SpyBara
Go Premium Account

config-reference.md Codex Docs, 2026-02-23 18:27 UTC → 2026-03-16 18:25 UTC

Inspect the documentation page or source diff for this selected snapshot comparison.

2026
23 Feb 2026, 18:27
14 May 2026, 21:00 14 May 2026, 07:00 13 May 2026, 00:57 12 May 2026, 01:59 11 May 2026, 18:00 7 May 2026, 20:02 7 May 2026, 17:08 5 May 2026, 23:00 2 May 2026, 06:45 2 May 2026, 00:48 1 May 2026, 18:29 30 Apr 2026, 18:36 29 Apr 2026, 12:40 29 Apr 2026, 00:50 25 Apr 2026, 06:37 25 Apr 2026, 00:42 24 Apr 2026, 18:20 24 Apr 2026, 12:28 23 Apr 2026, 18:31 23 Apr 2026, 12:28 23 Apr 2026, 00:46 22 Apr 2026, 18:29 22 Apr 2026, 00:42 21 Apr 2026, 18:29 21 Apr 2026, 12:30 21 Apr 2026, 06:45 20 Apr 2026, 18:26 20 Apr 2026, 06:53 18 Apr 2026, 18:18 17 Apr 2026, 00:44 16 Apr 2026, 18:31 16 Apr 2026, 00:46 15 Apr 2026, 18:31 15 Apr 2026, 06:44 14 Apr 2026, 18:31 14 Apr 2026, 12:29 13 Apr 2026, 18:37 13 Apr 2026, 00:44 12 Apr 2026, 06:38 10 Apr 2026, 18:23 9 Apr 2026, 00:33 8 Apr 2026, 18:32 8 Apr 2026, 00:40 7 Apr 2026, 00:40 2 Apr 2026, 18:23 31 Mar 2026, 06:35 31 Mar 2026, 00:39 28 Mar 2026, 06:26 28 Mar 2026, 00:36 27 Mar 2026, 18:23 27 Mar 2026, 00:39 26 Mar 2026, 18:27 25 Mar 2026, 18:24 23 Mar 2026, 18:22 20 Mar 2026, 00:35 18 Mar 2026, 12:23 18 Mar 2026, 00:36 17 Mar 2026, 18:24 17 Mar 2026, 00:33 16 Mar 2026, 18:25 16 Mar 2026, 12:23 14 Mar 2026, 00:32 13 Mar 2026, 18:15 13 Mar 2026, 00:34 11 Mar 2026, 00:31 9 Mar 2026, 00:34 8 Mar 2026, 18:10 8 Mar 2026, 00:35 7 Mar 2026, 18:10 7 Mar 2026, 06:14 7 Mar 2026, 00:33 6 Mar 2026, 00:38 5 Mar 2026, 18:41 5 Mar 2026, 06:22 5 Mar 2026, 00:34 4 Mar 2026, 18:18 4 Mar 2026, 06:20 3 Mar 2026, 18:20 3 Mar 2026, 00:35 27 Feb 2026, 18:15 24 Feb 2026, 06:27 24 Feb 2026, 00:33 23 Feb 2026, 18:27 21 Feb 2026, 00:33 20 Feb 2026, 12:16 19 Feb 2026, 20:53 19 Feb 2026, 20:37
16 Mar 2026, 18:25
14 May 2026, 21:00 14 May 2026, 07:00 13 May 2026, 00:57 12 May 2026, 01:59 11 May 2026, 18:00 7 May 2026, 20:02 7 May 2026, 17:08 5 May 2026, 23:00 2 May 2026, 06:45 2 May 2026, 00:48 1 May 2026, 18:29 30 Apr 2026, 18:36 29 Apr 2026, 12:40 29 Apr 2026, 00:50 25 Apr 2026, 06:37 25 Apr 2026, 00:42 24 Apr 2026, 18:20 24 Apr 2026, 12:28 23 Apr 2026, 18:31 23 Apr 2026, 12:28 23 Apr 2026, 00:46 22 Apr 2026, 18:29 22 Apr 2026, 00:42 21 Apr 2026, 18:29 21 Apr 2026, 12:30 21 Apr 2026, 06:45 20 Apr 2026, 18:26 20 Apr 2026, 06:53 18 Apr 2026, 18:18 17 Apr 2026, 00:44 16 Apr 2026, 18:31 16 Apr 2026, 00:46 15 Apr 2026, 18:31 15 Apr 2026, 06:44 14 Apr 2026, 18:31 14 Apr 2026, 12:29 13 Apr 2026, 18:37 13 Apr 2026, 00:44 12 Apr 2026, 06:38 10 Apr 2026, 18:23 9 Apr 2026, 00:33 8 Apr 2026, 18:32 8 Apr 2026, 00:40 7 Apr 2026, 00:40 2 Apr 2026, 18:23 31 Mar 2026, 06:35 31 Mar 2026, 00:39 28 Mar 2026, 06:26 28 Mar 2026, 00:36 27 Mar 2026, 18:23 27 Mar 2026, 00:39 26 Mar 2026, 18:27 25 Mar 2026, 18:24 23 Mar 2026, 18:22 20 Mar 2026, 00:35 18 Mar 2026, 12:23 18 Mar 2026, 00:36 17 Mar 2026, 18:24 17 Mar 2026, 00:33 16 Mar 2026, 18:25 16 Mar 2026, 12:23 14 Mar 2026, 00:32 13 Mar 2026, 18:15 13 Mar 2026, 00:34 11 Mar 2026, 00:31 9 Mar 2026, 00:34 8 Mar 2026, 18:10 8 Mar 2026, 00:35 7 Mar 2026, 18:10 7 Mar 2026, 06:14 7 Mar 2026, 00:33 6 Mar 2026, 00:38 5 Mar 2026, 18:41 5 Mar 2026, 06:22 5 Mar 2026, 00:34 4 Mar 2026, 18:18 4 Mar 2026, 06:20 3 Mar 2026, 18:20 3 Mar 2026, 00:35 27 Feb 2026, 18:15 24 Feb 2026, 06:27 24 Feb 2026, 00:33 23 Feb 2026, 18:27 21 Feb 2026, 00:33 20 Feb 2026, 12:16 19 Feb 2026, 20:53 19 Feb 2026, 20:37
Tue 3 00:35 Tue 3 18:20 Wed 4 06:20 Wed 4 18:18 Thu 5 00:34 Thu 5 06:22 Thu 5 18:41 Fri 6 00:38 Sat 7 00:33 Sat 7 06:14 Sat 7 18:10 Sun 8 00:35 Sun 8 18:10 Mon 9 00:34 Wed 11 00:31 Fri 13 00:34 Fri 13 18:15 Sat 14 00:32 Mon 16 12:23 Mon 16 18:25 Tue 17 00:33 Tue 17 18:24 Wed 18 00:36 Wed 18 12:23 Fri 20 00:35 Mon 23 18:22 Wed 25 18:24 Thu 26 18:27 Fri 27 00:39 Fri 27 18:23 Sat 28 00:36 Sat 28 06:26 Tue 31 00:39 Tue 31 06:35

config-reference.md +1176 −341

Details

6 6 

7User-level configuration lives in `~/.codex/config.toml`. You can also add project-scoped overrides in `.codex/config.toml` files. Codex loads project-scoped config files only when you trust the project.7User-level configuration lives in `~/.codex/config.toml`. You can also add project-scoped overrides in `.codex/config.toml` files. Codex loads project-scoped config files only when you trust the project.

8 8 

9For sandbox and approval keys (`approval_policy`, `sandbox_mode`, and `sandbox_workspace_write.*`), pair this reference with [Sandbox and approvals](https://developers.openai.com/codex/security#sandbox-and-approvals), [Protected paths in writable roots](https://developers.openai.com/codex/security#protected-paths-in-writable-roots), and [Network access](https://developers.openai.com/codex/security#network-access).9For sandbox and approval keys (`approval_policy`, `sandbox_mode`, and `sandbox_workspace_write.*`), pair this reference with [Sandbox and approvals](https://developers.openai.com/codex/agent-approvals-security#sandbox-and-approvals), [Protected paths in writable roots](https://developers.openai.com/codex/agent-approvals-security#protected-paths-in-writable-roots), and [Network access](https://developers.openai.com/codex/agent-approvals-security#network-access).

10 10 

11| Key | Type / Values | Details |11| Key | Type / Values | Details |

12| --- | --- | --- |12| --- | --- | --- |

13| `agents.<name>.config_file` | `string (path)` | Path to a TOML config layer for that role; relative paths resolve from the config file that declares the role. |13| `agents.<name>.config_file` | `string (path)` | Path to a TOML config layer for that role; relative paths resolve from the config file that declares the role. |

14| `agents.<name>.description` | `string` | Role guidance shown to Codex when choosing and spawning that agent type. |14| `agents.<name>.description` | `string` | Role guidance shown to Codex when choosing and spawning that agent type. |

15| `agents.max_threads` | `number` | Maximum number of agent threads that can be open concurrently. |15| `agents.<name>.nickname_candidates` | `array<string>` | Optional pool of display nicknames for spawned agents in that role. |

16| `approval_policy` | `untrusted | on-request | never` | Controls when Codex pauses for approval before executing commands. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs. |16| `agents.job_max_runtime_seconds` | `number` | Default per-worker timeout for `spawn_agents_on_csv` jobs. When unset, the tool falls back to 1800 seconds per worker. |

17| `apps.<id>.disabled_reason` | `unknown | user` | Optional reason attached when an app/connector is disabled. |17| `agents.max_depth` | `number` | Maximum nesting depth allowed for spawned agent threads (root sessions start at depth 0; default: 1). |

18| `agents.max_threads` | `number` | Maximum number of agent threads that can be open concurrently. Defaults to `6` when unset. |

19| `allow_login_shell` | `boolean` | Allow shell-based tools to use login-shell semantics. Defaults to `true`; when `false`, `login = true` requests are rejected and omitted `login` defaults to non-login shells. |

20| `analytics.enabled` | `boolean` | Enable or disable analytics for this machine/profile. When unset, the client default applies. |

21| `approval_policy` | `untrusted | on-request | never | { reject = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool } }` | Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { reject = { ... } }` to auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs. |

22| `approval_policy.reject.mcp_elicitations` | `boolean` | When `true`, MCP elicitation prompts are auto-rejected instead of shown to the user. |

23| `approval_policy.reject.rules` | `boolean` | When `true`, approvals triggered by execpolicy `prompt` rules are auto-rejected. |

24| `approval_policy.reject.sandbox_approval` | `boolean` | When `true`, sandbox escalation approval prompts are auto-rejected. |

25| `apps._default.destructive_enabled` | `boolean` | Default allow/deny for app tools with `destructive_hint = true`. |

26| `apps._default.enabled` | `boolean` | Default app enabled state for all apps unless overridden per app. |

27| `apps._default.open_world_enabled` | `boolean` | Default allow/deny for app tools with `open_world_hint = true`. |

28| `apps.<id>.default_tools_approval_mode` | `auto | prompt | approve` | Default approval behavior for tools in this app unless a per-tool override exists. |

29| `apps.<id>.default_tools_enabled` | `boolean` | Default enabled state for tools in this app unless a per-tool override exists. |

30| `apps.<id>.destructive_enabled` | `boolean` | Allow or block tools in this app that advertise `destructive_hint = true`. |

18| `apps.<id>.enabled` | `boolean` | Enable or disable a specific app/connector by id (default: true). |31| `apps.<id>.enabled` | `boolean` | Enable or disable a specific app/connector by id (default: true). |

32| `apps.<id>.open_world_enabled` | `boolean` | Allow or block tools in this app that advertise `open_world_hint = true`. |

33| `apps.<id>.tools.<tool>.approval_mode` | `auto | prompt | approve` | Per-tool approval behavior override for a single app tool. |

34| `apps.<id>.tools.<tool>.enabled` | `boolean` | Per-tool enabled override for an app tool (for example `repos/list`). |

35| `background_terminal_max_timeout` | `number` | Maximum poll window in milliseconds for empty `write_stdin` polls (background terminal polling). Default: `300000` (5 minutes). Replaces the older `background_terminal_timeout` key. |

19| `chatgpt_base_url` | `string` | Override the base URL used during the ChatGPT login flow. |36| `chatgpt_base_url` | `string` | Override the base URL used during the ChatGPT login flow. |

20| `check_for_update_on_startup` | `boolean` | Check for Codex updates on startup (set to false only when updates are centrally managed). |37| `check_for_update_on_startup` | `boolean` | Check for Codex updates on startup (set to false only when updates are centrally managed). |

21| `cli_auth_credentials_store` | `file | keyring | auto` | Control where the CLI stores cached credentials (file-based auth.json vs OS keychain). |38| `cli_auth_credentials_store` | `file | keyring | auto` | Control where the CLI stores cached credentials (file-based auth.json vs OS keychain). |

39| `commit_attribution` | `string` | Override the commit co-author trailer text. Set an empty string to disable automatic attribution. |

22| `compact_prompt` | `string` | Inline override for the history compaction prompt. |40| `compact_prompt` | `string` | Inline override for the history compaction prompt. |

23| `developer_instructions` | `string` | Additional developer instructions injected into the session (optional). |41| `developer_instructions` | `string` | Additional developer instructions injected into the session (optional). |

24| `disable_paste_burst` | `boolean` | Disable burst-paste detection in the TUI. |42| `disable_paste_burst` | `boolean` | Disable burst-paste detection in the TUI. |

25| `experimental_compact_prompt_file` | `string (path)` | Load the compaction prompt override from a file (experimental). |43| `experimental_compact_prompt_file` | `string (path)` | Load the compaction prompt override from a file (experimental). |

26| `experimental_use_freeform_apply_patch` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform` or `codex --enable apply_patch_freeform`. |

27| `experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`. |44| `experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`. |

28| `features.apply_patch_freeform` | `boolean` | Expose the freeform `apply_patch` tool (experimental). |

29| `features.apps` | `boolean` | Enable ChatGPT Apps/connectors support (experimental). |45| `features.apps` | `boolean` | Enable ChatGPT Apps/connectors support (experimental). |

30| `features.apps_mcp_gateway` | `boolean` | Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental). |46| `features.apps_mcp_gateway` | `boolean` | Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental). |

47| `features.artifact` | `boolean` | Enable native artifact tools such as slides and spreadsheets (under development). |

31| `features.child_agents_md` | `boolean` | Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental). |48| `features.child_agents_md` | `boolean` | Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental). |

32| `features.collaboration_modes` | `boolean` | Enable collaboration modes such as plan mode (stable; on by default). |49| `features.collaboration_modes` | `boolean` | Legacy toggle for collaboration modes. Plan and default modes are available in current builds without setting this key. |

33| `features.elevated_windows_sandbox` | `boolean` | Enable the elevated Windows sandbox pipeline (experimental). |50| `features.default_mode_request_user_input` | `boolean` | Allow `request_user_input` in default collaboration mode (under development; off by default). |

34| `features.experimental_windows_sandbox` | `boolean` | Run the Windows restricted-token sandbox (experimental). |51| `features.elevated_windows_sandbox` | `boolean` | Legacy toggle for an earlier elevated Windows sandbox rollout. Current builds do not use it. |

35| `features.multi_agent` | `boolean` | Enable multi-agent collaboration tools (`spawn\_agent`, `send\_input`, `resume\_agent`, `wait`, and `close\_agent`) (experimental; off by default). |52| `features.enable_request_compression` | `boolean` | Compress streaming request bodies with zstd when supported (stable; on by default). |

53| `features.experimental_windows_sandbox` | `boolean` | Legacy toggle for an earlier Windows sandbox rollout. Current builds do not use it. |

54| `features.fast_mode` | `boolean` | Enable Fast mode selection and the `service_tier = "fast"` path (stable; on by default). |

55| `features.image_detail_original` | `boolean` | Allow image outputs with `detail = "original"` on supported models (under development). |

56| `features.image_generation` | `boolean` | Enable the built-in image generation tool (under development). |

57| `features.multi_agent` | `boolean` | Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait`, `close_agent`, and `spawn_agents_on_csv`) (experimental; off by default). |

36| `features.personality` | `boolean` | Enable personality selection controls (stable; on by default). |58| `features.personality` | `boolean` | Enable personality selection controls (stable; on by default). |

37| `features.powershell_utf8` | `boolean` | Force PowerShell UTF-8 output (defaults to true). |59| `features.powershell_utf8` | `boolean` | Force PowerShell UTF-8 output. Enabled by default on Windows and off elsewhere. |

38| `features.remote_models` | `boolean` | Refresh remote model list before showing readiness (experimental). |60| `features.prevent_idle_sleep` | `boolean` | Prevent the machine from sleeping while a turn is actively running (experimental; off by default). |

39| `features.request_rule` | `boolean` | Enable Smart approvals (`prefix_rule` suggestions on escalation requests; stable; on by default). |61| `features.remote_models` | `boolean` | Legacy toggle for an older remote-model readiness flow. Current builds do not use it. |

62| `features.request_rule` | `boolean` | Legacy toggle for Smart approvals. Current builds include this behavior by default, so most users can leave this unset. |

63| `features.responses_websockets` | `boolean` | Prefer the Responses API WebSocket transport for supported providers (under development). |

64| `features.responses_websockets_v2` | `boolean` | Enable Responses API WebSocket v2 mode (under development). |

40| `features.runtime_metrics` | `boolean` | Show runtime metrics summary in TUI turn separators (experimental). |65| `features.runtime_metrics` | `boolean` | Show runtime metrics summary in TUI turn separators (experimental). |

41| `features.search_tool` | `boolean` | Enable `search_tool_bm25` for Apps tool discovery before invoking app MCP tools (experimental). |66| `features.search_tool` | `boolean` | Legacy toggle for an older Apps discovery flow. Current builds do not use it. |

42| `features.shell_snapshot` | `boolean` | Snapshot shell environment to speed up repeated commands (beta). |67| `features.shell_snapshot` | `boolean` | Snapshot shell environment to speed up repeated commands (stable; on by default). |

43| `features.shell_tool` | `boolean` | Enable the default `shell` tool for running commands (stable; on by default). |68| `features.shell_tool` | `boolean` | Enable the default `shell` tool for running commands (stable; on by default). |

44| `features.unified_exec` | `boolean` | Use the unified PTY-backed exec tool (beta). |69| `features.skill_env_var_dependency_prompt` | `boolean` | Prompt for missing skill environment-variable dependencies (under development). |

70| `features.skill_mcp_dependency_install` | `boolean` | Allow prompting and installing missing MCP dependencies for skills (stable; on by default). |

71| `features.sqlite` | `boolean` | Enable SQLite-backed state persistence (stable; on by default). |

72| `features.steer` | `boolean` | Legacy toggle from an earlier Enter/Tab steering rollout. Current builds always use the current steering behavior. |

73| `features.undo` | `boolean` | Enable undo support (stable; off by default). |

74| `features.unified_exec` | `boolean` | Use the unified PTY-backed exec tool (stable; enabled by default except on Windows). |

45| `features.use_linux_sandbox_bwrap` | `boolean` | Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default). |75| `features.use_linux_sandbox_bwrap` | `boolean` | Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default). |

46| `features.web_search` | `boolean` | Deprecated legacy toggle; prefer the top-level `web_search` setting. |76| `features.web_search` | `boolean` | Deprecated legacy toggle; prefer the top-level `web_search` setting. |

47| `features.web_search_cached` | `boolean` | Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`. |77| `features.web_search_cached` | `boolean` | Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`. |

53| `hide_agent_reasoning` | `boolean` | Suppress reasoning events in both the TUI and `codex exec` output. |83| `hide_agent_reasoning` | `boolean` | Suppress reasoning events in both the TUI and `codex exec` output. |

54| `history.max_bytes` | `number` | If set, caps the history file size in bytes by dropping oldest entries. |84| `history.max_bytes` | `number` | If set, caps the history file size in bytes by dropping oldest entries. |

55| `history.persistence` | `save-all | none` | Control whether Codex saves session transcripts to history.jsonl. |85| `history.persistence` | `save-all | none` | Control whether Codex saves session transcripts to history.jsonl. |

56| `include_apply_patch_tool` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |

57| `instructions` | `string` | Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`. |86| `instructions` | `string` | Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`. |

58| `log_dir` | `string (path)` | Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`. |87| `log_dir` | `string (path)` | Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`. |

59| `mcp_oauth_callback_port` | `integer` | Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS. |88| `mcp_oauth_callback_port` | `integer` | Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS. |

89| `mcp_oauth_callback_url` | `string` | Optional redirect URI override for MCP OAuth login (for example, a devbox ingress URL). `mcp_oauth_callback_port` still controls the callback listener port. |

60| `mcp_oauth_credentials_store` | `auto | file | keyring` | Preferred store for MCP OAuth credentials. |90| `mcp_oauth_credentials_store` | `auto | file | keyring` | Preferred store for MCP OAuth credentials. |

61| `mcp_servers.<id>.args` | `array<string>` | Arguments passed to the MCP stdio server command. |91| `mcp_servers.<id>.args` | `array<string>` | Arguments passed to the MCP stdio server command. |

62| `mcp_servers.<id>.bearer_token_env_var` | `string` | Environment variable sourcing the bearer token for an MCP HTTP server. |92| `mcp_servers.<id>.bearer_token_env_var` | `string` | Environment variable sourcing the bearer token for an MCP HTTP server. |

69| `mcp_servers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables for an MCP HTTP server. |99| `mcp_servers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables for an MCP HTTP server. |

70| `mcp_servers.<id>.env_vars` | `array<string>` | Additional environment variables to whitelist for an MCP stdio server. |100| `mcp_servers.<id>.env_vars` | `array<string>` | Additional environment variables to whitelist for an MCP stdio server. |

71| `mcp_servers.<id>.http_headers` | `map<string,string>` | Static HTTP headers included with each MCP HTTP request. |101| `mcp_servers.<id>.http_headers` | `map<string,string>` | Static HTTP headers included with each MCP HTTP request. |

102| `mcp_servers.<id>.oauth_resource` | `string` | Optional RFC 8707 OAuth resource parameter to include during MCP login. |

72| `mcp_servers.<id>.required` | `boolean` | When true, fail startup/resume if this enabled MCP server cannot initialize. |103| `mcp_servers.<id>.required` | `boolean` | When true, fail startup/resume if this enabled MCP server cannot initialize. |

104| `mcp_servers.<id>.scopes` | `array<string>` | OAuth scopes to request when authenticating to that MCP server. |

73| `mcp_servers.<id>.startup_timeout_ms` | `number` | Alias for `startup_timeout_sec` in milliseconds. |105| `mcp_servers.<id>.startup_timeout_ms` | `number` | Alias for `startup_timeout_sec` in milliseconds. |

74| `mcp_servers.<id>.startup_timeout_sec` | `number` | Override the default 10s startup timeout for an MCP server. |106| `mcp_servers.<id>.startup_timeout_sec` | `number` | Override the default 10s startup timeout for an MCP server. |

75| `mcp_servers.<id>.tool_timeout_sec` | `number` | Override the default 60s per-tool timeout for an MCP server. |107| `mcp_servers.<id>.tool_timeout_sec` | `number` | Override the default 60s per-tool timeout for an MCP server. |

76| `mcp_servers.<id>.url` | `string` | Endpoint for an MCP streamable HTTP server. |108| `mcp_servers.<id>.url` | `string` | Endpoint for an MCP streamable HTTP server. |

77| `model` | `string` | Model to use (e.g., `gpt-5-codex`). |109| `model` | `string` | Model to use (e.g., `gpt-5-codex`). |

78| `model_auto_compact_token_limit` | `number` | Token threshold that triggers automatic history compaction (unset uses model defaults). |110| `model_auto_compact_token_limit` | `number` | Token threshold that triggers automatic history compaction (unset uses model defaults). |

111| `model_catalog_json` | `string (path)` | Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile. |

79| `model_context_window` | `number` | Context window tokens available to the active model. |112| `model_context_window` | `number` | Context window tokens available to the active model. |

80| `model_instructions_file` | `string (path)` | Replacement for built-in instructions instead of `AGENTS.md`. |113| `model_instructions_file` | `string (path)` | Replacement for built-in instructions instead of `AGENTS.md`. |

81| `model_provider` | `string` | Provider id from `model_providers` (default: `openai`). |114| `model_provider` | `string` | Provider id from `model_providers` (default: `openai`). |

91| `model_providers.<id>.requires_openai_auth` | `boolean` | The provider uses OpenAI authentication (defaults to false). |124| `model_providers.<id>.requires_openai_auth` | `boolean` | The provider uses OpenAI authentication (defaults to false). |

92| `model_providers.<id>.stream_idle_timeout_ms` | `number` | Idle timeout for SSE streams in milliseconds (default: 300000). |125| `model_providers.<id>.stream_idle_timeout_ms` | `number` | Idle timeout for SSE streams in milliseconds (default: 300000). |

93| `model_providers.<id>.stream_max_retries` | `number` | Retry count for SSE streaming interruptions (default: 5). |126| `model_providers.<id>.stream_max_retries` | `number` | Retry count for SSE streaming interruptions (default: 5). |

94| `model_providers.<id>.wire_api` | `chat | responses` | Protocol used by the provider (defaults to `chat` if omitted). |127| `model_providers.<id>.supports_websockets` | `boolean` | Whether that provider supports the Responses API WebSocket transport. |

128| `model_providers.<id>.wire_api` | `responses` | Protocol used by the provider. `responses` is the only supported value, and it is the default when omitted. |

95| `model_reasoning_effort` | `minimal | low | medium | high | xhigh` | Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent). |129| `model_reasoning_effort` | `minimal | low | medium | high | xhigh` | Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent). |

96| `model_reasoning_summary` | `auto | concise | detailed | none` | Select reasoning summary detail or disable summaries entirely. |130| `model_reasoning_summary` | `auto | concise | detailed | none` | Select reasoning summary detail or disable summaries entirely. |

97| `model_supports_reasoning_summaries` | `boolean` | Force Codex to send or not send reasoning metadata. |131| `model_supports_reasoning_summaries` | `boolean` | Force Codex to send or not send reasoning metadata. |

98| `model_verbosity` | `low | medium | high` | Control GPT-5 Responses API verbosity (defaults to `medium`). |132| `model_verbosity` | `low | medium | high` | Optional GPT-5 Responses API verbosity override; when unset, the selected model/preset default is used. |

99| `notice.hide_full_access_warning` | `boolean` | Track acknowledgement of the full access warning prompt. |133| `notice.hide_full_access_warning` | `boolean` | Track acknowledgement of the full access warning prompt. |

100| `notice.hide_gpt-5.1-codex-max_migration_prompt` | `boolean` | Track acknowledgement of the gpt-5.1-codex-max migration prompt. |134| `notice.hide_gpt-5.1-codex-max_migration_prompt` | `boolean` | Track acknowledgement of the gpt-5.1-codex-max migration prompt. |

101| `notice.hide_gpt5_1_migration_prompt` | `boolean` | Track acknowledgement of the GPT-5.1 migration prompt. |135| `notice.hide_gpt5_1_migration_prompt` | `boolean` | Track acknowledgement of the GPT-5.1 migration prompt. |

113| `otel.exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL exporter TLS. |147| `otel.exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL exporter TLS. |

114| `otel.exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL exporter TLS. |148| `otel.exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL exporter TLS. |

115| `otel.log_user_prompt` | `boolean` | Opt in to exporting raw user prompts with OpenTelemetry logs. |149| `otel.log_user_prompt` | `boolean` | Opt in to exporting raw user prompts with OpenTelemetry logs. |

150| `otel.metrics_exporter` | `none | statsig | otlp-http | otlp-grpc` | Select the OpenTelemetry metrics exporter (defaults to `statsig`). |

116| `otel.trace_exporter` | `none | otlp-http | otlp-grpc` | Select the OpenTelemetry trace exporter and provide any endpoint metadata. |151| `otel.trace_exporter` | `none | otlp-http | otlp-grpc` | Select the OpenTelemetry trace exporter and provide any endpoint metadata. |

117| `otel.trace_exporter.<id>.endpoint` | `string` | Trace exporter endpoint for OTEL logs. |152| `otel.trace_exporter.<id>.endpoint` | `string` | Trace exporter endpoint for OTEL logs. |

118| `otel.trace_exporter.<id>.headers` | `map<string,string>` | Static headers included with OTEL trace exporter requests. |153| `otel.trace_exporter.<id>.headers` | `map<string,string>` | Static headers included with OTEL trace exporter requests. |

120| `otel.trace_exporter.<id>.tls.ca-certificate` | `string` | CA certificate path for OTEL trace exporter TLS. |155| `otel.trace_exporter.<id>.tls.ca-certificate` | `string` | CA certificate path for OTEL trace exporter TLS. |

121| `otel.trace_exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL trace exporter TLS. |156| `otel.trace_exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL trace exporter TLS. |

122| `otel.trace_exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL trace exporter TLS. |157| `otel.trace_exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL trace exporter TLS. |

158| `permissions.network.admin_url` | `string` | Admin endpoint for the managed network proxy. |

159| `permissions.network.allow_local_binding` | `boolean` | Permit local bind/listen operations through the managed proxy. |

160| `permissions.network.allow_unix_sockets` | `array<string>` | Allowlist of Unix socket paths permitted through the managed proxy. |

161| `permissions.network.allow_upstream_proxy` | `boolean` | Allow the managed proxy to chain to another upstream proxy. |

162| `permissions.network.allowed_domains` | `array<string>` | Allowlist of domains permitted through the managed proxy. |

163| `permissions.network.dangerously_allow_all_unix_sockets` | `boolean` | Allow the proxy to use arbitrary Unix sockets instead of the default restricted set. |

164| `permissions.network.dangerously_allow_non_loopback_admin` | `boolean` | Permit non-loopback bind addresses for the managed proxy admin listener. |

165| `permissions.network.dangerously_allow_non_loopback_proxy` | `boolean` | Permit non-loopback bind addresses for the managed proxy listener. |

166| `permissions.network.denied_domains` | `array<string>` | Denylist of domains blocked by the managed proxy. |

167| `permissions.network.enable_socks5` | `boolean` | Expose a SOCKS5 listener from the managed network proxy. |

168| `permissions.network.enable_socks5_udp` | `boolean` | Allow UDP over the SOCKS5 listener when enabled. |

169| `permissions.network.enabled` | `boolean` | Enable the managed network proxy configuration for subprocesses. |

170| `permissions.network.mode` | `limited | full` | Network proxy mode used for subprocess traffic. |

171| `permissions.network.proxy_url` | `string` | HTTP proxy endpoint used by the managed network proxy. |

172| `permissions.network.socks_url` | `string` | SOCKS5 proxy endpoint used by the managed network proxy. |

123| `personality` | `none | friendly | pragmatic` | Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`. |173| `personality` | `none | friendly | pragmatic` | Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`. |

174| `plan_mode_reasoning_effort` | `none | minimal | low | medium | high | xhigh` | Plan-mode-specific reasoning override. When unset, Plan mode uses its built-in preset default. |

124| `profile` | `string` | Default profile applied at startup (equivalent to `--profile`). |175| `profile` | `string` | Default profile applied at startup (equivalent to `--profile`). |

125| `profiles.<name>.*` | `various` | Profile-scoped overrides for any of the supported configuration keys. |176| `profiles.<name>.*` | `various` | Profile-scoped overrides for any of the supported configuration keys. |

126| `profiles.<name>.experimental_use_freeform_apply_patch` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |177| `profiles.<name>.analytics.enabled` | `boolean` | Profile-scoped analytics enablement override. |

127| `profiles.<name>.experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec`. |178| `profiles.<name>.experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec`. |

128| `profiles.<name>.include_apply_patch_tool` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |179| `profiles.<name>.model_catalog_json` | `string (path)` | Profile-scoped model catalog JSON path override (applied on startup only; overrides the top-level `model_catalog_json` for that profile). |

180| `profiles.<name>.model_instructions_file` | `string (path)` | Profile-scoped replacement for the built-in instruction file. |

129| `profiles.<name>.oss_provider` | `lmstudio | ollama` | Profile-scoped OSS provider for `--oss` sessions. |181| `profiles.<name>.oss_provider` | `lmstudio | ollama` | Profile-scoped OSS provider for `--oss` sessions. |

130| `profiles.<name>.personality` | `none | friendly | pragmatic` | Profile-scoped communication style override for supported models. |182| `profiles.<name>.personality` | `none | friendly | pragmatic` | Profile-scoped communication style override for supported models. |

183| `profiles.<name>.plan_mode_reasoning_effort` | `none | minimal | low | medium | high | xhigh` | Profile-scoped Plan-mode reasoning override. |

184| `profiles.<name>.service_tier` | `flex | fast` | Profile-scoped service tier preference for new turns. |

185| `profiles.<name>.tools_view_image` | `boolean` | Enable or disable the `view_image` tool in that profile. |

131| `profiles.<name>.web_search` | `disabled | cached | live` | Profile-scoped web search mode override (default: `"cached"`). |186| `profiles.<name>.web_search` | `disabled | cached | live` | Profile-scoped web search mode override (default: `"cached"`). |

187| `profiles.<name>.windows.sandbox` | `unelevated | elevated` | Profile-scoped Windows sandbox mode override. |

132| `project_doc_fallback_filenames` | `array<string>` | Additional filenames to try when `AGENTS.md` is missing. |188| `project_doc_fallback_filenames` | `array<string>` | Additional filenames to try when `AGENTS.md` is missing. |

133| `project_doc_max_bytes` | `number` | Maximum bytes read from `AGENTS.md` when building project instructions. |189| `project_doc_max_bytes` | `number` | Maximum bytes read from `AGENTS.md` when building project instructions. |

134| `project_root_markers` | `array<string>` | List of project root marker filenames; used when searching parent directories for the project root. |190| `project_root_markers` | `array<string>` | List of project root marker filenames; used when searching parent directories for the project root. |

139| `sandbox_workspace_write.exclude_tmpdir_env_var` | `boolean` | Exclude `$TMPDIR` from writable roots in workspace-write mode. |195| `sandbox_workspace_write.exclude_tmpdir_env_var` | `boolean` | Exclude `$TMPDIR` from writable roots in workspace-write mode. |

140| `sandbox_workspace_write.network_access` | `boolean` | Allow outbound network access inside the workspace-write sandbox. |196| `sandbox_workspace_write.network_access` | `boolean` | Allow outbound network access inside the workspace-write sandbox. |

141| `sandbox_workspace_write.writable_roots` | `array<string>` | Additional writable roots when `sandbox_mode = "workspace-write"`. |197| `sandbox_workspace_write.writable_roots` | `array<string>` | Additional writable roots when `sandbox_mode = "workspace-write"`. |

198| `service_tier` | `flex | fast` | Preferred service tier for new turns. `fast` is honored only when the `features.fast_mode` gate is enabled. |

142| `shell_environment_policy.exclude` | `array<string>` | Glob patterns for removing environment variables after the defaults. |199| `shell_environment_policy.exclude` | `array<string>` | Glob patterns for removing environment variables after the defaults. |

143| `shell_environment_policy.experimental_use_profile` | `boolean` | Use the user shell profile when spawning subprocesses. |200| `shell_environment_policy.experimental_use_profile` | `boolean` | Use the user shell profile when spawning subprocesses. |

144| `shell_environment_policy.ignore_default_excludes` | `boolean` | Keep variables containing KEY/SECRET/TOKEN before other filters run. |201| `shell_environment_policy.ignore_default_excludes` | `boolean` | Keep variables containing KEY/SECRET/TOKEN before other filters run. |

149| `skills.config` | `array<object>` | Per-skill enablement overrides stored in config.toml. |206| `skills.config` | `array<object>` | Per-skill enablement overrides stored in config.toml. |

150| `skills.config.<index>.enabled` | `boolean` | Enable or disable the referenced skill. |207| `skills.config.<index>.enabled` | `boolean` | Enable or disable the referenced skill. |

151| `skills.config.<index>.path` | `string (path)` | Path to a skill folder containing `SKILL.md`. |208| `skills.config.<index>.path` | `string (path)` | Path to a skill folder containing `SKILL.md`. |

209| `sqlite_home` | `string (path)` | Directory where Codex stores the SQLite-backed state DB used by agent jobs and other resumable runtime state. |

152| `suppress_unstable_features_warning` | `boolean` | Suppress the warning that appears when under-development feature flags are enabled. |210| `suppress_unstable_features_warning` | `boolean` | Suppress the warning that appears when under-development feature flags are enabled. |

153| `tool_output_token_limit` | `number` | Token budget for storing individual tool/function outputs in history. |211| `tool_output_token_limit` | `number` | Token budget for storing individual tool/function outputs in history. |

212| `tools.view_image` | `boolean` | Enable the local-image attachment tool `view_image`. |

154| `tools.web_search` | `boolean` | Deprecated legacy toggle for web search; prefer the top-level `web_search` setting. |213| `tools.web_search` | `boolean` | Deprecated legacy toggle for web search; prefer the top-level `web_search` setting. |

155| `tui` | `table` | TUI-specific options such as enabling inline desktop notifications. |214| `tui` | `table` | TUI-specific options such as enabling inline desktop notifications. |

156| `tui.alternate_screen` | `auto | always | never` | Control alternate screen usage for the TUI (default: auto; auto skips it in Zellij to preserve scrollback). |215| `tui.alternate_screen` | `auto | always | never` | Control alternate screen usage for the TUI (default: auto; auto skips it in Zellij to preserve scrollback). |

157| `tui.animations` | `boolean` | Enable terminal animations (welcome screen, shimmer, spinner) (default: true). |216| `tui.animations` | `boolean` | Enable terminal animations (welcome screen, shimmer, spinner) (default: true). |

217| `tui.model_availability_nux.<model>` | `integer` | Internal startup-tooltip state keyed by model slug. |

158| `tui.notification_method` | `auto | osc9 | bel` | Notification method for unfocused terminal notifications (default: auto). |218| `tui.notification_method` | `auto | osc9 | bel` | Notification method for unfocused terminal notifications (default: auto). |

159| `tui.notifications` | `boolean | array<string>` | Enable TUI notifications; optionally restrict to specific event types. |219| `tui.notifications` | `boolean | array<string>` | Enable TUI notifications; optionally restrict to specific event types. |

160| `tui.show_tooltips` | `boolean` | Show onboarding tooltips in the TUI welcome screen (default: true). |220| `tui.show_tooltips` | `boolean` | Show onboarding tooltips in the TUI welcome screen (default: true). |

161| `tui.status_line` | `array<string> | null` | Ordered list of TUI footer status-line item identifiers. `null` disables the status line. |221| `tui.status_line` | `array<string> | null` | Ordered list of TUI footer status-line item identifiers. `null` disables the status line. |

222| `tui.theme` | `string` | Syntax-highlighting theme override (kebab-case theme name). |

162| `web_search` | `disabled | cached | live` | Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool. |223| `web_search` | `disabled | cached | live` | Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool. |

163| `windows_wsl_setup_acknowledged` | `boolean` | Track Windows onboarding acknowledgement (Windows only). |224| `windows_wsl_setup_acknowledged` | `boolean` | Track Windows onboarding acknowledgement (Windows only). |

225| `windows.sandbox` | `unelevated | elevated` | Windows-only native sandbox mode when running Codex natively on Windows. |

164 226 

165Key227Key

166 228 

188 250 

189Key251Key

190 252 

191`agents.max_threads`253`agents.<name>.nickname_candidates`

192 254 

193Type / Values255Type / Values

194 256 

195`number`257`array<string>`

196 258 

197Details259Details

198 260 

199Maximum number of agent threads that can be open concurrently.261Optional pool of display nicknames for spawned agents in that role.

200 262 

201Key263Key

202 264 

203`approval_policy`265`agents.job_max_runtime_seconds`

204 266 

205Type / Values267Type / Values

206 268 

207`untrusted | on-request | never`269`number`

208 270 

209Details271Details

210 272 

211Controls when Codex pauses for approval before executing commands. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs.273Default per-worker timeout for `spawn_agents_on_csv` jobs. When unset, the tool falls back to 1800 seconds per worker.

212 274 

213Key275Key

214 276 

215`apps.<id>.disabled_reason`277`agents.max_depth`

216 278 

217Type / Values279Type / Values

218 280 

219`unknown | user`281`number`

220 282 

221Details283Details

222 284 

223Optional reason attached when an app/connector is disabled.285Maximum nesting depth allowed for spawned agent threads (root sessions start at depth 0; default: 1).

224 286 

225Key287Key

226 288 

227`apps.<id>.enabled`289`agents.max_threads`

228 290 

229Type / Values291Type / Values

230 292 

231`boolean`293`number`

232 294 

233Details295Details

234 296 

235Enable or disable a specific app/connector by id (default: true).297Maximum number of agent threads that can be open concurrently. Defaults to `6` when unset.

236 298 

237Key299Key

238 300 

239`chatgpt_base_url`301`allow_login_shell`

240 302 

241Type / Values303Type / Values

242 304 

243`string`305`boolean`

244 306 

245Details307Details

246 308 

247Override the base URL used during the ChatGPT login flow.309Allow shell-based tools to use login-shell semantics. Defaults to `true`; when `false`, `login = true` requests are rejected and omitted `login` defaults to non-login shells.

248 310 

249Key311Key

250 312 

251`check_for_update_on_startup`313`analytics.enabled`

252 314 

253Type / Values315Type / Values

254 316 

256 318 

257Details319Details

258 320 

259Check for Codex updates on startup (set to false only when updates are centrally managed).321Enable or disable analytics for this machine/profile. When unset, the client default applies.

260 322 

261Key323Key

262 324 

263`cli_auth_credentials_store`325`approval_policy`

264 326 

265Type / Values327Type / Values

266 328 

267`file | keyring | auto`329`untrusted | on-request | never | { reject = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool } }`

268 330 

269Details331Details

270 332 

271Control where the CLI stores cached credentials (file-based auth.json vs OS keychain).333Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { reject = { ... } }` to auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs.

272 334 

273Key335Key

274 336 

275`compact_prompt`337`approval_policy.reject.mcp_elicitations`

276 338 

277Type / Values339Type / Values

278 340 

279`string`341`boolean`

280 342 

281Details343Details

282 344 

283Inline override for the history compaction prompt.345When `true`, MCP elicitation prompts are auto-rejected instead of shown to the user.

284 346 

285Key347Key

286 348 

287`developer_instructions`349`approval_policy.reject.rules`

288 350 

289Type / Values351Type / Values

290 352 

291`string`353`boolean`

292 354 

293Details355Details

294 356 

295Additional developer instructions injected into the session (optional).357When `true`, approvals triggered by execpolicy `prompt` rules are auto-rejected.

296 358 

297Key359Key

298 360 

299`disable_paste_burst`361`approval_policy.reject.sandbox_approval`

300 362 

301Type / Values363Type / Values

302 364 

304 366 

305Details367Details

306 368 

307Disable burst-paste detection in the TUI.369When `true`, sandbox escalation approval prompts are auto-rejected.

308 370 

309Key371Key

310 372 

311`experimental_compact_prompt_file`373`apps._default.destructive_enabled`

312 374 

313Type / Values375Type / Values

314 376 

315`string (path)`377`boolean`

316 378 

317Details379Details

318 380 

319Load the compaction prompt override from a file (experimental).381Default allow/deny for app tools with `destructive_hint = true`.

320 382 

321Key383Key

322 384 

323`experimental_use_freeform_apply_patch`385`apps._default.enabled`

324 386 

325Type / Values387Type / Values

326 388 

328 390 

329Details391Details

330 392 

331Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform` or `codex --enable apply_patch_freeform`.393Default app enabled state for all apps unless overridden per app.

332 394 

333Key395Key

334 396 

335`experimental_use_unified_exec_tool`397`apps._default.open_world_enabled`

336 398 

337Type / Values399Type / Values

338 400 

340 402 

341Details403Details

342 404 

343Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`.405Default allow/deny for app tools with `open_world_hint = true`.

344 406 

345Key407Key

346 408 

347`features.apply_patch_freeform`409`apps.<id>.default_tools_approval_mode`

348 410 

349Type / Values411Type / Values

350 412 

351`boolean`413`auto | prompt | approve`

352 414 

353Details415Details

354 416 

355Expose the freeform `apply_patch` tool (experimental).417Default approval behavior for tools in this app unless a per-tool override exists.

356 418 

357Key419Key

358 420 

359`features.apps`421`apps.<id>.default_tools_enabled`

360 422 

361Type / Values423Type / Values

362 424 

364 426 

365Details427Details

366 428 

367Enable ChatGPT Apps/connectors support (experimental).429Default enabled state for tools in this app unless a per-tool override exists.

368 430 

369Key431Key

370 432 

371`features.apps_mcp_gateway`433`apps.<id>.destructive_enabled`

372 434 

373Type / Values435Type / Values

374 436 

376 438 

377Details439Details

378 440 

379Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental).441Allow or block tools in this app that advertise `destructive_hint = true`.

380 442 

381Key443Key

382 444 

383`features.child_agents_md`445`apps.<id>.enabled`

384 446 

385Type / Values447Type / Values

386 448 

388 450 

389Details451Details

390 452 

391Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental).453Enable or disable a specific app/connector by id (default: true).

392 454 

393Key455Key

394 456 

395`features.collaboration_modes`457`apps.<id>.open_world_enabled`

396 458 

397Type / Values459Type / Values

398 460 

400 462 

401Details463Details

402 464 

403Enable collaboration modes such as plan mode (stable; on by default).465Allow or block tools in this app that advertise `open_world_hint = true`.

404 466 

405Key467Key

406 468 

407`features.elevated_windows_sandbox`469`apps.<id>.tools.<tool>.approval_mode`

408 470 

409Type / Values471Type / Values

410 472 

411`boolean`473`auto | prompt | approve`

412 474 

413Details475Details

414 476 

415Enable the elevated Windows sandbox pipeline (experimental).477Per-tool approval behavior override for a single app tool.

416 478 

417Key479Key

418 480 

419`features.experimental_windows_sandbox`481`apps.<id>.tools.<tool>.enabled`

420 482 

421Type / Values483Type / Values

422 484 

424 486 

425Details487Details

426 488 

427Run the Windows restricted-token sandbox (experimental).489Per-tool enabled override for an app tool (for example `repos/list`).

428 490 

429Key491Key

430 492 

431`features.multi_agent`493`background_terminal_max_timeout`

432 494 

433Type / Values495Type / Values

434 496 

435`boolean`497`number`

436 498 

437Details499Details

438 500 

439Enable multi-agent collaboration tools (`spawn\_agent`, `send\_input`, `resume\_agent`, `wait`, and `close\_agent`) (experimental; off by default).501Maximum poll window in milliseconds for empty `write_stdin` polls (background terminal polling). Default: `300000` (5 minutes). Replaces the older `background_terminal_timeout` key.

440 502 

441Key503Key

442 504 

443`features.personality`505`chatgpt_base_url`

444 506 

445Type / Values507Type / Values

446 508 

447`boolean`509`string`

448 510 

449Details511Details

450 512 

451Enable personality selection controls (stable; on by default).513Override the base URL used during the ChatGPT login flow.

452 514 

453Key515Key

454 516 

455`features.powershell_utf8`517`check_for_update_on_startup`

456 518 

457Type / Values519Type / Values

458 520 

460 522 

461Details523Details

462 524 

463Force PowerShell UTF-8 output (defaults to true).525Check for Codex updates on startup (set to false only when updates are centrally managed).

464 526 

465Key527Key

466 528 

467`features.remote_models`529`cli_auth_credentials_store`

468 530 

469Type / Values531Type / Values

470 532 

471`boolean`533`file | keyring | auto`

472 534 

473Details535Details

474 536 

475Refresh remote model list before showing readiness (experimental).537Control where the CLI stores cached credentials (file-based auth.json vs OS keychain).

476 538 

477Key539Key

478 540 

479`features.request_rule`541`commit_attribution`

480 542 

481Type / Values543Type / Values

482 544 

483`boolean`545`string`

484 546 

485Details547Details

486 548 

487Enable Smart approvals (`prefix_rule` suggestions on escalation requests; stable; on by default).549Override the commit co-author trailer text. Set an empty string to disable automatic attribution.

488 550 

489Key551Key

490 552 

491`features.runtime_metrics`553`compact_prompt`

492 554 

493Type / Values555Type / Values

494 556 

495`boolean`557`string`

496 558 

497Details559Details

498 560 

499Show runtime metrics summary in TUI turn separators (experimental).561Inline override for the history compaction prompt.

500 562 

501Key563Key

502 564 

503`features.search_tool`565`developer_instructions`

504 566 

505Type / Values567Type / Values

506 568 

507`boolean`569`string`

508 570 

509Details571Details

510 572 

511Enable `search_tool_bm25` for Apps tool discovery before invoking app MCP tools (experimental).573Additional developer instructions injected into the session (optional).

512 574 

513Key575Key

514 576 

515`features.shell_snapshot`577`disable_paste_burst`

516 578 

517Type / Values579Type / Values

518 580 

520 582 

521Details583Details

522 584 

523Snapshot shell environment to speed up repeated commands (beta).585Disable burst-paste detection in the TUI.

524 586 

525Key587Key

526 588 

527`features.shell_tool`589`experimental_compact_prompt_file`

528 590 

529Type / Values591Type / Values

530 592 

531`boolean`593`string (path)`

532 594 

533Details595Details

534 596 

535Enable the default `shell` tool for running commands (stable; on by default).597Load the compaction prompt override from a file (experimental).

536 598 

537Key599Key

538 600 

539`features.unified_exec`601`experimental_use_unified_exec_tool`

540 602 

541Type / Values603Type / Values

542 604 

544 606 

545Details607Details

546 608 

547Use the unified PTY-backed exec tool (beta).609Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`.

548 610 

549Key611Key

550 612 

551`features.use_linux_sandbox_bwrap`613`features.apps`

552 614 

553Type / Values615Type / Values

554 616 

556 618 

557Details619Details

558 620 

559Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default).621Enable ChatGPT Apps/connectors support (experimental).

560 622 

561Key623Key

562 624 

563`features.web_search`625`features.apps_mcp_gateway`

564 626 

565Type / Values627Type / Values

566 628 

568 630 

569Details631Details

570 632 

571Deprecated legacy toggle; prefer the top-level `web_search` setting.633Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental).

572 634 

573Key635Key

574 636 

575`features.web_search_cached`637`features.artifact`

576 638 

577Type / Values639Type / Values

578 640 

580 642 

581Details643Details

582 644 

583Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`.645Enable native artifact tools such as slides and spreadsheets (under development).

584 646 

585Key647Key

586 648 

587`features.web_search_request`649`features.child_agents_md`

588 650 

589Type / Values651Type / Values

590 652 

592 654 

593Details655Details

594 656 

595Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "live"`.657Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental).

596 658 

597Key659Key

598 660 

599`feedback.enabled`661`features.collaboration_modes`

600 662 

601Type / Values663Type / Values

602 664 

604 666 

605Details667Details

606 668 

607Enable feedback submission via `/feedback` across Codex surfaces (default: true).669Legacy toggle for collaboration modes. Plan and default modes are available in current builds without setting this key.

608 670 

609Key671Key

610 672 

611`file_opener`673`features.default_mode_request_user_input`

612 674 

613Type / Values675Type / Values

614 676 

615`vscode | vscode-insiders | windsurf | cursor | none`677`boolean`

616 678 

617Details679Details

618 680 

619URI scheme used to open citations from Codex output (default: `vscode`).681Allow `request_user_input` in default collaboration mode (under development; off by default).

620 682 

621Key683Key

622 684 

623`forced_chatgpt_workspace_id`685`features.elevated_windows_sandbox`

624 686 

625Type / Values687Type / Values

626 688 

627`string (uuid)`689`boolean`

628 690 

629Details691Details

630 692 

631Limit ChatGPT logins to a specific workspace identifier.693Legacy toggle for an earlier elevated Windows sandbox rollout. Current builds do not use it.

632 694 

633Key695Key

634 696 

635`forced_login_method`697`features.enable_request_compression`

636 698 

637Type / Values699Type / Values

638 700 

639`chatgpt | api`701`boolean`

640 702 

641Details703Details

642 704 

643Restrict Codex to a specific authentication method.705Compress streaming request bodies with zstd when supported (stable; on by default).

644 706 

645Key707Key

646 708 

647`hide_agent_reasoning`709`features.experimental_windows_sandbox`

648 710 

649Type / Values711Type / Values

650 712 

652 714 

653Details715Details

654 716 

655Suppress reasoning events in both the TUI and `codex exec` output.717Legacy toggle for an earlier Windows sandbox rollout. Current builds do not use it.

656 718 

657Key719Key

658 720 

659`history.max_bytes`721`features.fast_mode`

660 722 

661Type / Values723Type / Values

662 724 

663`number`725`boolean`

664 726 

665Details727Details

666 728 

667If set, caps the history file size in bytes by dropping oldest entries.729Enable Fast mode selection and the `service_tier = "fast"` path (stable; on by default).

668 730 

669Key731Key

670 732 

671`history.persistence`733`features.image_detail_original`

672 734 

673Type / Values735Type / Values

674 736 

675`save-all | none`737`boolean`

676 738 

677Details739Details

678 740 

679Control whether Codex saves session transcripts to history.jsonl.741Allow image outputs with `detail = "original"` on supported models (under development).

680 742 

681Key743Key

682 744 

683`include_apply_patch_tool`745`features.image_generation`

684 746 

685Type / Values747Type / Values

686 748 

688 750 

689Details751Details

690 752 

691Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.753Enable the built-in image generation tool (under development).

692 754 

693Key755Key

694 756 

695`instructions`757`features.multi_agent`

696 758 

697Type / Values759Type / Values

698 760 

699`string`761`boolean`

700 762 

701Details763Details

702 764 

703Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`.765Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait`, `close_agent`, and `spawn_agents_on_csv`) (experimental; off by default).

704 766 

705Key767Key

706 768 

707`log_dir`769`features.personality`

708 770 

709Type / Values771Type / Values

710 772 

711`string (path)`773`boolean`

712 774 

713Details775Details

714 776 

715Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`.777Enable personality selection controls (stable; on by default).

716 778 

717Key779Key

718 780 

719`mcp_oauth_callback_port`781`features.powershell_utf8`

720 782 

721Type / Values783Type / Values

722 784 

723`integer`785`boolean`

724 786 

725Details787Details

726 788 

727Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS.789Force PowerShell UTF-8 output. Enabled by default on Windows and off elsewhere.

728 790 

729Key791Key

730 792 

731`mcp_oauth_credentials_store`793`features.prevent_idle_sleep`

732 794 

733Type / Values795Type / Values

734 796 

735`auto | file | keyring`797`boolean`

736 798 

737Details799Details

738 800 

739Preferred store for MCP OAuth credentials.801Prevent the machine from sleeping while a turn is actively running (experimental; off by default).

740 802 

741Key803Key

742 804 

743`mcp_servers.<id>.args`805`features.remote_models`

744 806 

745Type / Values807Type / Values

746 808 

747`array<string>`809`boolean`

748 810 

749Details811Details

750 812 

751Arguments passed to the MCP stdio server command.813Legacy toggle for an older remote-model readiness flow. Current builds do not use it.

752 814 

753Key815Key

754 816 

755`mcp_servers.<id>.bearer_token_env_var`817`features.request_rule`

756 818 

757Type / Values819Type / Values

758 820 

759`string`821`boolean`

760 822 

761Details823Details

762 824 

763Environment variable sourcing the bearer token for an MCP HTTP server.825Legacy toggle for Smart approvals. Current builds include this behavior by default, so most users can leave this unset.

764 826 

765Key827Key

766 828 

767`mcp_servers.<id>.command`829`features.responses_websockets`

768 830 

769Type / Values831Type / Values

770 832 

771`string`833`boolean`

772 834 

773Details835Details

774 836 

775Launcher command for an MCP stdio server.837Prefer the Responses API WebSocket transport for supported providers (under development).

776 838 

777Key839Key

778 840 

779`mcp_servers.<id>.cwd`841`features.responses_websockets_v2`

780 842 

781Type / Values843Type / Values

782 844 

783`string`845`boolean`

784 846 

785Details847Details

786 848 

787Working directory for the MCP stdio server process.849Enable Responses API WebSocket v2 mode (under development).

788 850 

789Key851Key

790 852 

791`mcp_servers.<id>.disabled_tools`853`features.runtime_metrics`

792 854 

793Type / Values855Type / Values

794 856 

795`array<string>`857`boolean`

796 858 

797Details859Details

798 860 

799Deny list applied after `enabled_tools` for the MCP server.861Show runtime metrics summary in TUI turn separators (experimental).

800 862 

801Key863Key

802 864 

803`mcp_servers.<id>.enabled`865`features.search_tool`

804 866 

805Type / Values867Type / Values

806 868 

808 870 

809Details871Details

810 872 

811Disable an MCP server without removing its configuration.873Legacy toggle for an older Apps discovery flow. Current builds do not use it.

812 874 

813Key875Key

814 876 

815`mcp_servers.<id>.enabled_tools`877`features.shell_snapshot`

816 878 

817Type / Values879Type / Values

818 880 

819`array<string>`881`boolean`

820 882 

821Details883Details

822 884 

823Allow list of tool names exposed by the MCP server.885Snapshot shell environment to speed up repeated commands (stable; on by default).

824 886 

825Key887Key

826 888 

827`mcp_servers.<id>.env`889`features.shell_tool`

828 890 

829Type / Values891Type / Values

830 892 

831`map<string,string>`893`boolean`

832 894 

833Details895Details

834 896 

835Environment variables forwarded to the MCP stdio server.897Enable the default `shell` tool for running commands (stable; on by default).

836 898 

837Key899Key

838 900 

839`mcp_servers.<id>.env_http_headers`901`features.skill_env_var_dependency_prompt`

840 902 

841Type / Values903Type / Values

842 904 

843`map<string,string>`905`boolean`

844 906 

845Details907Details

846 908 

847HTTP headers populated from environment variables for an MCP HTTP server.909Prompt for missing skill environment-variable dependencies (under development).

848 910 

849Key911Key

850 912 

851`mcp_servers.<id>.env_vars`913`features.skill_mcp_dependency_install`

852 914 

853Type / Values915Type / Values

854 916 

855`array<string>`917`boolean`

856 918 

857Details919Details

858 920 

859Additional environment variables to whitelist for an MCP stdio server.921Allow prompting and installing missing MCP dependencies for skills (stable; on by default).

860 922 

861Key923Key

862 924 

863`mcp_servers.<id>.http_headers`925`features.sqlite`

864 926 

865Type / Values927Type / Values

866 928 

867`map<string,string>`929`boolean`

868 930 

869Details931Details

870 932 

871Static HTTP headers included with each MCP HTTP request.933Enable SQLite-backed state persistence (stable; on by default).

872 934 

873Key935Key

874 936 

875`mcp_servers.<id>.required`937`features.steer`

876 938 

877Type / Values939Type / Values

878 940 

880 942 

881Details943Details

882 944 

883When true, fail startup/resume if this enabled MCP server cannot initialize.945Legacy toggle from an earlier Enter/Tab steering rollout. Current builds always use the current steering behavior.

884 946 

885Key947Key

886 948 

887`mcp_servers.<id>.startup_timeout_ms`949`features.undo`

888 950 

889Type / Values951Type / Values

890 952 

891`number`953`boolean`

892 954 

893Details955Details

894 956 

895Alias for `startup_timeout_sec` in milliseconds.957Enable undo support (stable; off by default).

896 958 

897Key959Key

898 960 

899`mcp_servers.<id>.startup_timeout_sec`961`features.unified_exec`

900 962 

901Type / Values963Type / Values

902 964 

903`number`965`boolean`

904 966 

905Details967Details

906 968 

907Override the default 10s startup timeout for an MCP server.969Use the unified PTY-backed exec tool (stable; enabled by default except on Windows).

908 970 

909Key971Key

910 972 

911`mcp_servers.<id>.tool_timeout_sec`973`features.use_linux_sandbox_bwrap`

912 974 

913Type / Values975Type / Values

914 976 

915`number`977`boolean`

916 978 

917Details979Details

918 980 

919Override the default 60s per-tool timeout for an MCP server.981Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default).

920 982 

921Key983Key

922 984 

923`mcp_servers.<id>.url`985`features.web_search`

924 986 

925Type / Values987Type / Values

926 988 

927`string`989`boolean`

928 990 

929Details991Details

930 992 

931Endpoint for an MCP streamable HTTP server.993Deprecated legacy toggle; prefer the top-level `web_search` setting.

932 994 

933Key995Key

934 996 

935`model`997`features.web_search_cached`

936 998 

937Type / Values999Type / Values

938 1000 

939`string`1001`boolean`

940 1002 

941Details1003Details

942 1004 

943Model to use (e.g., `gpt-5-codex`).1005Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`.

944 1006 

945Key1007Key

946 1008 

947`model_auto_compact_token_limit`1009`features.web_search_request`

948 1010 

949Type / Values1011Type / Values

950 1012 

951`number`1013`boolean`

952 1014 

953Details1015Details

954 1016 

955Token threshold that triggers automatic history compaction (unset uses model defaults).1017Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "live"`.

956 1018 

957Key1019Key

958 1020 

959`model_context_window`1021`feedback.enabled`

960 1022 

961Type / Values1023Type / Values

962 1024 

963`number`1025`boolean`

964 1026 

965Details1027Details

966 1028 

967Context window tokens available to the active model.1029Enable feedback submission via `/feedback` across Codex surfaces (default: true).

968 1030 

969Key1031Key

970 1032 

971`model_instructions_file`1033`file_opener`

972 1034 

973Type / Values1035Type / Values

974 1036 

975`string (path)`1037`vscode | vscode-insiders | windsurf | cursor | none`

976 1038 

977Details1039Details

978 1040 

979Replacement for built-in instructions instead of `AGENTS.md`.1041URI scheme used to open citations from Codex output (default: `vscode`).

980 1042 

981Key1043Key

982 1044 

983`model_provider`1045`forced_chatgpt_workspace_id`

984 1046 

985Type / Values1047Type / Values

986 1048 

987`string`1049`string (uuid)`

988 1050 

989Details1051Details

990 1052 

991Provider id from `model_providers` (default: `openai`).1053Limit ChatGPT logins to a specific workspace identifier.

992 1054 

993Key1055Key

994 1056 

995`model_providers.<id>.base_url`1057`forced_login_method`

1058 

1059Type / Values

1060 

1061`chatgpt | api`

1062 

1063Details

1064 

1065Restrict Codex to a specific authentication method.

1066 

1067Key

1068 

1069`hide_agent_reasoning`

1070 

1071Type / Values

1072 

1073`boolean`

1074 

1075Details

1076 

1077Suppress reasoning events in both the TUI and `codex exec` output.

1078 

1079Key

1080 

1081`history.max_bytes`

1082 

1083Type / Values

1084 

1085`number`

1086 

1087Details

1088 

1089If set, caps the history file size in bytes by dropping oldest entries.

1090 

1091Key

1092 

1093`history.persistence`

1094 

1095Type / Values

1096 

1097`save-all | none`

1098 

1099Details

1100 

1101Control whether Codex saves session transcripts to history.jsonl.

1102 

1103Key

1104 

1105`instructions`

996 1106 

997Type / Values1107Type / Values

998 1108 

1000 1110 

1001Details1111Details

1002 1112 

1003API base URL for the model provider.1113Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`.

1004 1114 

1005Key1115Key

1006 1116 

1007`model_providers.<id>.env_http_headers`1117`log_dir`

1008 1118 

1009Type / Values1119Type / Values

1010 1120 

1011`map<string,string>`1121`string (path)`

1012 1122 

1013Details1123Details

1014 1124 

1015HTTP headers populated from environment variables when present.1125Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`.

1016 1126 

1017Key1127Key

1018 1128 

1019`model_providers.<id>.env_key`1129`mcp_oauth_callback_port`

1130 

1131Type / Values

1132 

1133`integer`

1134 

1135Details

1136 

1137Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS.

1138 

1139Key

1140 

1141`mcp_oauth_callback_url`

1020 1142 

1021Type / Values1143Type / Values

1022 1144 

1024 1146 

1025Details1147Details

1026 1148 

1027Environment variable supplying the provider API key.1149Optional redirect URI override for MCP OAuth login (for example, a devbox ingress URL). `mcp_oauth_callback_port` still controls the callback listener port.

1028 1150 

1029Key1151Key

1030 1152 

1031`model_providers.<id>.env_key_instructions`1153`mcp_oauth_credentials_store`

1154 

1155Type / Values

1156 

1157`auto | file | keyring`

1158 

1159Details

1160 

1161Preferred store for MCP OAuth credentials.

1162 

1163Key

1164 

1165`mcp_servers.<id>.args`

1166 

1167Type / Values

1168 

1169`array<string>`

1170 

1171Details

1172 

1173Arguments passed to the MCP stdio server command.

1174 

1175Key

1176 

1177`mcp_servers.<id>.bearer_token_env_var`

1032 1178 

1033Type / Values1179Type / Values

1034 1180 

1036 1182 

1037Details1183Details

1038 1184 

1039Optional setup guidance for the provider API key.1185Environment variable sourcing the bearer token for an MCP HTTP server.

1040 1186 

1041Key1187Key

1042 1188 

1043`model_providers.<id>.experimental_bearer_token`1189`mcp_servers.<id>.command`

1044 1190 

1045Type / Values1191Type / Values

1046 1192 

1048 1194 

1049Details1195Details

1050 1196 

1051Direct bearer token for the provider (discouraged; use `env_key`).1197Launcher command for an MCP stdio server.

1052 1198 

1053Key1199Key

1054 1200 

1055`model_providers.<id>.http_headers`1201`mcp_servers.<id>.cwd`

1202 

1203Type / Values

1204 

1205`string`

1206 

1207Details

1208 

1209Working directory for the MCP stdio server process.

1210 

1211Key

1212 

1213`mcp_servers.<id>.disabled_tools`

1214 

1215Type / Values

1216 

1217`array<string>`

1218 

1219Details

1220 

1221Deny list applied after `enabled_tools` for the MCP server.

1222 

1223Key

1224 

1225`mcp_servers.<id>.enabled`

1226 

1227Type / Values

1228 

1229`boolean`

1230 

1231Details

1232 

1233Disable an MCP server without removing its configuration.

1234 

1235Key

1236 

1237`mcp_servers.<id>.enabled_tools`

1238 

1239Type / Values

1240 

1241`array<string>`

1242 

1243Details

1244 

1245Allow list of tool names exposed by the MCP server.

1246 

1247Key

1248 

1249`mcp_servers.<id>.env`

1056 1250 

1057Type / Values1251Type / Values

1058 1252 

1060 1254 

1061Details1255Details

1062 1256 

1063Static HTTP headers added to provider requests.1257Environment variables forwarded to the MCP stdio server.

1064 1258 

1065Key1259Key

1066 1260 

1067`model_providers.<id>.name`1261`mcp_servers.<id>.env_http_headers`

1068 1262 

1069Type / Values1263Type / Values

1070 1264 

1071`string`1265`map<string,string>`

1072 1266 

1073Details1267Details

1074 1268 

1075Display name for a custom model provider.1269HTTP headers populated from environment variables for an MCP HTTP server.

1076 1270 

1077Key1271Key

1078 1272 

1079`model_providers.<id>.query_params`1273`mcp_servers.<id>.env_vars`

1274 

1275Type / Values

1276 

1277`array<string>`

1278 

1279Details

1280 

1281Additional environment variables to whitelist for an MCP stdio server.

1282 

1283Key

1284 

1285`mcp_servers.<id>.http_headers`

1080 1286 

1081Type / Values1287Type / Values

1082 1288 

1084 1290 

1085Details1291Details

1086 1292 

1087Extra query parameters appended to provider requests.1293Static HTTP headers included with each MCP HTTP request.

1088 1294 

1089Key1295Key

1090 1296 

1091`model_providers.<id>.request_max_retries`1297`mcp_servers.<id>.oauth_resource`

1092 1298 

1093Type / Values1299Type / Values

1094 1300 

1095`number`1301`string`

1096 1302 

1097Details1303Details

1098 1304 

1099Retry count for HTTP requests to the provider (default: 4).1305Optional RFC 8707 OAuth resource parameter to include during MCP login.

1100 1306 

1101Key1307Key

1102 1308 

1103`model_providers.<id>.requires_openai_auth`1309`mcp_servers.<id>.required`

1104 1310 

1105Type / Values1311Type / Values

1106 1312 

1108 1314 

1109Details1315Details

1110 1316 

1111The provider uses OpenAI authentication (defaults to false).1317When true, fail startup/resume if this enabled MCP server cannot initialize.

1112 1318 

1113Key1319Key

1114 1320 

1115`model_providers.<id>.stream_idle_timeout_ms`1321`mcp_servers.<id>.scopes`

1322 

1323Type / Values

1324 

1325`array<string>`

1326 

1327Details

1328 

1329OAuth scopes to request when authenticating to that MCP server.

1330 

1331Key

1332 

1333`mcp_servers.<id>.startup_timeout_ms`

1334 

1335Type / Values

1336 

1337`number`

1338 

1339Details

1340 

1341Alias for `startup_timeout_sec` in milliseconds.

1342 

1343Key

1344 

1345`mcp_servers.<id>.startup_timeout_sec`

1346 

1347Type / Values

1348 

1349`number`

1350 

1351Details

1352 

1353Override the default 10s startup timeout for an MCP server.

1354 

1355Key

1356 

1357`mcp_servers.<id>.tool_timeout_sec`

1358 

1359Type / Values

1360 

1361`number`

1362 

1363Details

1364 

1365Override the default 60s per-tool timeout for an MCP server.

1366 

1367Key

1368 

1369`mcp_servers.<id>.url`

1370 

1371Type / Values

1372 

1373`string`

1374 

1375Details

1376 

1377Endpoint for an MCP streamable HTTP server.

1378 

1379Key

1380 

1381`model`

1382 

1383Type / Values

1384 

1385`string`

1386 

1387Details

1388 

1389Model to use (e.g., `gpt-5-codex`).

1390 

1391Key

1392 

1393`model_auto_compact_token_limit`

1394 

1395Type / Values

1396 

1397`number`

1398 

1399Details

1400 

1401Token threshold that triggers automatic history compaction (unset uses model defaults).

1402 

1403Key

1404 

1405`model_catalog_json`

1406 

1407Type / Values

1408 

1409`string (path)`

1410 

1411Details

1412 

1413Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile.

1414 

1415Key

1416 

1417`model_context_window`

1418 

1419Type / Values

1420 

1421`number`

1422 

1423Details

1424 

1425Context window tokens available to the active model.

1426 

1427Key

1428 

1429`model_instructions_file`

1430 

1431Type / Values

1432 

1433`string (path)`

1434 

1435Details

1436 

1437Replacement for built-in instructions instead of `AGENTS.md`.

1438 

1439Key

1440 

1441`model_provider`

1442 

1443Type / Values

1444 

1445`string`

1446 

1447Details

1448 

1449Provider id from `model_providers` (default: `openai`).

1450 

1451Key

1452 

1453`model_providers.<id>.base_url`

1454 

1455Type / Values

1456 

1457`string`

1458 

1459Details

1460 

1461API base URL for the model provider.

1462 

1463Key

1464 

1465`model_providers.<id>.env_http_headers`

1466 

1467Type / Values

1468 

1469`map<string,string>`

1470 

1471Details

1472 

1473HTTP headers populated from environment variables when present.

1474 

1475Key

1476 

1477`model_providers.<id>.env_key`

1478 

1479Type / Values

1480 

1481`string`

1482 

1483Details

1484 

1485Environment variable supplying the provider API key.

1486 

1487Key

1488 

1489`model_providers.<id>.env_key_instructions`

1490 

1491Type / Values

1492 

1493`string`

1494 

1495Details

1496 

1497Optional setup guidance for the provider API key.

1498 

1499Key

1500 

1501`model_providers.<id>.experimental_bearer_token`

1502 

1503Type / Values

1504 

1505`string`

1506 

1507Details

1508 

1509Direct bearer token for the provider (discouraged; use `env_key`).

1510 

1511Key

1512 

1513`model_providers.<id>.http_headers`

1514 

1515Type / Values

1516 

1517`map<string,string>`

1518 

1519Details

1520 

1521Static HTTP headers added to provider requests.

1522 

1523Key

1524 

1525`model_providers.<id>.name`

1526 

1527Type / Values

1528 

1529`string`

1530 

1531Details

1532 

1533Display name for a custom model provider.

1534 

1535Key

1536 

1537`model_providers.<id>.query_params`

1538 

1539Type / Values

1540 

1541`map<string,string>`

1542 

1543Details

1544 

1545Extra query parameters appended to provider requests.

1546 

1547Key

1548 

1549`model_providers.<id>.request_max_retries`

1550 

1551Type / Values

1552 

1553`number`

1554 

1555Details

1556 

1557Retry count for HTTP requests to the provider (default: 4).

1558 

1559Key

1560 

1561`model_providers.<id>.requires_openai_auth`

1562 

1563Type / Values

1564 

1565`boolean`

1566 

1567Details

1568 

1569The provider uses OpenAI authentication (defaults to false).

1570 

1571Key

1572 

1573`model_providers.<id>.stream_idle_timeout_ms`

1574 

1575Type / Values

1576 

1577`number`

1578 

1579Details

1580 

1581Idle timeout for SSE streams in milliseconds (default: 300000).

1582 

1583Key

1584 

1585`model_providers.<id>.stream_max_retries`

1586 

1587Type / Values

1588 

1589`number`

1590 

1591Details

1592 

1593Retry count for SSE streaming interruptions (default: 5).

1594 

1595Key

1596 

1597`model_providers.<id>.supports_websockets`

1598 

1599Type / Values

1600 

1601`boolean`

1602 

1603Details

1604 

1605Whether that provider supports the Responses API WebSocket transport.

1606 

1607Key

1608 

1609`model_providers.<id>.wire_api`

1610 

1611Type / Values

1612 

1613`responses`

1614 

1615Details

1616 

1617Protocol used by the provider. `responses` is the only supported value, and it is the default when omitted.

1618 

1619Key

1620 

1621`model_reasoning_effort`

1622 

1623Type / Values

1624 

1625`minimal | low | medium | high | xhigh`

1626 

1627Details

1628 

1629Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent).

1630 

1631Key

1632 

1633`model_reasoning_summary`

1634 

1635Type / Values

1636 

1637`auto | concise | detailed | none`

1638 

1639Details

1640 

1641Select reasoning summary detail or disable summaries entirely.

1642 

1643Key

1644 

1645`model_supports_reasoning_summaries`

1646 

1647Type / Values

1648 

1649`boolean`

1650 

1651Details

1652 

1653Force Codex to send or not send reasoning metadata.

1654 

1655Key

1656 

1657`model_verbosity`

1658 

1659Type / Values

1660 

1661`low | medium | high`

1662 

1663Details

1664 

1665Optional GPT-5 Responses API verbosity override; when unset, the selected model/preset default is used.

1666 

1667Key

1668 

1669`notice.hide_full_access_warning`

1670 

1671Type / Values

1672 

1673`boolean`

1674 

1675Details

1676 

1677Track acknowledgement of the full access warning prompt.

1678 

1679Key

1680 

1681`notice.hide_gpt-5.1-codex-max_migration_prompt`

1682 

1683Type / Values

1684 

1685`boolean`

1686 

1687Details

1688 

1689Track acknowledgement of the gpt-5.1-codex-max migration prompt.

1690 

1691Key

1692 

1693`notice.hide_gpt5_1_migration_prompt`

1694 

1695Type / Values

1696 

1697`boolean`

1698 

1699Details

1700 

1701Track acknowledgement of the GPT-5.1 migration prompt.

1702 

1703Key

1704 

1705`notice.hide_rate_limit_model_nudge`

1706 

1707Type / Values

1708 

1709`boolean`

1710 

1711Details

1712 

1713Track opt-out of the rate limit model switch reminder.

1714 

1715Key

1716 

1717`notice.hide_world_writable_warning`

1718 

1719Type / Values

1720 

1721`boolean`

1722 

1723Details

1724 

1725Track acknowledgement of the Windows world-writable directories warning.

1726 

1727Key

1728 

1729`notice.model_migrations`

1730 

1731Type / Values

1732 

1733`map<string,string>`

1734 

1735Details

1736 

1737Track acknowledged model migrations as old->new mappings.

1738 

1739Key

1740 

1741`notify`

1742 

1743Type / Values

1744 

1745`array<string>`

1746 

1747Details

1748 

1749Command invoked for notifications; receives a JSON payload from Codex.

1750 

1751Key

1752 

1753`oss_provider`

1754 

1755Type / Values

1756 

1757`lmstudio | ollama`

1758 

1759Details

1760 

1761Default local provider used when running with `--oss` (defaults to prompting if unset).

1762 

1763Key

1764 

1765`otel.environment`

1766 

1767Type / Values

1768 

1769`string`

1770 

1771Details

1772 

1773Environment tag applied to emitted OpenTelemetry events (default: `dev`).

1774 

1775Key

1776 

1777`otel.exporter`

1778 

1779Type / Values

1780 

1781`none | otlp-http | otlp-grpc`

1782 

1783Details

1784 

1785Select the OpenTelemetry exporter and provide any endpoint metadata.

1786 

1787Key

1788 

1789`otel.exporter.<id>.endpoint`

1790 

1791Type / Values

1792 

1793`string`

1794 

1795Details

1796 

1797Exporter endpoint for OTEL logs.

1798 

1799Key

1800 

1801`otel.exporter.<id>.headers`

1802 

1803Type / Values

1804 

1805`map<string,string>`

1806 

1807Details

1808 

1809Static headers included with OTEL exporter requests.

1810 

1811Key

1812 

1813`otel.exporter.<id>.protocol`

1814 

1815Type / Values

1816 

1817`binary | json`

1818 

1819Details

1820 

1821Protocol used by the OTLP/HTTP exporter.

1822 

1823Key

1824 

1825`otel.exporter.<id>.tls.ca-certificate`

1826 

1827Type / Values

1828 

1829`string`

1830 

1831Details

1832 

1833CA certificate path for OTEL exporter TLS.

1834 

1835Key

1836 

1837`otel.exporter.<id>.tls.client-certificate`

1116 1838 

1117Type / Values1839Type / Values

1118 1840 

1119`number`1841`string`

1120 1842 

1121Details1843Details

1122 1844 

1123Idle timeout for SSE streams in milliseconds (default: 300000).1845Client certificate path for OTEL exporter TLS.

1124 1846 

1125Key1847Key

1126 1848 

1127`model_providers.<id>.stream_max_retries`1849`otel.exporter.<id>.tls.client-private-key`

1128 1850 

1129Type / Values1851Type / Values

1130 1852 

1131`number`1853`string`

1132 1854 

1133Details1855Details

1134 1856 

1135Retry count for SSE streaming interruptions (default: 5).1857Client private key path for OTEL exporter TLS.

1136 1858 

1137Key1859Key

1138 1860 

1139`model_providers.<id>.wire_api`1861`otel.log_user_prompt`

1140 1862 

1141Type / Values1863Type / Values

1142 1864 

1143`chat | responses`1865`boolean`

1144 1866 

1145Details1867Details

1146 1868 

1147Protocol used by the provider (defaults to `chat` if omitted).1869Opt in to exporting raw user prompts with OpenTelemetry logs.

1148 1870 

1149Key1871Key

1150 1872 

1151`model_reasoning_effort`1873`otel.metrics_exporter`

1152 1874 

1153Type / Values1875Type / Values

1154 1876 

1155`minimal | low | medium | high | xhigh`1877`none | statsig | otlp-http | otlp-grpc`

1156 1878 

1157Details1879Details

1158 1880 

1159Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent).1881Select the OpenTelemetry metrics exporter (defaults to `statsig`).

1160 1882 

1161Key1883Key

1162 1884 

1163`model_reasoning_summary`1885`otel.trace_exporter`

1164 1886 

1165Type / Values1887Type / Values

1166 1888 

1167`auto | concise | detailed | none`1889`none | otlp-http | otlp-grpc`

1168 1890 

1169Details1891Details

1170 1892 

1171Select reasoning summary detail or disable summaries entirely.1893Select the OpenTelemetry trace exporter and provide any endpoint metadata.

1172 1894 

1173Key1895Key

1174 1896 

1175`model_supports_reasoning_summaries`1897`otel.trace_exporter.<id>.endpoint`

1176 1898 

1177Type / Values1899Type / Values

1178 1900 

1179`boolean`1901`string`

1180 1902 

1181Details1903Details

1182 1904 

1183Force Codex to send or not send reasoning metadata.1905Trace exporter endpoint for OTEL logs.

1184 1906 

1185Key1907Key

1186 1908 

1187`model_verbosity`1909`otel.trace_exporter.<id>.headers`

1188 1910 

1189Type / Values1911Type / Values

1190 1912 

1191`low | medium | high`1913`map<string,string>`

1192 1914 

1193Details1915Details

1194 1916 

1195Control GPT-5 Responses API verbosity (defaults to `medium`).1917Static headers included with OTEL trace exporter requests.

1196 1918 

1197Key1919Key

1198 1920 

1199`notice.hide_full_access_warning`1921`otel.trace_exporter.<id>.protocol`

1200 1922 

1201Type / Values1923Type / Values

1202 1924 

1203`boolean`1925`binary | json`

1204 1926 

1205Details1927Details

1206 1928 

1207Track acknowledgement of the full access warning prompt.1929Protocol used by the OTLP/HTTP trace exporter.

1208 1930 

1209Key1931Key

1210 1932 

1211`notice.hide_gpt-5.1-codex-max_migration_prompt`1933`otel.trace_exporter.<id>.tls.ca-certificate`

1212 1934 

1213Type / Values1935Type / Values

1214 1936 

1215`boolean`1937`string`

1216 1938 

1217Details1939Details

1218 1940 

1219Track acknowledgement of the gpt-5.1-codex-max migration prompt.1941CA certificate path for OTEL trace exporter TLS.

1220 1942 

1221Key1943Key

1222 1944 

1223`notice.hide_gpt5_1_migration_prompt`1945`otel.trace_exporter.<id>.tls.client-certificate`

1224 1946 

1225Type / Values1947Type / Values

1226 1948 

1227`boolean`1949`string`

1228 1950 

1229Details1951Details

1230 1952 

1231Track acknowledgement of the GPT-5.1 migration prompt.1953Client certificate path for OTEL trace exporter TLS.

1232 1954 

1233Key1955Key

1234 1956 

1235`notice.hide_rate_limit_model_nudge`1957`otel.trace_exporter.<id>.tls.client-private-key`

1236 1958 

1237Type / Values1959Type / Values

1238 1960 

1239`boolean`1961`string`

1240 1962 

1241Details1963Details

1242 1964 

1243Track opt-out of the rate limit model switch reminder.1965Client private key path for OTEL trace exporter TLS.

1244 1966 

1245Key1967Key

1246 1968 

1247`notice.hide_world_writable_warning`1969`permissions.network.admin_url`

1248 1970 

1249Type / Values1971Type / Values

1250 1972 

1251`boolean`1973`string`

1252 1974 

1253Details1975Details

1254 1976 

1255Track acknowledgement of the Windows world-writable directories warning.1977Admin endpoint for the managed network proxy.

1256 1978 

1257Key1979Key

1258 1980 

1259`notice.model_migrations`1981`permissions.network.allow_local_binding`

1260 1982 

1261Type / Values1983Type / Values

1262 1984 

1263`map<string,string>`1985`boolean`

1264 1986 

1265Details1987Details

1266 1988 

1267Track acknowledged model migrations as old->new mappings.1989Permit local bind/listen operations through the managed proxy.

1268 1990 

1269Key1991Key

1270 1992 

1271`notify`1993`permissions.network.allow_unix_sockets`

1272 1994 

1273Type / Values1995Type / Values

1274 1996 

1276 1998 

1277Details1999Details

1278 2000 

1279Command invoked for notifications; receives a JSON payload from Codex.2001Allowlist of Unix socket paths permitted through the managed proxy.

1280 2002 

1281Key2003Key

1282 2004 

1283`oss_provider`2005`permissions.network.allow_upstream_proxy`

1284 2006 

1285Type / Values2007Type / Values

1286 2008 

1287`lmstudio | ollama`2009`boolean`

1288 2010 

1289Details2011Details

1290 2012 

1291Default local provider used when running with `--oss` (defaults to prompting if unset).2013Allow the managed proxy to chain to another upstream proxy.

1292 2014 

1293Key2015Key

1294 2016 

1295`otel.environment`2017`permissions.network.allowed_domains`

1296 2018 

1297Type / Values2019Type / Values

1298 2020 

1299`string`2021`array<string>`

1300 2022 

1301Details2023Details

1302 2024 

1303Environment tag applied to emitted OpenTelemetry events (default: `dev`).2025Allowlist of domains permitted through the managed proxy.

1304 2026 

1305Key2027Key

1306 2028 

1307`otel.exporter`2029`permissions.network.dangerously_allow_all_unix_sockets`

1308 2030 

1309Type / Values2031Type / Values

1310 2032 

1311`none | otlp-http | otlp-grpc`2033`boolean`

1312 2034 

1313Details2035Details

1314 2036 

1315Select the OpenTelemetry exporter and provide any endpoint metadata.2037Allow the proxy to use arbitrary Unix sockets instead of the default restricted set.

1316 2038 

1317Key2039Key

1318 2040 

1319`otel.exporter.<id>.endpoint`2041`permissions.network.dangerously_allow_non_loopback_admin`

1320 2042 

1321Type / Values2043Type / Values

1322 2044 

1323`string`2045`boolean`

1324 2046 

1325Details2047Details

1326 2048 

1327Exporter endpoint for OTEL logs.2049Permit non-loopback bind addresses for the managed proxy admin listener.

1328 2050 

1329Key2051Key

1330 2052 

1331`otel.exporter.<id>.headers`2053`permissions.network.dangerously_allow_non_loopback_proxy`

1332 2054 

1333Type / Values2055Type / Values

1334 2056 

1335`map<string,string>`2057`boolean`

1336 2058 

1337Details2059Details

1338 2060 

1339Static headers included with OTEL exporter requests.2061Permit non-loopback bind addresses for the managed proxy listener.

1340 2062 

1341Key2063Key

1342 2064 

1343`otel.exporter.<id>.protocol`2065`permissions.network.denied_domains`

1344 2066 

1345Type / Values2067Type / Values

1346 2068 

1347`binary | json`2069`array<string>`

1348 2070 

1349Details2071Details

1350 2072 

1351Protocol used by the OTLP/HTTP exporter.2073Denylist of domains blocked by the managed proxy.

1352 2074 

1353Key2075Key

1354 2076 

1355`otel.exporter.<id>.tls.ca-certificate`2077`permissions.network.enable_socks5`

1356 2078 

1357Type / Values2079Type / Values

1358 2080 

1359`string`2081`boolean`

1360 2082 

1361Details2083Details

1362 2084 

1363CA certificate path for OTEL exporter TLS.2085Expose a SOCKS5 listener from the managed network proxy.

1364 2086 

1365Key2087Key

1366 2088 

1367`otel.exporter.<id>.tls.client-certificate`2089`permissions.network.enable_socks5_udp`

1368 2090 

1369Type / Values2091Type / Values

1370 2092 

1371`string`2093`boolean`

1372 2094 

1373Details2095Details

1374 2096 

1375Client certificate path for OTEL exporter TLS.2097Allow UDP over the SOCKS5 listener when enabled.

1376 2098 

1377Key2099Key

1378 2100 

1379`otel.exporter.<id>.tls.client-private-key`2101`permissions.network.enabled`

1380 2102 

1381Type / Values2103Type / Values

1382 2104 

1383`string`2105`boolean`

1384 2106 

1385Details2107Details

1386 2108 

1387Client private key path for OTEL exporter TLS.2109Enable the managed network proxy configuration for subprocesses.

1388 2110 

1389Key2111Key

1390 2112 

1391`otel.log_user_prompt`2113`permissions.network.mode`

1392 2114 

1393Type / Values2115Type / Values

1394 2116 

1395`boolean`2117`limited | full`

1396 2118 

1397Details2119Details

1398 2120 

1399Opt in to exporting raw user prompts with OpenTelemetry logs.2121Network proxy mode used for subprocess traffic.

1400 2122 

1401Key2123Key

1402 2124 

1403`otel.trace_exporter`2125`permissions.network.proxy_url`

1404 2126 

1405Type / Values2127Type / Values

1406 2128 

1407`none | otlp-http | otlp-grpc`2129`string`

1408 2130 

1409Details2131Details

1410 2132 

1411Select the OpenTelemetry trace exporter and provide any endpoint metadata.2133HTTP proxy endpoint used by the managed network proxy.

1412 2134 

1413Key2135Key

1414 2136 

1415`otel.trace_exporter.<id>.endpoint`2137`permissions.network.socks_url`

1416 2138 

1417Type / Values2139Type / Values

1418 2140 

1420 2142 

1421Details2143Details

1422 2144 

1423Trace exporter endpoint for OTEL logs.2145SOCKS5 proxy endpoint used by the managed network proxy.

1424 2146 

1425Key2147Key

1426 2148 

1427`otel.trace_exporter.<id>.headers`2149`personality`

1428 2150 

1429Type / Values2151Type / Values

1430 2152 

1431`map<string,string>`2153`none | friendly | pragmatic`

1432 2154 

1433Details2155Details

1434 2156 

1435Static headers included with OTEL trace exporter requests.2157Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`.

1436 2158 

1437Key2159Key

1438 2160 

1439`otel.trace_exporter.<id>.protocol`2161`plan_mode_reasoning_effort`

1440 2162 

1441Type / Values2163Type / Values

1442 2164 

1443`binary | json`2165`none | minimal | low | medium | high | xhigh`

1444 2166 

1445Details2167Details

1446 2168 

1447Protocol used by the OTLP/HTTP trace exporter.2169Plan-mode-specific reasoning override. When unset, Plan mode uses its built-in preset default.

1448 2170 

1449Key2171Key

1450 2172 

1451`otel.trace_exporter.<id>.tls.ca-certificate`2173`profile`

1452 2174 

1453Type / Values2175Type / Values

1454 2176 

1456 2178 

1457Details2179Details

1458 2180 

1459CA certificate path for OTEL trace exporter TLS.2181Default profile applied at startup (equivalent to `--profile`).

1460 2182 

1461Key2183Key

1462 2184 

1463`otel.trace_exporter.<id>.tls.client-certificate`2185`profiles.<name>.*`

1464 2186 

1465Type / Values2187Type / Values

1466 2188 

1467`string`2189`various`

1468 2190 

1469Details2191Details

1470 2192 

1471Client certificate path for OTEL trace exporter TLS.2193Profile-scoped overrides for any of the supported configuration keys.

1472 2194 

1473Key2195Key

1474 2196 

1475`otel.trace_exporter.<id>.tls.client-private-key`2197`profiles.<name>.analytics.enabled`

1476 2198 

1477Type / Values2199Type / Values

1478 2200 

1479`string`2201`boolean`

1480 2202 

1481Details2203Details

1482 2204 

1483Client private key path for OTEL trace exporter TLS.2205Profile-scoped analytics enablement override.

1484 2206 

1485Key2207Key

1486 2208 

1487`personality`2209`profiles.<name>.experimental_use_unified_exec_tool`

1488 2210 

1489Type / Values2211Type / Values

1490 2212 

1491`none | friendly | pragmatic`2213`boolean`

1492 2214 

1493Details2215Details

1494 2216 

1495Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`.2217Legacy name for enabling unified exec; prefer `[features].unified_exec`.

1496 2218 

1497Key2219Key

1498 2220 

1499`profile`2221`profiles.<name>.model_catalog_json`

1500 2222 

1501Type / Values2223Type / Values

1502 2224 

1503`string`2225`string (path)`

1504 2226 

1505Details2227Details

1506 2228 

1507Default profile applied at startup (equivalent to `--profile`).2229Profile-scoped model catalog JSON path override (applied on startup only; overrides the top-level `model_catalog_json` for that profile).

1508 2230 

1509Key2231Key

1510 2232 

1511`profiles.<name>.*`2233`profiles.<name>.model_instructions_file`

1512 2234 

1513Type / Values2235Type / Values

1514 2236 

1515`various`2237`string (path)`

1516 2238 

1517Details2239Details

1518 2240 

1519Profile-scoped overrides for any of the supported configuration keys.2241Profile-scoped replacement for the built-in instruction file.

1520 2242 

1521Key2243Key

1522 2244 

1523`profiles.<name>.experimental_use_freeform_apply_patch`2245`profiles.<name>.oss_provider`

1524 2246 

1525Type / Values2247Type / Values

1526 2248 

1527`boolean`2249`lmstudio | ollama`

1528 2250 

1529Details2251Details

1530 2252 

1531Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.2253Profile-scoped OSS provider for `--oss` sessions.

1532 2254 

1533Key2255Key

1534 2256 

1535`profiles.<name>.experimental_use_unified_exec_tool`2257`profiles.<name>.personality`

1536 2258 

1537Type / Values2259Type / Values

1538 2260 

1539`boolean`2261`none | friendly | pragmatic`

1540 2262 

1541Details2263Details

1542 2264 

1543Legacy name for enabling unified exec; prefer `[features].unified_exec`.2265Profile-scoped communication style override for supported models.

1544 2266 

1545Key2267Key

1546 2268 

1547`profiles.<name>.include_apply_patch_tool`2269`profiles.<name>.plan_mode_reasoning_effort`

1548 2270 

1549Type / Values2271Type / Values

1550 2272 

1551`boolean`2273`none | minimal | low | medium | high | xhigh`

1552 2274 

1553Details2275Details

1554 2276 

1555Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.2277Profile-scoped Plan-mode reasoning override.

1556 2278 

1557Key2279Key

1558 2280 

1559`profiles.<name>.oss_provider`2281`profiles.<name>.service_tier`

1560 2282 

1561Type / Values2283Type / Values

1562 2284 

1563`lmstudio | ollama`2285`flex | fast`

1564 2286 

1565Details2287Details

1566 2288 

1567Profile-scoped OSS provider for `--oss` sessions.2289Profile-scoped service tier preference for new turns.

1568 2290 

1569Key2291Key

1570 2292 

1571`profiles.<name>.personality`2293`profiles.<name>.tools_view_image`

1572 2294 

1573Type / Values2295Type / Values

1574 2296 

1575`none | friendly | pragmatic`2297`boolean`

1576 2298 

1577Details2299Details

1578 2300 

1579Profile-scoped communication style override for supported models.2301Enable or disable the `view_image` tool in that profile.

1580 2302 

1581Key2303Key

1582 2304 

1592 2314 

1593Key2315Key

1594 2316 

2317`profiles.<name>.windows.sandbox`

2318 

2319Type / Values

2320 

2321`unelevated | elevated`

2322 

2323Details

2324 

2325Profile-scoped Windows sandbox mode override.

2326 

2327Key

2328 

1595`project_doc_fallback_filenames`2329`project_doc_fallback_filenames`

1596 2330 

1597Type / Values2331Type / Values

1712 2446 

1713Key2447Key

1714 2448 

2449`service_tier`

2450 

2451Type / Values

2452 

2453`flex | fast`

2454 

2455Details

2456 

2457Preferred service tier for new turns. `fast` is honored only when the `features.fast_mode` gate is enabled.

2458 

2459Key

2460 

1715`shell_environment_policy.exclude`2461`shell_environment_policy.exclude`

1716 2462 

1717Type / Values2463Type / Values

1832 2578 

1833Key2579Key

1834 2580 

2581`sqlite_home`

2582 

2583Type / Values

2584 

2585`string (path)`

2586 

2587Details

2588 

2589Directory where Codex stores the SQLite-backed state DB used by agent jobs and other resumable runtime state.

2590 

2591Key

2592 

1835`suppress_unstable_features_warning`2593`suppress_unstable_features_warning`

1836 2594 

1837Type / Values2595Type / Values

1856 2614 

1857Key2615Key

1858 2616 

2617`tools.view_image`

2618 

2619Type / Values

2620 

2621`boolean`

2622 

2623Details

2624 

2625Enable the local-image attachment tool `view_image`.

2626 

2627Key

2628 

1859`tools.web_search`2629`tools.web_search`

1860 2630 

1861Type / Values2631Type / Values

1904 2674 

1905Key2675Key

1906 2676 

2677`tui.model_availability_nux.<model>`

2678 

2679Type / Values

2680 

2681`integer`

2682 

2683Details

2684 

2685Internal startup-tooltip state keyed by model slug.

2686 

2687Key

2688 

1907`tui.notification_method`2689`tui.notification_method`

1908 2690 

1909Type / Values2691Type / Values

1952 2734 

1953Key2735Key

1954 2736 

2737`tui.theme`

2738 

2739Type / Values

2740 

2741`string`

2742 

2743Details

2744 

2745Syntax-highlighting theme override (kebab-case theme name).

2746 

2747Key

2748 

1955`web_search`2749`web_search`

1956 2750 

1957Type / Values2751Type / Values

1974 2768 

1975Track Windows onboarding acknowledgement (Windows only).2769Track Windows onboarding acknowledgement (Windows only).

1976 2770 

2771Key

2772 

2773`windows.sandbox`

2774 

2775Type / Values

2776 

2777`unelevated | elevated`

2778 

2779Details

2780 

2781Windows-only native sandbox mode when running Codex natively on Windows.

2782 

1977Expand to view all2783Expand to view all

1978 2784 

1979You can find the latest JSON schema for `config.toml` [here](https://developers.openai.com/codex/config-schema.json).2785You can find the latest JSON schema for `config.toml` [here](https://developers.openai.com/codex/config-schema.json).

1988 2794 

1989## `requirements.toml`2795## `requirements.toml`

1990 2796 

1991`requirements.toml` is an admin-enforced configuration file that constrains security-sensitive settings users cant override. For details, locations, and examples, see [Admin-enforced requirements](https://developers.openai.com/codex/security#admin-enforced-requirements-requirementstoml).2797`requirements.toml` is an admin-enforced configuration file that constrains security-sensitive settings users can't override. For details, locations, and examples, see [Admin-enforced requirements](https://developers.openai.com/codex/enterprise/managed-configuration#admin-enforced-requirements-requirementstoml).

1992 2798 

1993For ChatGPT Business and Enterprise users, Codex can also apply cloud-fetched2799For ChatGPT Business and Enterprise users, Codex can also apply cloud-fetched

1994requirements. See the security page for precedence details.2800requirements. See the security page for precedence details.

1995 2801 

2802Use `[features]` in `requirements.toml` to pin feature flags by the same

2803canonical keys that `config.toml` uses. Omitted keys remain unconstrained.

2804 

1996| Key | Type / Values | Details |2805| Key | Type / Values | Details |

1997| --- | --- | --- |2806| --- | --- | --- |

1998| `allowed_approval_policies` | `array<string>` | Allowed values for `approval\_policy`. |2807| `allowed_approval_policies` | `array<string>` | Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `reject`). |

1999| `allowed_sandbox_modes` | `array<string>` | Allowed values for `sandbox_mode`. |2808| `allowed_sandbox_modes` | `array<string>` | Allowed values for `sandbox_mode`. |

2000| `allowed_web_search_modes` | `array<string>` | Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`. |2809| `allowed_web_search_modes` | `array<string>` | Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`. |

2810| `features` | `table` | Pinned feature values keyed by the canonical names from `config.toml`'s `[features]` table. |

2811| `features.<name>` | `boolean` | Require a specific canonical feature key to stay enabled or disabled. |

2001| `mcp_servers` | `table` | Allowlist of MCP servers that may be enabled. Both the server name (`<id>`) and its identity must match for the MCP server to be enabled. Any configured MCP server not in the allowlist (or with a mismatched identity) is disabled. |2812| `mcp_servers` | `table` | Allowlist of MCP servers that may be enabled. Both the server name (`<id>`) and its identity must match for the MCP server to be enabled. Any configured MCP server not in the allowlist (or with a mismatched identity) is disabled. |

2002| `mcp_servers.<id>.identity` | `table` | Identity rule for a single MCP server. Set either `command` (stdio) or `url` (streamable HTTP). |2813| `mcp_servers.<id>.identity` | `table` | Identity rule for a single MCP server. Set either `command` (stdio) or `url` (streamable HTTP). |

2003| `mcp_servers.<id>.identity.command` | `string` | Allow an MCP stdio server when its `mcp_servers.<id>.command` matches this command. |2814| `mcp_servers.<id>.identity.command` | `string` | Allow an MCP stdio server when its `mcp_servers.<id>.command` matches this command. |

2020 2831 

2021Details2832Details

2022 2833 

2023Allowed values for `approval\_policy`.2834Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `reject`).

2024 2835 

2025Key2836Key

2026 2837 

2048 2859 

2049Key2860Key

2050 2861 

2862`features`

2863 

2864Type / Values

2865 

2866`table`

2867 

2868Details

2869 

2870Pinned feature values keyed by the canonical names from `config.toml`'s `[features]` table.

2871 

2872Key

2873 

2874`features.<name>`

2875 

2876Type / Values

2877 

2878`boolean`

2879 

2880Details

2881 

2882Require a specific canonical feature key to stay enabled or disabled.

2883 

2884Key

2885 

2051`mcp_servers`2886`mcp_servers`

2052 2887 

2053Type / Values2888Type / Values