle for an older Apps discovery flow. Current builds do not use it.

810 874 

811Key875Key

812 876 

813`mcp_servers.<id>.enabled_tools`877`features.shell_snapshot`

814 878 

815Type / Values879Type / Values

816 880 

817`array<string>`881`boolean`

818 882 

819Details883Details

820 884 

821Allow list of tool names exposed by the MCP server.885Snapshot shell environment to speed up repeated commands (stable; on by default).

822 886 

823Key887Key

824 888 

825`mcp_servers.<id>.env`889`features.shell_tool`

826 890 

827Type / Values891Type / Values

828 892 

829`map<string,string>`893`boolean`

830 894 

831Details895Details

832 896 

833Environment variables forwarded to the MCP stdio server.897Enable the default `shell` tool for running commands (stable; on by default).

834 898 

835Key899Key

836 900 

837`mcp_servers.<id>.env_http_headers`901`features.skill_env_var_dependency_prompt`

838 902 

839Type / Values903Type / Values

840 904 

841`map<string,string>`905`boolean`

842 906 

843Details907Details

844 908 

845HTTP headers populated from environment variables for an MCP HTTP server.909Prompt for missing skill environment-variable dependencies (under development).

846 910 

847Key911Key

848 912 

849`mcp_servers.<id>.env_vars`913`features.skill_mcp_dependency_install`

850 914 

851Type / Values915Type / Values

852 916 

853`array<string>`917`boolean`

854 918 

855Details919Details

856 920 

857Additional environment variables to whitelist for an MCP stdio server.921Allow prompting and installing missing MCP dependencies for skills (stable; on by default).

858 922 

859Key923Key

860 924 

861`mcp_servers.<id>.http_headers`925`features.sqlite`

862 926 

863Type / Values927Type / Values

864 928 

865`map<string,string>`929`boolean`

866 930 

867Details931Details

868 932 

869Static HTTP headers included with each MCP HTTP request.933Enable SQLite-backed state persistence (stable; on by default).

870 934 

871Key935Key

872 936 

873`mcp_servers.<id>.required`937`features.steer`

874 938 

875Type / Values939Type / Values

876 940 

878 942 

879Details943Details

880 944 

881When true, fail startup/resume if this enabled MCP server cannot initialize.945Legacy toggle from an earlier Enter/Tab steering rollout. Current builds always use the current steering behavior.

882 946 

883Key947Key

884 948 

885`mcp_servers.<id>.startup_timeout_ms`949`features.undo`

886 950 

887Type / Values951Type / Values

888 952 

889`number`953`boolean`

890 954 

891Details955Details

892 956 

893Alias for `startup_timeout_sec` in milliseconds.957Enable undo support (stable; off by default).

894 958 

895Key959Key

896 960 

897`mcp_servers.<id>.startup_timeout_sec`961`features.unified_exec`

898 962 

899Type / Values963Type / Values

900 964 

901`number`965`boolean`

902 966 

903Details967Details

904 968 

905Override the default 10s startup timeout for an MCP server.969Use the unified PTY-backed exec tool (stable; enabled by default except on Windows).

906 970 

907Key971Key

908 972 

909`mcp_servers.<id>.tool_timeout_sec`973`features.use_linux_sandbox_bwrap`

910 974 

911Type / Values975Type / Values

912 976 

913`number`977`boolean`

914 978 

915Details979Details

916 980 

917Override the default 60s per-tool timeout for an MCP server.981Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default).

918 982 

919Key983Key

920 984 

921`mcp_servers.<id>.url`985`features.web_search`

922 986 

923Type / Values987Type / Values

924 988 

925`string`989`boolean`

926 990 

927Details991Details

928 992 

929Endpoint for an MCP streamable HTTP server.993Deprecated legacy toggle; prefer the top-level `web_search` setting.

930 994 

931Key995Key

932 996 

933`model`997`features.web_search_cached`

934 998 

935Type / Values999Type / Values

936 1000 

937`string`1001`boolean`

938 1002 

939Details1003Details

940 1004 

941Model to use (e.g., `gpt-5-codex`).1005Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`.

942 1006 

943Key1007Key

944 1008 

945`model_auto_compact_token_limit`1009`features.web_search_request`

946 1010 

947Type / Values1011Type / Values

948 1012 

949`number`1013`boolean`

950 1014 

951Details1015Details

952 1016 

953Token threshold that triggers automatic history compaction (unset uses model defaults).1017Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "live"`.

954 1018 

955Key1019Key

956 1020 

957`model_context_window`1021`feedback.enabled`

958 1022 

959Type / Values1023Type / Values

960 1024 

961`number`1025`boolean`

962 1026 

963Details1027Details

964 1028 

965Context window tokens available to the active model.1029Enable feedback submission via `/feedback` across Codex surfaces (default: true).

966 1030 

967Key1031Key

968 1032 

969`model_instructions_file`1033`file_opener`

970 1034 

971Type / Values1035Type / Values

972 1036 

973`string (path)`1037`vscode | vscode-insiders | windsurf | cursor | none`

974 1038 

975Details1039Details

976 1040 

977Replacement for built-in instructions instead of `AGENTS.md`.1041URI scheme used to open citations from Codex output (default: `vscode`).

978 1042 

979Key1043Key

980 1044 

981`model_provider`1045`forced_chatgpt_workspace_id`

1046 

1047Type / Values

1048 

1049`string (uuid)`

1050 

1051Details

1052 

1053Limit ChatGPT logins to a specific workspace identifier.

1054 

1055Key

1056 

1057`forced_login_method`

1058 

1059Type / Values

1060 

1061`chatgpt | api`

1062 

1063Details

1064 

1065Restrict Codex to a specific authentication method.

1066 

1067Key

1068 

1069`hide_agent_reasoning`

1070 

1071Type / Values

1072 

1073`boolean`

1074 

1075Details

1076 

1077Suppress reasoning events in both the TUI and `codex exec` output.

1078 

1079Key

1080 

1081`history.max_bytes`

1082 

1083Type / Values

1084 

1085`number`

1086 

1087Details

1088 

1089If set, caps the history file size in bytes by dropping oldest entries.

1090 

1091Key

1092 

1093`history.persistence`

1094 

1095Type / Values

1096 

1097`save-all | none`

1098 

1099Details

1100 

1101Control whether Codex saves session transcripts to history.jsonl.

1102 

1103Key

1104 

1105`instructions`

982 1106 

983Type / Values1107Type / Values

984 1108 

986 1110 

987Details1111Details

988 1112 

989Provider id from `model_providers` (default: `openai`).1113Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`.

990 1114 

991Key1115Key

992 1116 

993`model_providers.<id>.base_url`1117`log_dir`

1118 

1119Type / Values

1120 

1121`string (path)`

1122 

1123Details

1124 

1125Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`.

1126 

1127Key

1128 

1129`mcp_oauth_callback_port`

1130 

1131Type / Values

1132 

1133`integer`

1134 

1135Details

1136 

1137Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS.

1138 

1139Key

1140 

1141`mcp_oauth_callback_url`

994 1142 

995Type / Values1143Type / Values

996 1144 

998 1146 

999Details1147Details

1000 1148 

1001API base URL for the model provider.1149Optional redirect URI override for MCP OAuth login (for example, a devbox ingress URL). `mcp_oauth_callback_port` still controls the callback listener port.

1002 1150 

1003Key1151Key

1004 1152 

1005`model_providers.<id>.env_http_headers`1153`mcp_oauth_credentials_store`

1006 1154 

1007Type / Values1155Type / Values

1008 1156 

1009`map<string,string>`1157`auto | file | keyring`

1010 1158 

1011Details1159Details

1012 1160 

1013HTTP headers populated from environment variables when present.1161Preferred store for MCP OAuth credentials.

1014 1162 

1015Key1163Key

1016 1164 

1017`model_providers.<id>.env_key`1165`mcp_servers.<id>.args`

1166 

1167Type / Values

1168 

1169`array<string>`

1170 

1171Details

1172 

1173Arguments passed to the MCP stdio server command.

1174 

1175Key

1176 

1177`mcp_servers.<id>.bearer_token_env_var`

1018 1178 

1019Type / Values1179Type / Values

1020 1180 

1022 1182 

1023Details1183Details

1024 1184 

1025Environment variable supplying the provider API key.1185Environment variable sourcing the bearer token for an MCP HTTP server.

1026 1186 

1027Key1187Key

1028 1188 

1029`model_providers.<id>.env_key_instructions`1189`mcp_servers.<id>.command`

1030 1190 

1031Type / Values1191Type / Values

1032 1192 

1034 1194 

1035Details1195Details

1036 1196 

1037Optional setup guidance for the provider API key.1197Launcher command for an MCP stdio server.

1038 1198 

1039Key1199Key

1040 1200 

1041`model_providers.<id>.experimental_bearer_token`1201`mcp_servers.<id>.cwd`

1042 1202 

1043Type / Values1203Type / Values

1044 1204 

1046 1206 

1047Details1207Details

1048 1208 

1049Direct bearer token for the provider (discouraged; use `env_key`).1209Working directory for the MCP stdio server process.

1050 1210 

1051Key1211Key

1052 1212 

1053`model_providers.<id>.http_headers`1213`mcp_servers.<id>.disabled_tools`

1214 

1215Type / Values

1216 

1217`array<string>`

1218 

1219Details

1220 

1221Deny list applied after `enabled_tools` for the MCP server.

1222 

1223Key

1224 

1225`mcp_servers.<id>.enabled`

1226 

1227Type / Values

1228 

1229`boolean`

1230 

1231Details

1232 

1233Disable an MCP server without removing its configuration.

1234 

1235Key

1236 

1237`mcp_servers.<id>.enabled_tools`

1238 

1239Type / Values

1240 

1241`array<string>`

1242 

1243Details

1244 

1245Allow list of tool names exposed by the MCP server.

1246 

1247Key

1248 

1249`mcp_servers.<id>.env`

1054 1250 

1055Type / Values1251Type / Values

1056 1252 

1058 1254 

1059Details1255Details

1060 1256 

1061Static HTTP headers added to provider requests.1257Environment variables forwarded to the MCP stdio server.

1062 1258 

1063Key1259Key

1064 1260 

1065`model_providers.<id>.name`1261`mcp_servers.<id>.env_http_headers`

1066 1262 

1067Type / Values1263Type / Values

1068 1264 

1069`string`1265`map<string,string>`

1070 1266 

1071Details1267Details

1072 1268 

1073Display name for a custom model provider.1269HTTP headers populated from environment variables for an MCP HTTP server.

1074 1270 

1075Key1271Key

1076 1272 

1077`model_providers.<id>.query_params`1273`mcp_servers.<id>.env_vars`

1274 

1275Type / Values

1276 

1277`array<string>`

1278 

1279Details

1280 

1281Additional environment variables to whitelist for an MCP stdio server.

1282 

1283Key

1284 

1285`mcp_servers.<id>.http_headers`

1078 1286 

1079Type / Values1287Type / Values

1080 1288 

1082 1290 

1083Details1291Details

1084 1292 

1085Extra query parameters appended to provider requests.1293Static HTTP headers included with each MCP HTTP request.

1086 1294 

1087Key1295Key

1088 1296 

1089`model_providers.<id>.request_max_retries`1297`mcp_servers.<id>.oauth_resource`

1090 1298 

1091Type / Values1299Type / Values

1092 1300 

1093`number`1301`string`

1094 1302 

1095Details1303Details

1096 1304 

1097Retry count for HTTP requests to the provider (default: 4).1305Optional RFC 8707 OAuth resource parameter to include during MCP login.

1098 1306 

1099Key1307Key

1100 1308 

1101`model_providers.<id>.requires_openai_auth`1309`mcp_servers.<id>.required`

1102 1310 

1103Type / Values1311Type / Values

1104 1312 

1106 1314 

1107Details1315Details

1108 1316 

1109The provider uses OpenAI authentication (defaults to false).1317When true, fail startup/resume if this enabled MCP server cannot initialize.

1110 1318 

1111Key1319Key

1112 1320 

1113`model_providers.<id>.stream_idle_timeout_ms`1321`mcp_servers.<id>.scopes`

1322 

1323Type / Values

1324 

1325`array<string>`

1326 

1327Details

1328 

1329OAuth scopes to request when authenticating to that MCP server.

1330 

1331Key

1332 

1333`mcp_servers.<id>.startup_timeout_ms`

1334 

1335Type / Values

1336 

1337`number`

1338 

1339Details

1340 

1341Alias for `startup_timeout_sec` in milliseconds.

1342 

1343Key

1344 

1345`mcp_servers.<id>.startup_timeout_sec`

1346 

1347Type / Values

1348 

1349`number`

1350 

1351Details

1352 

1353Override the default 10s startup timeout for an MCP server.

1354 

1355Key

1356 

1357`mcp_servers.<id>.tool_timeout_sec`

1358 

1359Type / Values

1360 

1361`number`

1362 

1363Details

1364 

1365Override the default 60s per-tool timeout for an MCP server.

1366 

1367Key

1368 

1369`mcp_servers.<id>.url`

1370 

1371Type / Values

1372 

1373`string`

1374 

1375Details

1376 

1377Endpoint for an MCP streamable HTTP server.

1378 

1379Key

1380 

1381`model`

1382 

1383Type / Values

1384 

1385`string`

1386 

1387Details

1388 

1389Model to use (e.g., `gpt-5-codex`).

1390 

1391Key

1392 

1393`model_auto_compact_token_limit`

1394 

1395Type / Values

1396 

1397`number`

1398 

1399Details

1400 

1401Token threshold that triggers automatic history compaction (unset uses model defaults).

1402 

1403Key

1404 

1405`model_catalog_json`

1406 

1407Type / Values

1408 

1409`string (path)`

1410 

1411Details

1412 

1413Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile.

1414 

1415Key

1416 

1417`model_context_window`

1418 

1419Type / Values

1420 

1421`number`

1422 

1423Details

1424 

1425Context window tokens available to the active model.

1426 

1427Key

1428 

1429`model_instructions_file`

1430 

1431Type / Values

1432 

1433`string (path)`

1434 

1435Details

1436 

1437Replacement for built-in instructions instead of `AGENTS.md`.

1438 

1439Key

1440 

1441`model_provider`

1442 

1443Type / Values

1444 

1445`string`

1446 

1447Details

1448 

1449Provider id from `model_providers` (default: `openai`).

1450 

1451Key

1452 

1453`model_providers.<id>.base_url`

1454 

1455Type / Values

1456 

1457`string`

1458 

1459Details

1460 

1461API base URL for the model provider.

1462 

1463Key

1464 

1465`model_providers.<id>.env_http_headers`

1466 

1467Type / Values

1468 

1469`map<string,string>`

1470 

1471Details

1472 

1473HTTP headers populated from environment variables when present.

1474 

1475Key

1476 

1477`model_providers.<id>.env_key`

1478 

1479Type / Values

1480 

1481`string`

1482 

1483Details

1484 

1485Environment variable supplying the provider API key.

1486 

1487Key

1488 

1489`model_providers.<id>.env_key_instructions`

1490 

1491Type / Values

1492 

1493`string`

1494 

1495Details

1496 

1497Optional setup guidance for the provider API key.

1498 

1499Key

1500 

1501`model_providers.<id>.experimental_bearer_token`

1502 

1503Type / Values

1504 

1505`string`

1506 

1507Details

1508 

1509Direct bearer token for the provider (discouraged; use `env_key`).

1510 

1511Key

1512 

1513`model_providers.<id>.http_headers`

1514 

1515Type / Values

1516 

1517`map<string,string>`

1518 

1519Details

1520 

1521Static HTTP headers added to provider requests.

1522 

1523Key

1524 

1525`model_providers.<id>.name`

1526 

1527Type / Values

1528 

1529`string`

1530 

1531Details

1532 

1533Display name for a custom model provider.

1534 

1535Key

1536 

1537`model_providers.<id>.query_params`

1538 

1539Type / Values

1540 

1541`map<string,string>`

1542 

1543Details

1544 

1545Extra query parameters appended to provider requests.

1546 

1547Key

1548 

1549`model_providers.<id>.request_max_retries`

1550 

1551Type / Values

1552 

1553`number`

1554 

1555Details

1556 

1557Retry count for HTTP requests to the provider (default: 4).

1558 

1559Key

1560 

1561`model_providers.<id>.requires_openai_auth`

1562 

1563Type / Values

1564 

1565`boolean`

1566 

1567Details

1568 

1569The provider uses OpenAI authentication (defaults to false).

1570 

1571Key

1572 

1573`model_providers.<id>.stream_idle_timeout_ms`

1574 

1575Type / Values

1576 

1577`number`

1578 

1579Details

1580 

1581Idle timeout for SSE streams in milliseconds (default: 300000).

1582 

1583Key

1584 

1585`model_providers.<id>.stream_max_retries`

1586 

1587Type / Values

1588 

1589`number`

1590 

1591Details

1592 

1593Retry count for SSE streaming interruptions (default: 5).

1594 

1595Key

1596 

1597`model_providers.<id>.supports_websockets`

1598 

1599Type / Values

1600 

1601`boolean`

1602 

1603Details

1604 

1605Whether that provider supports the Responses API WebSocket transport.

1606 

1607Key

1608 

1609`model_providers.<id>.wire_api`

1610 

1611Type / Values

1612 

1613`responses`

1614 

1615Details

1616 

1617Protocol used by the provider. `responses` is the only supported value, and it is the default when omitted.

1618 

1619Key

1620 

1621`model_reasoning_effort`

1622 

1623Type / Values

1624 

1625`minimal | low | medium | high | xhigh`

1626 

1627Details

1628 

1629Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent).

1630 

1631Key

1632 

1633`model_reasoning_summary`

1634 

1635Type / Values

1636 

1637`auto | concise | detailed | none`

1638 

1639Details

1640 

1641Select reasoning summary detail or disable summaries entirely.

1642 

1643Key

1644 

1645`model_supports_reasoning_summaries`

1646 

1647Type / Values

1648 

1649`boolean`

1650 

1651Details

1652 

1653Force Codex to send or not send reasoning metadata.

1654 

1655Key

1656 

1657`model_verbosity`

1658 

1659Type / Values

1660 

1661`low | medium | high`

1662 

1663Details

1664 

1665Optional GPT-5 Responses API verbosity override; when unset, the selected model/preset default is used.

1666 

1667Key

1668 

1669`notice.hide_full_access_warning`

1670 

1671Type / Values

1672 

1673`boolean`

1674 

1675Details

1676 

1677Track acknowledgement of the full access warning prompt.

1678 

1679Key

1680 

1681`notice.hide_gpt-5.1-codex-max_migration_prompt`

1682 

1683Type / Values

1684 

1685`boolean`

1686 

1687Details

1688 

1689Track acknowledgement of the gpt-5.1-codex-max migration prompt.

1690 

1691Key

1692 

1693`notice.hide_gpt5_1_migration_prompt`

1694 

1695Type / Values

1696 

1697`boolean`

1698 

1699Details

1700 

1701Track acknowledgement of the GPT-5.1 migration prompt.

1702 

1703Key

1704 

1705`notice.hide_rate_limit_model_nudge`

1706 

1707Type / Values

1708 

1709`boolean`

1710 

1711Details

1712 

1713Track opt-out of the rate limit model switch reminder.

1714 

1715Key

1716 

1717`notice.hide_world_writable_warning`

1718 

1719Type / Values

1720 

1721`boolean`

1722 

1723Details

1724 

1725Track acknowledgement of the Windows world-writable directories warning.

1726 

1727Key

1728 

1729`notice.model_migrations`

1730 

1731Type / Values

1732 

1733`map<string,string>`

1734 

1735Details

1736 

1737Track acknowledged model migrations as old->new mappings.

1738 

1739Key

1740 

1741`notify`

1742 

1743Type / Values

1744 

1745`array<string>`

1746 

1747Details

1748 

1749Command invoked for notifications; receives a JSON payload from Codex.

1750 

1751Key

1752 

1753`oss_provider`

1754 

1755Type / Values

1756 

1757`lmstudio | ollama`

1758 

1759Details

1760 

1761Default local provider used when running with `--oss` (defaults to prompting if unset).

1762 

1763Key

1764 

1765`otel.environment`

1766 

1767Type / Values

1768 

1769`string`

1770 

1771Details

1772 

1773Environment tag applied to emitted OpenTelemetry events (default: `dev`).

1774 

1775Key

1776 

1777`otel.exporter`

1778 

1779Type / Values

1780 

1781`none | otlp-http | otlp-grpc`

1782 

1783Details

1784 

1785Select the OpenTelemetry exporter and provide any endpoint metadata.

1786 

1787Key

1788 

1789`otel.exporter.<id>.endpoint`

1790 

1791Type / Values

1792 

1793`string`

1794 

1795Details

1796 

1797Exporter endpoint for OTEL logs.

1798 

1799Key

1800 

1801`otel.exporter.<id>.headers`

1802 

1803Type / Values

1804 

1805`map<string,string>`

1806 

1807Details

1808 

1809Static headers included with OTEL exporter requests.

1810 

1811Key

1812 

1813`otel.exporter.<id>.protocol`

1814 

1815Type / Values

1816 

1817`binary | json`

1818 

1819Details

1820 

1821Protocol used by the OTLP/HTTP exporter.

1822 

1823Key

1824 

1825`otel.exporter.<id>.tls.ca-certificate`

1826 

1827Type / Values

1828 

1829`string`

1830 

1831Details

1832 

1833CA certificate path for OTEL exporter TLS.

1834 

1835Key

1836 

1837`otel.exporter.<id>.tls.client-certificate`

1114 1838 

1115Type / Values1839Type / Values

1116 1840 

1117`number`1841`string`

1118 1842 

1119Details1843Details

1120 1844 

1121Idle timeout for SSE streams in milliseconds (default: 300000).1845Client certificate path for OTEL exporter TLS.

1122 1846 

1123Key1847Key

1124 1848 

1125`model_providers.<id>.stream_max_retries`1849`otel.exporter.<id>.tls.client-private-key`

1126 1850 

1127Type / Values1851Type / Values

1128 1852 

1129`number`1853`string`

1130 1854 

1131Details1855Details

1132 1856 

1133Retry count for SSE streaming interruptions (default: 5).1857Client private key path for OTEL exporter TLS.

1134 1858 

1135Key1859Key

1136 1860 

1137`model_providers.<id>.wire_api`1861`otel.log_user_prompt`

1138 1862 

1139Type / Values1863Type / Values

1140 1864 

1141`chat | responses`1865`boolean`

1142 1866 

1143Details1867Details

1144 1868 

1145Protocol used by the provider (defaults to `chat` if omitted).1869Opt in to exporting raw user prompts with OpenTelemetry logs.

1146 1870 

1147Key1871Key

1148 1872 

1149`model_reasoning_effort`1873`otel.metrics_exporter`

1150 1874 

1151Type / Values1875Type / Values

1152 1876 

1153`minimal | low | medium | high | xhigh`1877`none | statsig | otlp-http | otlp-grpc`

1154 1878 

1155Details1879Details

1156 1880 

1157Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent).1881Select the OpenTelemetry metrics exporter (defaults to `statsig`).

1158 1882 

1159Key1883Key

1160 1884 

1161`model_reasoning_summary`1885`otel.trace_exporter`

1162 1886 

1163Type / Values1887Type / Values

1164 1888 

1165`auto | concise | detailed | none`1889`none | otlp-http | otlp-grpc`

1166 1890 

1167Details1891Details

1168 1892 

1169Select reasoning summary detail or disable summaries entirely.1893Select the OpenTelemetry trace exporter and provide any endpoint metadata.

1170 1894 

1171Key1895Key

1172 1896 

1173`model_supports_reasoning_summaries`1897`otel.trace_exporter.<id>.endpoint`

1174 1898 

1175Type / Values1899Type / Values

1176 1900 

1177`boolean`1901`string`

1178 1902 

1179Details1903Details

1180 1904 

1181Force Codex to send or not send reasoning metadata.1905Trace exporter endpoint for OTEL logs.

1182 1906 

1183Key1907Key

1184 1908 

1185`model_verbosity`1909`otel.trace_exporter.<id>.headers`

1186 1910 

1187Type / Values1911Type / Values

1188 1912 

1189`low | medium | high`1913`map<string,string>`

1190 1914 

1191Details1915Details

1192 1916 

1193Control GPT-5 Responses API verbosity (defaults to `medium`).1917Static headers included with OTEL trace exporter requests.

1194 1918 

1195Key1919Key

1196 1920 

1197`notice.hide_full_access_warning`1921`otel.trace_exporter.<id>.protocol`

1198 1922 

1199Type / Values1923Type / Values

1200 1924 

1201`boolean`1925`binary | json`

1202 1926 

1203Details1927Details

1204 1928 

1205Track acknowledgement of the full access warning prompt.1929Protocol used by the OTLP/HTTP trace exporter.

1206 1930 

1207Key1931Key

1208 1932 

1209`notice.hide_gpt-5.1-codex-max_migration_prompt`1933`otel.trace_exporter.<id>.tls.ca-certificate`

1210 1934 

1211Type / Values1935Type / Values

1212 1936 

1213`boolean`1937`string`

1214 1938 

1215Details1939Details

1216 1940 

1217Track acknowledgement of the gpt-5.1-codex-max migration prompt.1941CA certificate path for OTEL trace exporter TLS.

1218 1942 

1219Key1943Key

1220 1944 

1221`notice.hide_gpt5_1_migration_prompt`1945`otel.trace_exporter.<id>.tls.client-certificate`

1222 1946 

1223Type / Values1947Type / Values

1224 1948 

1225`boolean`1949`string`

1226 1950 

1227Details1951Details

1228 1952 

1229Track acknowledgement of the GPT-5.1 migration prompt.1953Client certificate path for OTEL trace exporter TLS.

1230 1954 

1231Key1955Key

1232 1956 

1233`notice.hide_rate_limit_model_nudge`1957`otel.trace_exporter.<id>.tls.client-private-key`

1234 1958 

1235Type / Values1959Type / Values

1236 1960 

1237`boolean`1961`string`

1238 1962 

1239Details1963Details

1240 1964 

1241Track opt-out of the rate limit model switch reminder.1965Client private key path for OTEL trace exporter TLS.

1242 1966 

1243Key1967Key

1244 1968 

1245`notice.hide_world_writable_warning`1969`permissions.network.admin_url`

1246 1970 

1247Type / Values1971Type / Values

1248 1972 

1249`boolean`1973`string`

1250 1974 

1251Details1975Details

1252 1976 

1253Track acknowledgement of the Windows world-writable directories warning.1977Admin endpoint for the managed network proxy.

1254 1978 

1255Key1979Key

1256 1980 

1257`notice.model_migrations`1981`permissions.network.allow_local_binding`

1258 1982 

1259Type / Values1983Type / Values

1260 1984 

1261`map<string,string>`1985`boolean`

1262 1986 

1263Details1987Details

1264 1988 

1265Track acknowledged model migrations as old->new mappings.1989Permit local bind/listen operations through the managed proxy.

1266 1990 

1267Key1991Key

1268 1992 

1269`notify`1993`permissions.network.allow_unix_sockets`

1270 1994 

1271Type / Values1995Type / Values

1272 1996 

1274 1998 

1275Details1999Details

1276 2000 

1277Command invoked for notifications; receives a JSON payload from Codex.2001Allowlist of Unix socket paths permitted through the managed proxy.

1278 2002 

1279Key2003Key

1280 2004 

1281`oss_provider`2005`permissions.network.allow_upstream_proxy`

1282 2006 

1283Type / Values2007Type / Values

1284 2008 

1285`lmstudio | ollama`2009`boolean`

1286 2010 

1287Details2011Details

1288 2012 

1289Default local provider used when running with `--oss` (defaults to prompting if unset).2013Allow the managed proxy to chain to another upstream proxy.

1290 2014 

1291Key2015Key

1292 2016 

1293`otel.environment`2017`permissions.network.allowed_domains`

1294 2018 

1295Type / Values2019Type / Values

1296 2020 

1297`string`2021`array<string>`

1298 2022 

1299Details2023Details

1300 2024 

1301Environment tag applied to emitted OpenTelemetry events (default: `dev`).2025Allowlist of domains permitted through the managed proxy.

1302 2026 

1303Key2027Key

1304 2028 

1305`otel.exporter`2029`permissions.network.dangerously_allow_all_unix_sockets`

1306 2030 

1307Type / Values2031Type / Values

1308 2032 

1309`none | otlp-http | otlp-grpc`2033`boolean`

1310 2034 

1311Details2035Details

1312 2036 

1313Select the OpenTelemetry exporter and provide any endpoint metadata.2037Allow the proxy to use arbitrary Unix sockets instead of the default restricted set.

1314 2038 

1315Key2039Key

1316 2040 

1317`otel.exporter.<id>.endpoint`2041`permissions.network.dangerously_allow_non_loopback_admin`

1318 2042 

1319Type / Values2043Type / Values

1320 2044 

1321`string`2045`boolean`

1322 2046 

1323Details2047Details

1324 2048 

1325Exporter endpoint for OTEL logs.2049Permit non-loopback bind addresses for the managed proxy admin listener.

1326 2050 

1327Key2051Key

1328 2052 

1329`otel.exporter.<id>.headers`2053`permissions.network.dangerously_allow_non_loopback_proxy`

1330 2054 

1331Type / Values2055Type / Values

1332 2056 

1333`map<string,string>`2057`boolean`

1334 2058 

1335Details2059Details

1336 2060 

1337Static headers included with OTEL exporter requests.2061Permit non-loopback bind addresses for the managed proxy listener.

1338 2062 

1339Key2063Key

1340 2064 

1341`otel.exporter.<id>.protocol`2065`permissions.network.denied_domains`

1342 2066 

1343Type / Values2067Type / Values

1344 2068 

1345`binary | json`2069`array<string>`

1346 2070 

1347Details2071Details

1348 2072 

1349Protocol used by the OTLP/HTTP exporter.2073Denylist of domains blocked by the managed proxy.

1350 2074 

1351Key2075Key

1352 2076 

1353`otel.exporter.<id>.tls.ca-certificate`2077`permissions.network.enable_socks5`

1354 2078 

1355Type / Values2079Type / Values

1356 2080 

1357`string`2081`boolean`

1358 2082 

1359Details2083Details

1360 2084 

1361CA certificate path for OTEL exporter TLS.2085Expose a SOCKS5 listener from the managed network proxy.

1362 2086 

1363Key2087Key

1364 2088 

1365`otel.exporter.<id>.tls.client-certificate`2089`permissions.network.enable_socks5_udp`

1366 2090 

1367Type / Values2091Type / Values

1368 2092 

1369`string`2093`boolean`

1370 2094 

1371Details2095Details

1372 2096 

1373Client certificate path for OTEL exporter TLS.2097Allow UDP over the SOCKS5 listener when enabled.

1374 2098 

1375Key2099Key

1376 2100 

1377`otel.exporter.<id>.tls.client-private-key`2101`permissions.network.enabled`

1378 2102 

1379Type / Values2103Type / Values

1380 2104 

1381`string`2105`boolean`

1382 2106 

1383Details2107Details

1384 2108 

1385Client private key path for OTEL exporter TLS.2109Enable the managed network proxy configuration for subprocesses.

1386 2110 

1387Key2111Key

1388 2112 

1389`otel.log_user_prompt`2113`permissions.network.mode`

1390 2114 

1391Type / Values2115Type / Values

1392 2116 

1393`boolean`2117`limited | full`

1394 2118 

1395Details2119Details

1396 2120 

1397Opt in to exporting raw user prompts with OpenTelemetry logs.2121Network proxy mode used for subprocess traffic.

1398 2122 

1399Key2123Key

1400 2124 

1401`otel.trace_exporter`2125`permissions.network.proxy_url`

1402 2126 

1403Type / Values2127Type / Values

1404 2128 

1405`none | otlp-http | otlp-grpc`2129`string`

1406 2130 

1407Details2131Details

1408 2132 

1409Select the OpenTelemetry trace exporter and provide any endpoint metadata.2133HTTP proxy endpoint used by the managed network proxy.

1410 2134 

1411Key2135Key

1412 2136 

1413`otel.trace_exporter.<id>.endpoint`2137`permissions.network.socks_url`

1414 2138 

1415Type / Values2139Type / Values

1416 2140 

1418 2142 

1419Details2143Details

1420 2144 

1421Trace exporter endpoint for OTEL logs.2145SOCKS5 proxy endpoint used by the managed network proxy.

1422 2146 

1423Key2147Key

1424 2148 

1425`otel.trace_exporter.<id>.headers`2149`personality`

1426 2150 

1427Type / Values2151Type / Values

1428 2152 

1429`map<string,string>`2153`none | friendly | pragmatic`

1430 2154 

1431Details2155Details

1432 2156 

1433Static headers included with OTEL trace exporter requests.2157Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`.

1434 2158 

1435Key2159Key

1436 2160 

1437`otel.trace_exporter.<id>.protocol`2161`plan_mode_reasoning_effort`

1438 2162 

1439Type / Values2163Type / Values

1440 2164 

1441`binary | json`2165`none | minimal | low | medium | high | xhigh`

1442 2166 

1443Details2167Details

1444 2168 

1445Protocol used by the OTLP/HTTP trace exporter.2169Plan-mode-specific reasoning override. When unset, Plan mode uses its built-in preset default.

1446 2170 

1447Key2171Key

1448 2172 

1449`otel.trace_exporter.<id>.tls.ca-certificate`2173`profile`

1450 2174 

1451Type / Values2175Type / Values

1452 2176 

1454 2178 

1455Details2179Details

1456 2180 

1457CA certificate path for OTEL trace exporter TLS.2181Default profile applied at startup (equivalent to `--profile`).

1458 2182 

1459Key2183Key

1460 2184 

1461`otel.trace_exporter.<id>.tls.client-certificate`2185`profiles.<name>.*`

1462 2186 

1463Type / Values2187Type / Values

1464 2188 

1465`string`2189`various`

1466 2190 

1467Details2191Details

1468 2192 

1469Client certificate path for OTEL trace exporter TLS.2193Profile-scoped overrides for any of the supported configuration keys.

1470 2194 

1471Key2195Key

1472 2196 

1473`otel.trace_exporter.<id>.tls.client-private-key`2197`profiles.<name>.analytics.enabled`

1474 2198 

1475Type / Values2199Type / Values

1476 2200 

1477`string`2201`boolean`

1478 2202 

1479Details2203Details

1480 2204 

1481Client private key path for OTEL trace exporter TLS.2205Profile-scoped analytics enablement override.

1482 2206 

1483Key2207Key

1484 2208 

1485`personality`2209`profiles.<name>.experimental_use_unified_exec_tool`

1486 2210 

1487Type / Values2211Type / Values

1488 2212 

1489`none | friendly | pragmatic`2213`boolean`

1490 2214 

1491Details2215Details

1492 2216 

1493Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`.2217Legacy name for enabling unified exec; prefer `[features].unified_exec`.

1494 2218 

1495Key2219Key

1496 2220 

1497`profile`2221`profiles.<name>.model_catalog_json`

1498 2222 

1499Type / Values2223Type / Values

1500 2224 

1501`string`2225`string (path)`

1502 2226 

1503Details2227Details

1504 2228 

1505Default profile applied at startup (equivalent to `--profile`).2229Profile-scoped model catalog JSON path override (applied on startup only; overrides the top-level `model_catalog_json` for that profile).

1506 2230 

1507Key2231Key

1508 2232 

1509`profiles.<name>.*`2233`profiles.<name>.model_instructions_file`

1510 2234 

1511Type / Values2235Type / Values

1512 2236 

1513`various`2237`string (path)`

1514 2238 

1515Details2239Details

1516 2240 

1517Profile-scoped overrides for any of the supported configuration keys.2241Profile-scoped replacement for the built-in instruction file.

1518 2242 

1519Key2243Key

1520 2244 

1521`profiles.<name>.experimental_use_freeform_apply_patch`2245`profiles.<name>.oss_provider`

1522 2246 

1523Type / Values2247Type / Values

1524 2248 

1525`boolean`2249`lmstudio | ollama`

1526 2250 

1527Details2251Details

1528 2252 

1529Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.2253Profile-scoped OSS provider for `--oss` sessions.

1530 2254 

1531Key2255Key

1532 2256 

1533`profiles.<name>.experimental_use_unified_exec_tool`2257`profiles.<name>.personality`

1534 2258 

1535Type / Values2259Type / Values

1536 2260 

1537`boolean`2261`none | friendly | pragmatic`

1538 2262 

1539Details2263Details

1540 2264 

1541Legacy name for enabling unified exec; prefer `[features].unified_exec`.2265Profile-scoped communication style override for supported models.

1542 2266 

1543Key2267Key

1544 2268 

1545`profiles.<name>.include_apply_patch_tool`2269`profiles.<name>.plan_mode_reasoning_effort`

1546 2270 

1547Type / Values2271Type / Values

1548 2272 

1549`boolean`2273`none | minimal | low | medium | high | xhigh`

1550 2274 

1551Details2275Details

1552 2276 

1553Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.2277Profile-scoped Plan-mode reasoning override.

1554 2278 

1555Key2279Key

1556 2280 

1557`profiles.<name>.oss_provider`2281`profiles.<name>.service_tier`

1558 2282 

1559Type / Values2283Type / Values

1560 2284 

1561`lmstudio | ollama`2285`flex | fast`

1562 2286 

1563Details2287Details

1564 2288 

1565Profile-scoped OSS provider for `--oss` sessions.2289Profile-scoped service tier preference for new turns.

1566 2290 

1567Key2291Key

1568 2292 

1569`profiles.<name>.personality`2293`profiles.<name>.tools_view_image`

1570 2294 

1571Type / Values2295Type / Values

1572 2296 

1573`none | friendly | pragmatic`2297`boolean`

1574 2298 

1575Details2299Details

1576 2300 

1577Profile-scoped communication style override for supported models.2301Enable or disable the `view_image` tool in that profile.

1578 2302 

1579Key2303Key

1580 2304 

1590 2314 

1591Key2315Key

1592 2316 

2317`profiles.<name>.windows.sandbox`

2318 

2319Type / Values

2320 

2321`unelevated | elevated`

2322 

2323Details

2324 

2325Profile-scoped Windows sandbox mode override.

2326 

2327Key

2328 

1593`project_doc_fallback_filenames`2329`project_doc_fallback_filenames`

1594 2330 

1595Type / Values2331Type / Values

1710 2446 

1711Key2447Key

1712 2448 

2449`service_tier`

2450 

2451Type / Values

2452 

2453`flex | fast`

2454 

2455Details

2456 

2457Preferred service tier for new turns. `fast` is honored only when the `features.fast_mode` gate is enabled.

2458 

2459Key

2460 

1713`shell_environment_policy.exclude`2461`shell_environment_policy.exclude`

1714 2462 

1715Type / Values2463Type / Values

1830 2578 

1831Key2579Key

1832 2580 

2581`sqlite_home`

2582 

2583Type / Values

2584 

2585`string (path)`

2586 

2587Details

2588 

2589Directory where Codex stores the SQLite-backed state DB used by agent jobs and other resumable runtime state.

2590 

2591Key

2592 

1833`suppress_unstable_features_warning`2593`suppress_unstable_features_warning`

1834 2594 

1835Type / Values2595Type / Values

1854 2614 

1855Key2615Key

1856 2616 

2617`tools.view_image`

2618 

2619Type / Values

2620 

2621`boolean`

2622 

2623Details

2624 

2625Enable the local-image attachment tool `view_image`.

2626 

2627Key

2628 

1857`tools.web_search`2629`tools.web_search`

1858 2630 

1859Type / Values2631Type / Values

1902 2674 

1903Key2675Key

1904 2676 

2677`tui.model_availability_nux.<model>`

2678 

2679Type / Values

2680 

2681`integer`

2682 

2683Details

2684 

2685Internal startup-tooltip state keyed by model slug.

2686 

2687Key

2688 

1905`tui.notification_method`2689`tui.notification_method`

1906 2690 

1907Type / Values2691Type / Values

1950 2734 

1951Key2735Key

1952 2736 

2737`tui.theme`

2738 

2739Type / Values

2740 

2741`string`

2742 

2743Details

2744 

2745Syntax-highlighting theme override (kebab-case theme name).

2746 

2747Key

2748 

1953`web_search`2749`web_search`

1954 2750 

1955Type / Values2751Type / Values

1972 2768 

1973Track Windows onboarding acknowledgement (Windows only).2769Track Windows onboarding acknowledgement (Windows only).

1974 2770 

2771Key

2772 

2773`windows.sandbox`

2774 

2775Type / Values

2776 

2777`unelevated | elevated`

2778 

2779Details

2780 

2781Windows-only native sandbox mode when running Codex natively on Windows.

2782 

1975Expand to view all2783Expand to view all

1976 2784 

1977You can find the latest JSON schema for `config.toml` [here](https://developers.openai.com/codex/config-schema.json).2785You can find the latest JSON schema for `config.toml` [here](https://developers.openai.com/codex/config-schema.json).

1986 2794 

1987## `requirements.toml`2795## `requirements.toml`

1988 2796 

1989`requirements.toml` is an admin-enforced configuration file that constrains security-sensitive settings users cant override. For details, locations, and examples, see [Admin-enforced requirements](https://developers.openai.com/codex/security#admin-enforced-requirements-requirementstoml).2797`requirements.toml` is an admin-enforced configuration file that constrains security-sensitive settings users can't override. For details, locations, and examples, see [Admin-enforced requirements](https://developers.openai.com/codex/enterprise/managed-configuration#admin-enforced-requirements-requirementstoml).

1990 2798 

1991For ChatGPT Business and Enterprise users, Codex can also apply cloud-fetched2799For ChatGPT Business and Enterprise users, Codex can also apply cloud-fetched

1992requirements. See the security page for precedence details.2800requirements. See the security page for precedence details.

1993 2801 

2802Use `[features]` in `requirements.toml` to pin feature flags by the same

2803canonical keys that `config.toml` uses. Omitted keys remain unconstrained.

2804 

1994| Key | Type / Values | Details |2805| Key | Type / Values | Details |

1995| --- | --- | --- |2806| --- | --- | --- |

1996| `allowed_approval_policies` | `array<string>` | Allowed values for `approval\_policy`. |2807| `allowed_approval_policies` | `array<string>` | Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `reject`). |

1997| `allowed_sandbox_modes` | `array<string>` | Allowed values for `sandbox_mode`. |2808| `allowed_sandbox_modes` | `array<string>` | Allowed values for `sandbox_mode`. |

1998| `allowed_web_search_modes` | `array<string>` | Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`. |2809| `allowed_web_search_modes` | `array<string>` | Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`. |

2810| `features` | `table` | Pinned feature values keyed by the canonical names from `config.toml`'s `[features]` table. |

2811| `features.<name>` | `boolean` | Require a specific canonical feature key to stay enabled or disabled. |

1999| `mcp_servers` | `table` | Allowlist of MCP servers that may be enabled. Both the server name (`<id>`) and its identity must match for the MCP server to be enabled. Any configured MCP server not in the allowlist (or with a mismatched identity) is disabled. |2812| `mcp_servers` | `table` | Allowlist of MCP servers that may be enabled. Both the server name (`<id>`) and its identity must match for the MCP server to be enabled. Any configured MCP server not in the allowlist (or with a mismatched identity) is disabled. |

2000| `mcp_servers.<id>.identity` | `table` | Identity rule for a single MCP server. Set either `command` (stdio) or `url` (streamable HTTP). |2813| `mcp_servers.<id>.identity` | `table` | Identity rule for a single MCP server. Set either `command` (stdio) or `url` (streamable HTTP). |

2001| `mcp_servers.<id>.identity.command` | `string` | Allow an MCP stdio server when its `mcp_servers.<id>.command` matches this command. |2814| `mcp_servers.<id>.identity.command` | `string` | Allow an MCP stdio server when its `mcp_servers.<id>.command` matches this command. |

2018 2831 

2019Details2832Details

2020 2833 

2021Allowed values for `approval\_policy`.2834Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `reject`).

2022 2835 

2023Key2836Key

2024 2837 

2046 2859 

2047Key2860Key

2048 2861 

2862`features`

2863 

2864Type / Values

2865 

2866`table`

2867 

2868Details

2869 

2870Pinned feature values keyed by the canonical names from `config.toml`'s `[features]` table.

2871 

2872Key

2873 

2874`features.<name>`

2875 

2876Type / Values

2877 

2878`boolean`

2879 

2880Details

2881 

2882Require a specific canonical feature key to stay enabled or disabled.

2883 

2884Key

2885 

2049`mcp_servers`2886`mcp_servers`

2050 2887 

2051Type / Values2888Type / Values