SpyBara
Go Premium Account

config-reference.md Codex Docs, 2026-02-24 00:33 UTC → 2026-04-29 12:40 UTC

Inspect the documentation page or source diff for this selected snapshot comparison.

2026
24 Feb 2026, 00:33
19 May 2026, 11:58 18 May 2026, 22:01 14 May 2026, 21:00 14 May 2026, 07:00 13 May 2026, 00:57 12 May 2026, 01:59 11 May 2026, 18:00 7 May 2026, 20:02 7 May 2026, 17:08 5 May 2026, 23:00 2 May 2026, 06:45 2 May 2026, 00:48 1 May 2026, 18:29 30 Apr 2026, 18:36 29 Apr 2026, 12:40 29 Apr 2026, 00:50 25 Apr 2026, 06:37 25 Apr 2026, 00:42 24 Apr 2026, 18:20 24 Apr 2026, 12:28 23 Apr 2026, 18:31 23 Apr 2026, 12:28 23 Apr 2026, 00:46 22 Apr 2026, 18:29 22 Apr 2026, 00:42 21 Apr 2026, 18:29 21 Apr 2026, 12:30 21 Apr 2026, 06:45 20 Apr 2026, 18:26 20 Apr 2026, 06:53 18 Apr 2026, 18:18 17 Apr 2026, 00:44 16 Apr 2026, 18:31 16 Apr 2026, 00:46 15 Apr 2026, 18:31 15 Apr 2026, 06:44 14 Apr 2026, 18:31 14 Apr 2026, 12:29 13 Apr 2026, 18:37 13 Apr 2026, 00:44 12 Apr 2026, 06:38 10 Apr 2026, 18:23 9 Apr 2026, 00:33 8 Apr 2026, 18:32 8 Apr 2026, 00:40 7 Apr 2026, 00:40 2 Apr 2026, 18:23 31 Mar 2026, 06:35 31 Mar 2026, 00:39 28 Mar 2026, 06:26 28 Mar 2026, 00:36 27 Mar 2026, 18:23 27 Mar 2026, 00:39 26 Mar 2026, 18:27 25 Mar 2026, 18:24 23 Mar 2026, 18:22 20 Mar 2026, 00:35 18 Mar 2026, 12:23 18 Mar 2026, 00:36 17 Mar 2026, 18:24 17 Mar 2026, 00:33 16 Mar 2026, 18:25 16 Mar 2026, 12:23 14 Mar 2026, 00:32 13 Mar 2026, 18:15 13 Mar 2026, 00:34 11 Mar 2026, 00:31 9 Mar 2026, 00:34 8 Mar 2026, 18:10 8 Mar 2026, 00:35 7 Mar 2026, 18:10 7 Mar 2026, 06:14 7 Mar 2026, 00:33 6 Mar 2026, 00:38 5 Mar 2026, 18:41 5 Mar 2026, 06:22 5 Mar 2026, 00:34 4 Mar 2026, 18:18 4 Mar 2026, 06:20 3 Mar 2026, 18:20 3 Mar 2026, 00:35 27 Feb 2026, 18:15 24 Feb 2026, 06:27 24 Feb 2026, 00:33 23 Feb 2026, 18:27 21 Feb 2026, 00:33 20 Feb 2026, 12:16 19 Feb 2026, 20:53 19 Feb 2026, 20:37
29 Apr 2026, 12:40
19 May 2026, 11:58 18 May 2026, 22:01 14 May 2026, 21:00 14 May 2026, 07:00 13 May 2026, 00:57 12 May 2026, 01:59 11 May 2026, 18:00 7 May 2026, 20:02 7 May 2026, 17:08 5 May 2026, 23:00 2 May 2026, 06:45 2 May 2026, 00:48 1 May 2026, 18:29 30 Apr 2026, 18:36 29 Apr 2026, 12:40 29 Apr 2026, 00:50 25 Apr 2026, 06:37 25 Apr 2026, 00:42 24 Apr 2026, 18:20 24 Apr 2026, 12:28 23 Apr 2026, 18:31 23 Apr 2026, 12:28 23 Apr 2026, 00:46 22 Apr 2026, 18:29 22 Apr 2026, 00:42 21 Apr 2026, 18:29 21 Apr 2026, 12:30 21 Apr 2026, 06:45 20 Apr 2026, 18:26 20 Apr 2026, 06:53 18 Apr 2026, 18:18 17 Apr 2026, 00:44 16 Apr 2026, 18:31 16 Apr 2026, 00:46 15 Apr 2026, 18:31 15 Apr 2026, 06:44 14 Apr 2026, 18:31 14 Apr 2026, 12:29 13 Apr 2026, 18:37 13 Apr 2026, 00:44 12 Apr 2026, 06:38 10 Apr 2026, 18:23 9 Apr 2026, 00:33 8 Apr 2026, 18:32 8 Apr 2026, 00:40 7 Apr 2026, 00:40 2 Apr 2026, 18:23 31 Mar 2026, 06:35 31 Mar 2026, 00:39 28 Mar 2026, 06:26 28 Mar 2026, 00:36 27 Mar 2026, 18:23 27 Mar 2026, 00:39 26 Mar 2026, 18:27 25 Mar 2026, 18:24 23 Mar 2026, 18:22 20 Mar 2026, 00:35 18 Mar 2026, 12:23 18 Mar 2026, 00:36 17 Mar 2026, 18:24 17 Mar 2026, 00:33 16 Mar 2026, 18:25 16 Mar 2026, 12:23 14 Mar 2026, 00:32 13 Mar 2026, 18:15 13 Mar 2026, 00:34 11 Mar 2026, 00:31 9 Mar 2026, 00:34 8 Mar 2026, 18:10 8 Mar 2026, 00:35 7 Mar 2026, 18:10 7 Mar 2026, 06:14 7 Mar 2026, 00:33 6 Mar 2026, 00:38 5 Mar 2026, 18:41 5 Mar 2026, 06:22 5 Mar 2026, 00:34 4 Mar 2026, 18:18 4 Mar 2026, 06:20 3 Mar 2026, 18:20 3 Mar 2026, 00:35 27 Feb 2026, 18:15 24 Feb 2026, 06:27 24 Feb 2026, 00:33 23 Feb 2026, 18:27 21 Feb 2026, 00:33 20 Feb 2026, 12:16 19 Feb 2026, 20:53 19 Feb 2026, 20:37
Thu 2 18:23 Tue 7 00:40 Wed 8 00:40 Wed 8 18:32 Thu 9 00:33 Fri 10 18:23 Sun 12 06:38 Mon 13 00:44 Mon 13 18:37 Tue 14 12:29 Tue 14 18:31 Wed 15 06:44 Wed 15 18:31 Thu 16 00:46 Thu 16 18:31 Fri 17 00:44 Sat 18 18:18 Mon 20 06:53 Mon 20 18:26 Tue 21 06:45 Tue 21 12:30 Tue 21 18:29 Wed 22 00:42 Wed 22 18:29 Thu 23 00:46 Thu 23 12:28 Thu 23 18:31 Fri 24 12:28 Fri 24 18:20 Sat 25 00:42 Sat 25 06:37 Wed 29 00:50 Wed 29 12:40 Thu 30 18:36

config-reference.md +1300 −335

Details

6 6 

7User-level configuration lives in `~/.codex/config.toml`. You can also add project-scoped overrides in `.codex/config.toml` files. Codex loads project-scoped config files only when you trust the project.7User-level configuration lives in `~/.codex/config.toml`. You can also add project-scoped overrides in `.codex/config.toml` files. Codex loads project-scoped config files only when you trust the project.

8 8 

9For sandbox and approval keys (`approval_policy`, `sandbox_mode`, and `sandbox_workspace_write.*`), pair this reference with [Sandbox and approvals](https://developers.openai.com/codex/security#sandbox-and-approvals), [Protected paths in writable roots](https://developers.openai.com/codex/security#protected-paths-in-writable-roots), and [Network access](https://developers.openai.com/codex/security#network-access).9For sandbox and approval keys (`approval_policy`, `sandbox_mode`, and `sandbox_workspace_write.*`), pair this reference with [Sandbox and approvals](https://developers.openai.com/codex/agent-approvals-security#sandbox-and-approvals), [Protected paths in writable roots](https://developers.openai.com/codex/agent-approvals-security#protected-paths-in-writable-roots), and [Network access](https://developers.openai.com/codex/agent-approvals-security#network-access).

10 10 

11| Key | Type / Values | Details |11| Key | Type / Values | Details |

12| --- | --- | --- |12| --- | --- | --- |

13| `agents.<name>.config_file` | `string (path)` | Path to a TOML config layer for that role; relative paths resolve from the config file that declares the role. |13| `agents.<name>.config_file` | `string (path)` | Path to a TOML config layer for that role; relative paths resolve from the config file that declares the role. |

14| `agents.<name>.description` | `string` | Role guidance shown to Codex when choosing and spawning that agent type. |14| `agents.<name>.description` | `string` | Role guidance shown to Codex when choosing and spawning that agent type. |

15| `agents.<name>.nickname_candidates` | `array<string>` | Optional pool of display nicknames for spawned agents in that role. |

16| `agents.job_max_runtime_seconds` | `number` | Default per-worker timeout for `spawn_agents_on_csv` jobs. When unset, the tool falls back to 1800 seconds per worker. |

15| `agents.max_depth` | `number` | Maximum nesting depth allowed for spawned agent threads (root sessions start at depth 0; default: 1). |17| `agents.max_depth` | `number` | Maximum nesting depth allowed for spawned agent threads (root sessions start at depth 0; default: 1). |

16| `agents.max_threads` | `number` | Maximum number of agent threads that can be open concurrently. |18| `agents.max_threads` | `number` | Maximum number of agent threads that can be open concurrently. Defaults to `6` when unset. |

17| `allow_login_shell` | `boolean` | Allow shell-based tools to use login-shell semantics. Defaults to `true`; when `false`, `login = true` requests are rejected and omitted `login` defaults to non-login shells. |19| `allow_login_shell` | `boolean` | Allow shell-based tools to use login-shell semantics. Defaults to `true`; when `false`, `login = true` requests are rejected and omitted `login` defaults to non-login shells. |

18| `approval_policy` | `untrusted | on-request | never | { reject = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool } }` | Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { reject = { ... } }` to auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs. |20| `analytics.enabled` | `boolean` | Enable or disable analytics for this machine/profile. When unset, the client default applies. |

19| `approval_policy.reject.mcp_elicitations` | `boolean` | When `true`, MCP elicitation prompts are auto-rejected instead of shown to the user. |21| `approval_policy` | `untrusted | on-request | never | { granular = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool, request_permissions = bool, skill_approval = bool } }` | Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { granular = { ... } }` to allow or auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs. |

20| `approval_policy.reject.rules` | `boolean` | When `true`, approvals triggered by execpolicy `prompt` rules are auto-rejected. |22| `approval_policy.granular.mcp_elicitations` | `boolean` | When `true`, MCP elicitation prompts are allowed to surface instead of being auto-rejected. |

21| `approval_policy.reject.sandbox_approval` | `boolean` | When `true`, sandbox escalation approval prompts are auto-rejected. |23| `approval_policy.granular.request_permissions` | `boolean` | When `true`, prompts from the `request_permissions` tool are allowed to surface. |

24| `approval_policy.granular.rules` | `boolean` | When `true`, approvals triggered by execpolicy `prompt` rules are allowed to surface. |

25| `approval_policy.granular.sandbox_approval` | `boolean` | When `true`, sandbox escalation approval prompts are allowed to surface. |

26| `approval_policy.granular.skill_approval` | `boolean` | When `true`, skill-script approval prompts are allowed to surface. |

27| `approvals_reviewer` | `user | auto_review` | Who reviews eligible approval prompts under `on-request` or granular approval policies. Defaults to `user`; `auto_review` uses the reviewer subagent. This setting doesn't change sandboxing or review actions already allowed inside the sandbox. |

22| `apps._default.destructive_enabled` | `boolean` | Default allow/deny for app tools with `destructive_hint = true`. |28| `apps._default.destructive_enabled` | `boolean` | Default allow/deny for app tools with `destructive_hint = true`. |

23| `apps._default.enabled` | `boolean` | Default app enabled state for all apps unless overridden per app. |29| `apps._default.enabled` | `boolean` | Default app enabled state for all apps unless overridden per app. |

24| `apps._default.open_world_enabled` | `boolean` | Default allow/deny for app tools with `open_world_hint = true`. |30| `apps._default.open_world_enabled` | `boolean` | Default allow/deny for app tools with `open_world_hint = true`. |

29| `apps.<id>.open_world_enabled` | `boolean` | Allow or block tools in this app that advertise `open_world_hint = true`. |35| `apps.<id>.open_world_enabled` | `boolean` | Allow or block tools in this app that advertise `open_world_hint = true`. |

30| `apps.<id>.tools.<tool>.approval_mode` | `auto | prompt | approve` | Per-tool approval behavior override for a single app tool. |36| `apps.<id>.tools.<tool>.approval_mode` | `auto | prompt | approve` | Per-tool approval behavior override for a single app tool. |

31| `apps.<id>.tools.<tool>.enabled` | `boolean` | Per-tool enabled override for an app tool (for example `repos/list`). |37| `apps.<id>.tools.<tool>.enabled` | `boolean` | Per-tool enabled override for an app tool (for example `repos/list`). |

38| `auto_review.policy` | `string` | Local Markdown policy instructions for automatic review. Managed `guardian_policy_config` takes precedence. Blank values are ignored. |

32| `background_terminal_max_timeout` | `number` | Maximum poll window in milliseconds for empty `write_stdin` polls (background terminal polling). Default: `300000` (5 minutes). Replaces the older `background_terminal_timeout` key. |39| `background_terminal_max_timeout` | `number` | Maximum poll window in milliseconds for empty `write_stdin` polls (background terminal polling). Default: `300000` (5 minutes). Replaces the older `background_terminal_timeout` key. |

33| `chatgpt_base_url` | `string` | Override the base URL used during the ChatGPT login flow. |40| `chatgpt_base_url` | `string` | Override the base URL used during the ChatGPT login flow. |

34| `check_for_update_on_startup` | `boolean` | Check for Codex updates on startup (set to false only when updates are centrally managed). |41| `check_for_update_on_startup` | `boolean` | Check for Codex updates on startup (set to false only when updates are centrally managed). |

35| `cli_auth_credentials_store` | `file | keyring | auto` | Control where the CLI stores cached credentials (file-based auth.json vs OS keychain). |42| `cli_auth_credentials_store` | `file | keyring | auto` | Control where the CLI stores cached credentials (file-based auth.json vs OS keychain). |

43| `commit_attribution` | `string` | Override the commit co-author trailer text. Set an empty string to disable automatic attribution. |

36| `compact_prompt` | `string` | Inline override for the history compaction prompt. |44| `compact_prompt` | `string` | Inline override for the history compaction prompt. |

45| `default_permissions` | `string` | Name of the default permissions profile to apply to sandboxed tool calls. |

37| `developer_instructions` | `string` | Additional developer instructions injected into the session (optional). |46| `developer_instructions` | `string` | Additional developer instructions injected into the session (optional). |

38| `disable_paste_burst` | `boolean` | Disable burst-paste detection in the TUI. |47| `disable_paste_burst` | `boolean` | Disable burst-paste detection in the TUI. |

39| `experimental_compact_prompt_file` | `string (path)` | Load the compaction prompt override from a file (experimental). |48| `experimental_compact_prompt_file` | `string (path)` | Load the compaction prompt override from a file (experimental). |

40| `experimental_use_freeform_apply_patch` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform` or `codex --enable apply_patch_freeform`. |

41| `experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`. |49| `experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`. |

42| `features.apply_patch_freeform` | `boolean` | Expose the freeform `apply_patch` tool (experimental). |

43| `features.apps` | `boolean` | Enable ChatGPT Apps/connectors support (experimental). |50| `features.apps` | `boolean` | Enable ChatGPT Apps/connectors support (experimental). |

44| `features.apps_mcp_gateway` | `boolean` | Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental). |51| `features.codex_hooks` | `boolean` | Enable lifecycle hooks loaded from `hooks.json` or inline `[hooks]` config. |

45| `features.child_agents_md` | `boolean` | Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental). |52| `features.enable_request_compression` | `boolean` | Compress streaming request bodies with zstd when supported (stable; on by default). |

46| `features.collaboration_modes` | `boolean` | Enable collaboration modes such as plan mode (stable; on by default). |53| `features.fast_mode` | `boolean` | Enable Fast mode selection and the `service_tier = "fast"` path (stable; on by default). |

47| `features.elevated_windows_sandbox` | `boolean` | Enable the elevated Windows sandbox pipeline (experimental). |54| `features.memories` | `boolean` | Enable [Memories](https://developers.openai.com/codex/memories) (off by default). |

48| `features.experimental_windows_sandbox` | `boolean` | Run the Windows restricted-token sandbox (experimental). |55| `features.multi_agent` | `boolean` | Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait_agent`, and `close_agent`) (stable; on by default). |

49| `features.multi_agent` | `boolean` | Enable multi-agent collaboration tools (`spawn\_agent`, `send\_input`, `resume\_agent`, `wait`, and `close\_agent`) (experimental; off by default). |

50| `features.personality` | `boolean` | Enable personality selection controls (stable; on by default). |56| `features.personality` | `boolean` | Enable personality selection controls (stable; on by default). |

51| `features.powershell_utf8` | `boolean` | Force PowerShell UTF-8 output (defaults to true). |57| `features.prevent_idle_sleep` | `boolean` | Prevent the machine from sleeping while a turn is actively running (experimental; off by default). |

52| `features.remote_models` | `boolean` | Refresh remote model list before showing readiness (experimental). |58| `features.shell_snapshot` | `boolean` | Snapshot shell environment to speed up repeated commands (stable; on by default). |

53| `features.request_rule` | `boolean` | Enable Smart approvals (`prefix_rule` suggestions on escalation requests; stable; on by default). |

54| `features.runtime_metrics` | `boolean` | Show runtime metrics summary in TUI turn separators (experimental). |

55| `features.search_tool` | `boolean` | Enable `search_tool_bm25` for Apps tool discovery before invoking app MCP tools (experimental). |

56| `features.shell_snapshot` | `boolean` | Snapshot shell environment to speed up repeated commands (beta). |

57| `features.shell_tool` | `boolean` | Enable the default `shell` tool for running commands (stable; on by default). |59| `features.shell_tool` | `boolean` | Enable the default `shell` tool for running commands (stable; on by default). |

58| `features.unified_exec` | `boolean` | Use the unified PTY-backed exec tool (beta). |60| `features.skill_mcp_dependency_install` | `boolean` | Allow prompting and installing missing MCP dependencies for skills (stable; on by default). |

59| `features.use_linux_sandbox_bwrap` | `boolean` | Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default). |61| `features.undo` | `boolean` | Enable undo support (stable; off by default). |

62| `features.unified_exec` | `boolean` | Use the unified PTY-backed exec tool (stable; enabled by default except on Windows). |

60| `features.web_search` | `boolean` | Deprecated legacy toggle; prefer the top-level `web_search` setting. |63| `features.web_search` | `boolean` | Deprecated legacy toggle; prefer the top-level `web_search` setting. |

61| `features.web_search_cached` | `boolean` | Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`. |64| `features.web_search_cached` | `boolean` | Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`. |

62| `features.web_search_request` | `boolean` | Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "live"`. |65| `features.web_search_request` | `boolean` | Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "live"`. |

67| `hide_agent_reasoning` | `boolean` | Suppress reasoning events in both the TUI and `codex exec` output. |70| `hide_agent_reasoning` | `boolean` | Suppress reasoning events in both the TUI and `codex exec` output. |

68| `history.max_bytes` | `number` | If set, caps the history file size in bytes by dropping oldest entries. |71| `history.max_bytes` | `number` | If set, caps the history file size in bytes by dropping oldest entries. |

69| `history.persistence` | `save-all | none` | Control whether Codex saves session transcripts to history.jsonl. |72| `history.persistence` | `save-all | none` | Control whether Codex saves session transcripts to history.jsonl. |

70| `include_apply_patch_tool` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |73| `hooks` | `table` | Lifecycle hooks configured inline in `config.toml`. Uses the same event schema as `hooks.json`; see the Hooks guide for examples and supported events. |

71| `instructions` | `string` | Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`. |74| `instructions` | `string` | Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`. |

72| `log_dir` | `string (path)` | Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`. |75| `log_dir` | `string (path)` | Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`. |

73| `mcp_oauth_callback_port` | `integer` | Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS. |76| `mcp_oauth_callback_port` | `integer` | Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS. |

82| `mcp_servers.<id>.enabled_tools` | `array<string>` | Allow list of tool names exposed by the MCP server. |85| `mcp_servers.<id>.enabled_tools` | `array<string>` | Allow list of tool names exposed by the MCP server. |

83| `mcp_servers.<id>.env` | `map<string,string>` | Environment variables forwarded to the MCP stdio server. |86| `mcp_servers.<id>.env` | `map<string,string>` | Environment variables forwarded to the MCP stdio server. |

84| `mcp_servers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables for an MCP HTTP server. |87| `mcp_servers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables for an MCP HTTP server. |

85| `mcp_servers.<id>.env_vars` | `array<string>` | Additional environment variables to whitelist for an MCP stdio server. |88| `mcp_servers.<id>.env_vars` | `array<string | { name = string, source = "local" | "remote" }>` | Additional environment variables to whitelist for an MCP stdio server. String entries default to `source = "local"`; use `source = "remote"` only with executor-backed remote stdio. |

89| `mcp_servers.<id>.experimental_environment` | `local | remote` | Experimental placement for an MCP server. `remote` starts stdio servers through a remote executor environment; streamable HTTP remote placement is not implemented. |

86| `mcp_servers.<id>.http_headers` | `map<string,string>` | Static HTTP headers included with each MCP HTTP request. |90| `mcp_servers.<id>.http_headers` | `map<string,string>` | Static HTTP headers included with each MCP HTTP request. |

91| `mcp_servers.<id>.oauth_resource` | `string` | Optional RFC 8707 OAuth resource parameter to include during MCP login. |

87| `mcp_servers.<id>.required` | `boolean` | When true, fail startup/resume if this enabled MCP server cannot initialize. |92| `mcp_servers.<id>.required` | `boolean` | When true, fail startup/resume if this enabled MCP server cannot initialize. |

93| `mcp_servers.<id>.scopes` | `array<string>` | OAuth scopes to request when authenticating to that MCP server. |

88| `mcp_servers.<id>.startup_timeout_ms` | `number` | Alias for `startup_timeout_sec` in milliseconds. |94| `mcp_servers.<id>.startup_timeout_ms` | `number` | Alias for `startup_timeout_sec` in milliseconds. |

89| `mcp_servers.<id>.startup_timeout_sec` | `number` | Override the default 10s startup timeout for an MCP server. |95| `mcp_servers.<id>.startup_timeout_sec` | `number` | Override the default 10s startup timeout for an MCP server. |

90| `mcp_servers.<id>.tool_timeout_sec` | `number` | Override the default 60s per-tool timeout for an MCP server. |96| `mcp_servers.<id>.tool_timeout_sec` | `number` | Override the default 60s per-tool timeout for an MCP server. |

91| `mcp_servers.<id>.url` | `string` | Endpoint for an MCP streamable HTTP server. |97| `mcp_servers.<id>.url` | `string` | Endpoint for an MCP streamable HTTP server. |

92| `model` | `string` | Model to use (e.g., `gpt-5-codex`). |98| `memories.consolidation_model` | `string` | Optional model override for global memory consolidation. |

99| `memories.disable_on_external_context` | `boolean` | When `true`, threads that use external context such as MCP tool calls, web search, or tool search are kept out of memory generation. Defaults to `false`. Legacy alias: `memories.no_memories_if_mcp_or_web_search`. |

100| `memories.extract_model` | `string` | Optional model override for per-thread memory extraction. |

101| `memories.generate_memories` | `boolean` | When `false`, newly created threads are not stored as memory-generation inputs. Defaults to `true`. |

102| `memories.max_raw_memories_for_consolidation` | `number` | Maximum recent raw memories retained for global consolidation. Defaults to `256` and is capped at `4096`. |

103| `memories.max_rollout_age_days` | `number` | Maximum age of threads considered for memory generation. Defaults to `30` and is clamped to `0`-`90`. |

104| `memories.max_rollouts_per_startup` | `number` | Maximum rollout candidates processed per startup pass. Defaults to `16` and is capped at `128`. |

105| `memories.max_unused_days` | `number` | Maximum days since a memory was last used before it becomes ineligible for consolidation. Defaults to `30` and is clamped to `0`-`365`. |

106| `memories.min_rate_limit_remaining_percent` | `number` | Minimum remaining percentage required in Codex rate-limit windows before memory generation starts. Defaults to `25` and is clamped to `0`-`100`. |

107| `memories.min_rollout_idle_hours` | `number` | Minimum idle time before a thread is considered for memory generation. Defaults to `6` and is clamped to `1`-`48`. |

108| `memories.use_memories` | `boolean` | When `false`, Codex skips injecting existing memories into future sessions. Defaults to `true`. |

109| `model` | `string` | Model to use (e.g., `gpt-5.5`). |

93| `model_auto_compact_token_limit` | `number` | Token threshold that triggers automatic history compaction (unset uses model defaults). |110| `model_auto_compact_token_limit` | `number` | Token threshold that triggers automatic history compaction (unset uses model defaults). |

94| `model_catalog_json` | `string (path)` | Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile. |111| `model_catalog_json` | `string (path)` | Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile. |

95| `model_context_window` | `number` | Context window tokens available to the active model. |112| `model_context_window` | `number` | Context window tokens available to the active model. |

96| `model_instructions_file` | `string (path)` | Replacement for built-in instructions instead of `AGENTS.md`. |113| `model_instructions_file` | `string (path)` | Replacement for built-in instructions instead of `AGENTS.md`. |

97| `model_provider` | `string` | Provider id from `model_providers` (default: `openai`). |114| `model_provider` | `string` | Provider id from `model_providers` (default: `openai`). |

115| `model_providers.<id>` | `table` | Custom provider definition. Built-in provider IDs (`openai`, `ollama`, and `lmstudio`) are reserved and cannot be overridden. |

116| `model_providers.<id>.auth` | `table` | Command-backed bearer token configuration for a custom provider. Do not combine with `env_key`, `experimental_bearer_token`, or `requires_openai_auth`. |

117| `model_providers.<id>.auth.args` | `array<string>` | Arguments passed to the token command. |

118| `model_providers.<id>.auth.command` | `string` | Command to run when Codex needs a bearer token. The command must print the token to stdout. |

119| `model_providers.<id>.auth.cwd` | `string (path)` | Working directory for the token command. |

120| `model_providers.<id>.auth.refresh_interval_ms` | `number` | How often Codex proactively refreshes the token in milliseconds (default: 300000). Set to `0` to refresh only after an authentication retry. |

121| `model_providers.<id>.auth.timeout_ms` | `number` | Maximum token command runtime in milliseconds (default: 5000). |

98| `model_providers.<id>.base_url` | `string` | API base URL for the model provider. |122| `model_providers.<id>.base_url` | `string` | API base URL for the model provider. |

99| `model_providers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables when present. |123| `model_providers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables when present. |

100| `model_providers.<id>.env_key` | `string` | Environment variable supplying the provider API key. |124| `model_providers.<id>.env_key` | `string` | Environment variable supplying the provider API key. |

107| `model_providers.<id>.requires_openai_auth` | `boolean` | The provider uses OpenAI authentication (defaults to false). |131| `model_providers.<id>.requires_openai_auth` | `boolean` | The provider uses OpenAI authentication (defaults to false). |

108| `model_providers.<id>.stream_idle_timeout_ms` | `number` | Idle timeout for SSE streams in milliseconds (default: 300000). |132| `model_providers.<id>.stream_idle_timeout_ms` | `number` | Idle timeout for SSE streams in milliseconds (default: 300000). |

109| `model_providers.<id>.stream_max_retries` | `number` | Retry count for SSE streaming interruptions (default: 5). |133| `model_providers.<id>.stream_max_retries` | `number` | Retry count for SSE streaming interruptions (default: 5). |

110| `model_providers.<id>.wire_api` | `chat | responses` | Protocol used by the provider (defaults to `chat` if omitted). |134| `model_providers.<id>.supports_websockets` | `boolean` | Whether that provider supports the Responses API WebSocket transport. |

135| `model_providers.<id>.wire_api` | `responses` | Protocol used by the provider. `responses` is the only supported value, and it is the default when omitted. |

111| `model_reasoning_effort` | `minimal | low | medium | high | xhigh` | Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent). |136| `model_reasoning_effort` | `minimal | low | medium | high | xhigh` | Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent). |

112| `model_reasoning_summary` | `auto | concise | detailed | none` | Select reasoning summary detail or disable summaries entirely. |137| `model_reasoning_summary` | `auto | concise | detailed | none` | Select reasoning summary detail or disable summaries entirely. |

113| `model_supports_reasoning_summaries` | `boolean` | Force Codex to send or not send reasoning metadata. |138| `model_supports_reasoning_summaries` | `boolean` | Force Codex to send or not send reasoning metadata. |

114| `model_verbosity` | `low | medium | high` | Control GPT-5 Responses API verbosity (defaults to `medium`). |139| `model_verbosity` | `low | medium | high` | Optional GPT-5 Responses API verbosity override; when unset, the selected model/preset default is used. |

115| `notice.hide_full_access_warning` | `boolean` | Track acknowledgement of the full access warning prompt. |140| `notice.hide_full_access_warning` | `boolean` | Track acknowledgement of the full access warning prompt. |

116| `notice.hide_gpt-5.1-codex-max_migration_prompt` | `boolean` | Track acknowledgement of the gpt-5.1-codex-max migration prompt. |141| `notice.hide_gpt-5.1-codex-max_migration_prompt` | `boolean` | Track acknowledgement of the gpt-5.1-codex-max migration prompt. |

117| `notice.hide_gpt5_1_migration_prompt` | `boolean` | Track acknowledgement of the GPT-5.1 migration prompt. |142| `notice.hide_gpt5_1_migration_prompt` | `boolean` | Track acknowledgement of the GPT-5.1 migration prompt. |

119| `notice.hide_world_writable_warning` | `boolean` | Track acknowledgement of the Windows world-writable directories warning. |144| `notice.hide_world_writable_warning` | `boolean` | Track acknowledgement of the Windows world-writable directories warning. |

120| `notice.model_migrations` | `map<string,string>` | Track acknowledged model migrations as old->new mappings. |145| `notice.model_migrations` | `map<string,string>` | Track acknowledged model migrations as old->new mappings. |

121| `notify` | `array<string>` | Command invoked for notifications; receives a JSON payload from Codex. |146| `notify` | `array<string>` | Command invoked for notifications; receives a JSON payload from Codex. |

147| `openai_base_url` | `string` | Base URL override for the built-in `openai` model provider. |

122| `oss_provider` | `lmstudio | ollama` | Default local provider used when running with `--oss` (defaults to prompting if unset). |148| `oss_provider` | `lmstudio | ollama` | Default local provider used when running with `--oss` (defaults to prompting if unset). |

123| `otel.environment` | `string` | Environment tag applied to emitted OpenTelemetry events (default: `dev`). |149| `otel.environment` | `string` | Environment tag applied to emitted OpenTelemetry events (default: `dev`). |

124| `otel.exporter` | `none | otlp-http | otlp-grpc` | Select the OpenTelemetry exporter and provide any endpoint metadata. |150| `otel.exporter` | `none | otlp-http | otlp-grpc` | Select the OpenTelemetry exporter and provide any endpoint metadata. |

129| `otel.exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL exporter TLS. |155| `otel.exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL exporter TLS. |

130| `otel.exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL exporter TLS. |156| `otel.exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL exporter TLS. |

131| `otel.log_user_prompt` | `boolean` | Opt in to exporting raw user prompts with OpenTelemetry logs. |157| `otel.log_user_prompt` | `boolean` | Opt in to exporting raw user prompts with OpenTelemetry logs. |

158| `otel.metrics_exporter` | `none | statsig | otlp-http | otlp-grpc` | Select the OpenTelemetry metrics exporter (defaults to `statsig`). |

132| `otel.trace_exporter` | `none | otlp-http | otlp-grpc` | Select the OpenTelemetry trace exporter and provide any endpoint metadata. |159| `otel.trace_exporter` | `none | otlp-http | otlp-grpc` | Select the OpenTelemetry trace exporter and provide any endpoint metadata. |

133| `otel.trace_exporter.<id>.endpoint` | `string` | Trace exporter endpoint for OTEL logs. |160| `otel.trace_exporter.<id>.endpoint` | `string` | Trace exporter endpoint for OTEL logs. |

134| `otel.trace_exporter.<id>.headers` | `map<string,string>` | Static headers included with OTEL trace exporter requests. |161| `otel.trace_exporter.<id>.headers` | `map<string,string>` | Static headers included with OTEL trace exporter requests. |

136| `otel.trace_exporter.<id>.tls.ca-certificate` | `string` | CA certificate path for OTEL trace exporter TLS. |163| `otel.trace_exporter.<id>.tls.ca-certificate` | `string` | CA certificate path for OTEL trace exporter TLS. |

137| `otel.trace_exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL trace exporter TLS. |164| `otel.trace_exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL trace exporter TLS. |

138| `otel.trace_exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL trace exporter TLS. |165| `otel.trace_exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL trace exporter TLS. |

166| `permissions.<name>.filesystem` | `table` | Named filesystem permission profile. Each key is an absolute path or special token such as `:minimal` or `:project_roots`. |

167| `permissions.<name>.filesystem.":project_roots".<subpath-or-glob>` | `"read" | "write" | "none"` | Scoped filesystem access relative to the detected project roots. Use `"."` for the root itself; glob subpaths such as `"**/*.env"` can deny reads with `"none"`. |

168| `permissions.<name>.filesystem.<path-or-glob>` | `"read" | "write" | "none" | table` | Grant direct access for a path, glob pattern, or special token, or scope nested entries under that root. Use `"none"` to deny reads for matching paths. |

169| `permissions.<name>.filesystem.glob_scan_max_depth` | `number` | Maximum depth for expanding deny-read glob patterns on platforms that snapshot matches before sandbox startup. Must be at least `1` when set. |

170| `permissions.<name>.network.allow_local_binding` | `boolean` | Permit local bind/listen operations through the managed proxy. |

171| `permissions.<name>.network.allow_upstream_proxy` | `boolean` | Allow the managed proxy to chain to another upstream proxy. |

172| `permissions.<name>.network.dangerously_allow_all_unix_sockets` | `boolean` | Allow the proxy to use arbitrary Unix sockets instead of the default restricted set. |

173| `permissions.<name>.network.dangerously_allow_non_loopback_proxy` | `boolean` | Permit non-loopback bind addresses for the managed proxy listener. |

174| `permissions.<name>.network.domains` | `map<string, allow | deny>` | Domain rules for the managed proxy. Use domain names or wildcard patterns as keys, with `allow` or `deny` values. |

175| `permissions.<name>.network.enable_socks5` | `boolean` | Expose a SOCKS5 listener when this permissions profile enables the managed network proxy. |

176| `permissions.<name>.network.enable_socks5_udp` | `boolean` | Allow UDP over the SOCKS5 listener when enabled. |

177| `permissions.<name>.network.enabled` | `boolean` | Enable network access for this named permissions profile. |

178| `permissions.<name>.network.mode` | `limited | full` | Network proxy mode used for subprocess traffic. |

179| `permissions.<name>.network.proxy_url` | `string` | HTTP proxy endpoint used when this permissions profile enables the managed network proxy. |

180| `permissions.<name>.network.socks_url` | `string` | SOCKS5 proxy endpoint used by this permissions profile. |

181| `permissions.<name>.network.unix_sockets` | `map<string, allow | none>` | Unix socket rules for the managed proxy. Use socket paths as keys, with `allow` or `none` values. |

139| `personality` | `none | friendly | pragmatic` | Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`. |182| `personality` | `none | friendly | pragmatic` | Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`. |

183| `plan_mode_reasoning_effort` | `none | minimal | low | medium | high | xhigh` | Plan-mode-specific reasoning override. When unset, Plan mode uses its built-in preset default. |

140| `profile` | `string` | Default profile applied at startup (equivalent to `--profile`). |184| `profile` | `string` | Default profile applied at startup (equivalent to `--profile`). |

141| `profiles.<name>.*` | `various` | Profile-scoped overrides for any of the supported configuration keys. |185| `profiles.<name>.*` | `various` | Profile-scoped overrides for any of the supported configuration keys. |

142| `profiles.<name>.experimental_use_freeform_apply_patch` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |186| `profiles.<name>.analytics.enabled` | `boolean` | Profile-scoped analytics enablement override. |

143| `profiles.<name>.experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec`. |187| `profiles.<name>.experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec`. |

144| `profiles.<name>.include_apply_patch_tool` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |

145| `profiles.<name>.model_catalog_json` | `string (path)` | Profile-scoped model catalog JSON path override (applied on startup only; overrides the top-level `model_catalog_json` for that profile). |188| `profiles.<name>.model_catalog_json` | `string (path)` | Profile-scoped model catalog JSON path override (applied on startup only; overrides the top-level `model_catalog_json` for that profile). |

189| `profiles.<name>.model_instructions_file` | `string (path)` | Profile-scoped replacement for the built-in instruction file. |

146| `profiles.<name>.oss_provider` | `lmstudio | ollama` | Profile-scoped OSS provider for `--oss` sessions. |190| `profiles.<name>.oss_provider` | `lmstudio | ollama` | Profile-scoped OSS provider for `--oss` sessions. |

147| `profiles.<name>.personality` | `none | friendly | pragmatic` | Profile-scoped communication style override for supported models. |191| `profiles.<name>.personality` | `none | friendly | pragmatic` | Profile-scoped communication style override for supported models. |

192| `profiles.<name>.plan_mode_reasoning_effort` | `none | minimal | low | medium | high | xhigh` | Profile-scoped Plan-mode reasoning override. |

193| `profiles.<name>.service_tier` | `flex | fast` | Profile-scoped service tier preference for new turns. |

194| `profiles.<name>.tools_view_image` | `boolean` | Enable or disable the `view_image` tool in that profile. |

148| `profiles.<name>.web_search` | `disabled | cached | live` | Profile-scoped web search mode override (default: `"cached"`). |195| `profiles.<name>.web_search` | `disabled | cached | live` | Profile-scoped web search mode override (default: `"cached"`). |

196| `profiles.<name>.windows.sandbox` | `unelevated | elevated` | Profile-scoped Windows sandbox mode override. |

149| `project_doc_fallback_filenames` | `array<string>` | Additional filenames to try when `AGENTS.md` is missing. |197| `project_doc_fallback_filenames` | `array<string>` | Additional filenames to try when `AGENTS.md` is missing. |

150| `project_doc_max_bytes` | `number` | Maximum bytes read from `AGENTS.md` when building project instructions. |198| `project_doc_max_bytes` | `number` | Maximum bytes read from `AGENTS.md` when building project instructions. |

151| `project_root_markers` | `array<string>` | List of project root marker filenames; used when searching parent directories for the project root. |199| `project_root_markers` | `array<string>` | List of project root marker filenames; used when searching parent directories for the project root. |

152| `projects.<path>.trust_level` | `string` | Mark a project or worktree as trusted or untrusted (`"trusted"` | `"untrusted"`). Untrusted projects skip project-scoped `.codex/` layers. |200| `projects.<path>.trust_level` | `string` | Mark a project or worktree as trusted or untrusted (`"trusted"` | `"untrusted"`). Untrusted projects skip project-scoped `.codex/` layers, including project-local config, hooks, and rules. |

153| `review_model` | `string` | Optional model override used by `/review` (defaults to the current session model). |201| `review_model` | `string` | Optional model override used by `/review` (defaults to the current session model). |

154| `sandbox_mode` | `read-only | workspace-write | danger-full-access` | Sandbox policy for filesystem and network access during command execution. |202| `sandbox_mode` | `read-only | workspace-write | danger-full-access` | Sandbox policy for filesystem and network access during command execution. |

155| `sandbox_workspace_write.exclude_slash_tmp` | `boolean` | Exclude `/tmp` from writable roots in workspace-write mode. |203| `sandbox_workspace_write.exclude_slash_tmp` | `boolean` | Exclude `/tmp` from writable roots in workspace-write mode. |

156| `sandbox_workspace_write.exclude_tmpdir_env_var` | `boolean` | Exclude `$TMPDIR` from writable roots in workspace-write mode. |204| `sandbox_workspace_write.exclude_tmpdir_env_var` | `boolean` | Exclude `$TMPDIR` from writable roots in workspace-write mode. |

157| `sandbox_workspace_write.network_access` | `boolean` | Allow outbound network access inside the workspace-write sandbox. |205| `sandbox_workspace_write.network_access` | `boolean` | Allow outbound network access inside the workspace-write sandbox. |

158| `sandbox_workspace_write.writable_roots` | `array<string>` | Additional writable roots when `sandbox_mode = "workspace-write"`. |206| `sandbox_workspace_write.writable_roots` | `array<string>` | Additional writable roots when `sandbox_mode = "workspace-write"`. |

207| `service_tier` | `flex | fast` | Preferred service tier for new turns. |

159| `shell_environment_policy.exclude` | `array<string>` | Glob patterns for removing environment variables after the defaults. |208| `shell_environment_policy.exclude` | `array<string>` | Glob patterns for removing environment variables after the defaults. |

160| `shell_environment_policy.experimental_use_profile` | `boolean` | Use the user shell profile when spawning subprocesses. |209| `shell_environment_policy.experimental_use_profile` | `boolean` | Use the user shell profile when spawning subprocesses. |

161| `shell_environment_policy.ignore_default_excludes` | `boolean` | Keep variables containing KEY/SECRET/TOKEN before other filters run. |210| `shell_environment_policy.ignore_default_excludes` | `boolean` | Keep variables containing KEY/SECRET/TOKEN before other filters run. |

166| `skills.config` | `array<object>` | Per-skill enablement overrides stored in config.toml. |215| `skills.config` | `array<object>` | Per-skill enablement overrides stored in config.toml. |

167| `skills.config.<index>.enabled` | `boolean` | Enable or disable the referenced skill. |216| `skills.config.<index>.enabled` | `boolean` | Enable or disable the referenced skill. |

168| `skills.config.<index>.path` | `string (path)` | Path to a skill folder containing `SKILL.md`. |217| `skills.config.<index>.path` | `string (path)` | Path to a skill folder containing `SKILL.md`. |

218| `sqlite_home` | `string (path)` | Directory where Codex stores the SQLite-backed state DB used by agent jobs and other resumable runtime state. |

169| `suppress_unstable_features_warning` | `boolean` | Suppress the warning that appears when under-development feature flags are enabled. |219| `suppress_unstable_features_warning` | `boolean` | Suppress the warning that appears when under-development feature flags are enabled. |

170| `tool_output_token_limit` | `number` | Token budget for storing individual tool/function outputs in history. |220| `tool_output_token_limit` | `number` | Token budget for storing individual tool/function outputs in history. |

171| `tools.web_search` | `boolean` | Deprecated legacy toggle for web search; prefer the top-level `web_search` setting. |221| `tool_suggest.discoverables` | `array<table>` | Allow tool suggestions for additional discoverable connectors or plugins. Each entry uses `type = "connector"` or `"plugin"` and an `id`. |

222| `tools.view_image` | `boolean` | Enable the local-image attachment tool `view_image`. |

223| `tools.web_search` | `boolean | { context_size = "low|medium|high", allowed_domains = [string], location = { country, region, city, timezone } }` | Optional web search tool configuration. The legacy boolean form is still accepted, but the object form lets you set search context size, allowed domains, and approximate user location. |

172| `tui` | `table` | TUI-specific options such as enabling inline desktop notifications. |224| `tui` | `table` | TUI-specific options such as enabling inline desktop notifications. |

173| `tui.alternate_screen` | `auto | always | never` | Control alternate screen usage for the TUI (default: auto; auto skips it in Zellij to preserve scrollback). |225| `tui.alternate_screen` | `auto | always | never` | Control alternate screen usage for the TUI (default: auto; auto skips it in Zellij to preserve scrollback). |

174| `tui.animations` | `boolean` | Enable terminal animations (welcome screen, shimmer, spinner) (default: true). |226| `tui.animations` | `boolean` | Enable terminal animations (welcome screen, shimmer, spinner) (default: true). |

175| `tui.notification_method` | `auto | osc9 | bel` | Notification method for unfocused terminal notifications (default: auto). |227| `tui.model_availability_nux.<model>` | `integer` | Internal startup-tooltip state keyed by model slug. |

228| `tui.notification_condition` | `unfocused | always` | Control whether TUI notifications fire only when the terminal is unfocused or regardless of focus. Defaults to `unfocused`. |

229| `tui.notification_method` | `auto | osc9 | bel` | Notification method for terminal notifications (default: auto). |

176| `tui.notifications` | `boolean | array<string>` | Enable TUI notifications; optionally restrict to specific event types. |230| `tui.notifications` | `boolean | array<string>` | Enable TUI notifications; optionally restrict to specific event types. |

177| `tui.show_tooltips` | `boolean` | Show onboarding tooltips in the TUI welcome screen (default: true). |231| `tui.show_tooltips` | `boolean` | Show onboarding tooltips in the TUI welcome screen (default: true). |

178| `tui.status_line` | `array<string> | null` | Ordered list of TUI footer status-line item identifiers. `null` disables the status line. |232| `tui.status_line` | `array<string> | null` | Ordered list of TUI footer status-line item identifiers. `null` disables the status line. |

233| `tui.terminal_title` | `array<string> | null` | Ordered list of terminal window/tab title item identifiers. Defaults to `["spinner", "project"]`; `null` disables title updates. |

234| `tui.theme` | `string` | Syntax-highlighting theme override (kebab-case theme name). |

179| `web_search` | `disabled | cached | live` | Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool. |235| `web_search` | `disabled | cached | live` | Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool. |

180| `windows_wsl_setup_acknowledged` | `boolean` | Track Windows onboarding acknowledgement (Windows only). |236| `windows_wsl_setup_acknowledged` | `boolean` | Track Windows onboarding acknowledgement (Windows only). |

237| `windows.sandbox` | `unelevated | elevated` | Windows-only native sandbox mode when running Codex natively on Windows. |

238| `windows.sandbox_private_desktop` | `boolean` | Run the final sandboxed child process on a private desktop by default on native Windows. Set `false` only for compatibility with the older `Winsta0\\Default` behavior. |

181 239 

182Key240Key

183 241 

205 263 

206Key264Key

207 265 

266`agents.<name>.nickname_candidates`

267 

268Type / Values

269 

270`array<string>`

271 

272Details

273 

274Optional pool of display nicknames for spawned agents in that role.

275 

276Key

277 

278`agents.job_max_runtime_seconds`

279 

280Type / Values

281 

282`number`

283 

284Details

285 

286Default per-worker timeout for `spawn_agents_on_csv` jobs. When unset, the tool falls back to 1800 seconds per worker.

287 

288Key

289 

208`agents.max_depth`290`agents.max_depth`

209 291 

210Type / Values292Type / Values

225 307 

226Details308Details

227 309 

228Maximum number of agent threads that can be open concurrently.310Maximum number of agent threads that can be open concurrently. Defaults to `6` when unset.

229 311 

230Key312Key

231 313 

241 323 

242Key324Key

243 325 

326`analytics.enabled`

327 

328Type / Values

329 

330`boolean`

331 

332Details

333 

334Enable or disable analytics for this machine/profile. When unset, the client default applies.

335 

336Key

337 

244`approval_policy`338`approval_policy`

245 339 

246Type / Values340Type / Values

247 341 

248`untrusted | on-request | never | { reject = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool } }`342`untrusted | on-request | never | { granular = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool, request_permissions = bool, skill_approval = bool } }`

343 

344Details

345 

346Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { granular = { ... } }` to allow or auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs.

347 

348Key

349 

350`approval_policy.granular.mcp_elicitations`

351 

352Type / Values

353 

354`boolean`

355 

356Details

357 

358When `true`, MCP elicitation prompts are allowed to surface instead of being auto-rejected.

359 

360Key

361 

362`approval_policy.granular.request_permissions`

363 

364Type / Values

365 

366`boolean`

249 367 

250Details368Details

251 369 

252Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { reject = { ... } }` to auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs.370When `true`, prompts from the `request_permissions` tool are allowed to surface.

253 371 

254Key372Key

255 373 

256`approval_policy.reject.mcp_elicitations`374`approval_policy.granular.rules`

257 375 

258Type / Values376Type / Values

259 377 

261 379 

262Details380Details

263 381 

264When `true`, MCP elicitation prompts are auto-rejected instead of shown to the user.382When `true`, approvals triggered by execpolicy `prompt` rules are allowed to surface.

265 383 

266Key384Key

267 385 

268`approval_policy.reject.rules`386`approval_policy.granular.sandbox_approval`

269 387 

270Type / Values388Type / Values

271 389 

273 391 

274Details392Details

275 393 

276When `true`, approvals triggered by execpolicy `prompt` rules are auto-rejected.394When `true`, sandbox escalation approval prompts are allowed to surface.

277 395 

278Key396Key

279 397 

280`approval_policy.reject.sandbox_approval`398`approval_policy.granular.skill_approval`

281 399 

282Type / Values400Type / Values

283 401 

285 403 

286Details404Details

287 405 

288When `true`, sandbox escalation approval prompts are auto-rejected.406When `true`, skill-script approval prompts are allowed to surface.

407 

408Key

409 

410`approvals_reviewer`

411 

412Type / Values

413 

414`user | auto_review`

415 

416Details

417 

418Who reviews eligible approval prompts under `on-request` or granular approval policies. Defaults to `user`; `auto_review` uses the reviewer subagent. This setting doesn't change sandboxing or review actions already allowed inside the sandbox.

289 419 

290Key420Key

291 421 

409 539 

410Key540Key

411 541 

542`auto_review.policy`

543 

544Type / Values

545 

546`string`

547 

548Details

549 

550Local Markdown policy instructions for automatic review. Managed `guardian_policy_config` takes precedence. Blank values are ignored.

551 

552Key

553 

412`background_terminal_max_timeout`554`background_terminal_max_timeout`

413 555 

414Type / Values556Type / Values

457 599 

458Key600Key

459 601 

460`compact_prompt`602`commit_attribution`

461 603 

462Type / Values604Type / Values

463 605 

465 607 

466Details608Details

467 609 

468Inline override for the history compaction prompt.610Override the commit co-author trailer text. Set an empty string to disable automatic attribution.

469 611 

470Key612Key

471 613 

472`developer_instructions`614`compact_prompt`

473 615 

474Type / Values616Type / Values

475 617 

477 619 

478Details620Details

479 621 

480Additional developer instructions injected into the session (optional).622Inline override for the history compaction prompt.

481 623 

482Key624Key

483 625 

484`disable_paste_burst`626`default_permissions`

485 627 

486Type / Values628Type / Values

487 629 

488`boolean`630`string`

489 631 

490Details632Details

491 633 

492Disable burst-paste detection in the TUI.634Name of the default permissions profile to apply to sandboxed tool calls.

493 635 

494Key636Key

495 637 

496`experimental_compact_prompt_file`638`developer_instructions`

497 639 

498Type / Values640Type / Values

499 641 

500`string (path)`642`string`

501 643 

502Details644Details

503 645 

504Load the compaction prompt override from a file (experimental).646Additional developer instructions injected into the session (optional).

505 647 

506Key648Key

507 649 

508`experimental_use_freeform_apply_patch`650`disable_paste_burst`

509 651 

510Type / Values652Type / Values

511 653 

513 655 

514Details656Details

515 657 

516Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform` or `codex --enable apply_patch_freeform`.658Disable burst-paste detection in the TUI.

517 659 

518Key660Key

519 661 

520`experimental_use_unified_exec_tool`662`experimental_compact_prompt_file`

521 663 

522Type / Values664Type / Values

523 665 

524`boolean`666`string (path)`

525 667 

526Details668Details

527 669 

528Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`.670Load the compaction prompt override from a file (experimental).

529 671 

530Key672Key

531 673 

532`features.apply_patch_freeform`674`experimental_use_unified_exec_tool`

533 675 

534Type / Values676Type / Values

535 677 

537 679 

538Details680Details

539 681 

540Expose the freeform `apply_patch` tool (experimental).682Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`.

541 683 

542Key684Key

543 685 

553 695 

554Key696Key

555 697 

556`features.apps_mcp_gateway`698`features.codex_hooks`

557 

558Type / Values

559 

560`boolean`

561 

562Details

563 

564Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental).

565 

566Key

567 

568`features.child_agents_md`

569 699 

570Type / Values700Type / Values

571 701 

573 703 

574Details704Details

575 705 

576Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental).706Enable lifecycle hooks loaded from `hooks.json` or inline `[hooks]` config.

577 707 

578Key708Key

579 709 

580`features.collaboration_modes`710`features.enable_request_compression`

581 711 

582Type / Values712Type / Values

583 713 

585 715 

586Details716Details

587 717 

588Enable collaboration modes such as plan mode (stable; on by default).718Compress streaming request bodies with zstd when supported (stable; on by default).

589 719 

590Key720Key

591 721 

592`features.elevated_windows_sandbox`722`features.fast_mode`

593 723 

594Type / Values724Type / Values

595 725 

597 727 

598Details728Details

599 729 

600Enable the elevated Windows sandbox pipeline (experimental).730Enable Fast mode selection and the `service_tier = "fast"` path (stable; on by default).

601 731 

602Key732Key

603 733 

604`features.experimental_windows_sandbox`734`features.memories`

605 735 

606Type / Values736Type / Values

607 737 

609 739 

610Details740Details

611 741 

612Run the Windows restricted-token sandbox (experimental).742Enable [Memories](https://developers.openai.com/codex/memories) (off by default).

613 743 

614Key744Key

615 745 

621 751 

622Details752Details

623 753 

624Enable multi-agent collaboration tools (`spawn\_agent`, `send\_input`, `resume\_agent`, `wait`, and `close\_agent`) (experimental; off by default).754Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait_agent`, and `close_agent`) (stable; on by default).

625 755 

626Key756Key

627 757 

637 767 

638Key768Key

639 769 

640`features.powershell_utf8`770`features.prevent_idle_sleep`

641 

642Type / Values

643 

644`boolean`

645 

646Details

647 

648Force PowerShell UTF-8 output (defaults to true).

649 

650Key

651 

652`features.remote_models`

653 

654Type / Values

655 

656`boolean`

657 

658Details

659 

660Refresh remote model list before showing readiness (experimental).

661 

662Key

663 

664`features.request_rule`

665 771 

666Type / Values772Type / Values

667 773 

669 775 

670Details776Details

671 777 

672Enable Smart approvals (`prefix_rule` suggestions on escalation requests; stable; on by default).778Prevent the machine from sleeping while a turn is actively running (experimental; off by default).

673 779 

674Key780Key

675 781 

676`features.runtime_metrics`782`features.shell_snapshot`

677 783 

678Type / Values784Type / Values

679 785 

681 787 

682Details788Details

683 789 

684Show runtime metrics summary in TUI turn separators (experimental).790Snapshot shell environment to speed up repeated commands (stable; on by default).

685 791 

686Key792Key

687 793 

688`features.search_tool`794`features.shell_tool`

689 795 

690Type / Values796Type / Values

691 797 

693 799 

694Details800Details

695 801 

696Enable `search_tool_bm25` for Apps tool discovery before invoking app MCP tools (experimental).802Enable the default `shell` tool for running commands (stable; on by default).

697 803 

698Key804Key

699 805 

700`features.shell_snapshot`806`features.skill_mcp_dependency_install`

701 807 

702Type / Values808Type / Values

703 809 

705 811 

706Details812Details

707 813 

708Snapshot shell environment to speed up repeated commands (beta).814Allow prompting and installing missing MCP dependencies for skills (stable; on by default).

709 815 

710Key816Key

711 817 

712`features.shell_tool`818`features.undo`

713 819 

714Type / Values820Type / Values

715 821 

717 823 

718Details824Details

719 825 

720Enable the default `shell` tool for running commands (stable; on by default).826Enable undo support (stable; off by default).

721 827 

722Key828Key

723 829 

729 835 

730Details836Details

731 837 

732Use the unified PTY-backed exec tool (beta).838Use the unified PTY-backed exec tool (stable; enabled by default except on Windows).

733 

734Key

735 

736`features.use_linux_sandbox_bwrap`

737 

738Type / Values

739 

740`boolean`

741 

742Details

743 

744Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default).

745 839 

746Key840Key

747 841 

865 959 

866Key960Key

867 961 

868`include_apply_patch_tool`962`hooks`

869 963 

870Type / Values964Type / Values

871 965 

872`boolean`966`table`

873 967 

874Details968Details

875 969 

876Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.970Lifecycle hooks configured inline in `config.toml`. Uses the same event schema as `hooks.json`; see the Hooks guide for examples and supported events.

877 971 

878Key972Key

879 973 

1049 1143 

1050Type / Values1144Type / Values

1051 1145 

1052`array<string>`1146`array<string | { name = string, source = "local" | "remote" }>`

1053 1147 

1054Details1148Details

1055 1149 

1056Additional environment variables to whitelist for an MCP stdio server.1150Additional environment variables to whitelist for an MCP stdio server. String entries default to `source = "local"`; use `source = "remote"` only with executor-backed remote stdio.

1151 

1152Key

1153 

1154`mcp_servers.<id>.experimental_environment`

1155 

1156Type / Values

1157 

1158`local | remote`

1159 

1160Details

1161 

1162Experimental placement for an MCP server. `remote` starts stdio servers through a remote executor environment; streamable HTTP remote placement is not implemented.

1057 1163 

1058Key1164Key

1059 1165 

1069 1175 

1070Key1176Key

1071 1177 

1178`mcp_servers.<id>.oauth_resource`

1179 

1180Type / Values

1181 

1182`string`

1183 

1184Details

1185 

1186Optional RFC 8707 OAuth resource parameter to include during MCP login.

1187 

1188Key

1189 

1072`mcp_servers.<id>.required`1190`mcp_servers.<id>.required`

1073 1191 

1074Type / Values1192Type / Values

1081 1199 

1082Key1200Key

1083 1201 

1202`mcp_servers.<id>.scopes`

1203 

1204Type / Values

1205 

1206`array<string>`

1207 

1208Details

1209 

1210OAuth scopes to request when authenticating to that MCP server.

1211 

1212Key

1213 

1084`mcp_servers.<id>.startup_timeout_ms`1214`mcp_servers.<id>.startup_timeout_ms`

1085 1215 

1086Type / Values1216Type / Values

1129 1259 

1130Key1260Key

1131 1261 

1132`model`1262`memories.consolidation_model`

1133 1263 

1134Type / Values1264Type / Values

1135 1265 

1137 1267 

1138Details1268Details

1139 1269 

1140Model to use (e.g., `gpt-5-codex`).1270Optional model override for global memory consolidation.

1141 1271 

1142Key1272Key

1143 1273 

1144`model_auto_compact_token_limit`1274`memories.disable_on_external_context`

1145 1275 

1146Type / Values1276Type / Values

1147 1277 

1148`number`1278`boolean`

1149 1279 

1150Details1280Details

1151 1281 

1152Token threshold that triggers automatic history compaction (unset uses model defaults).1282When `true`, threads that use external context such as MCP tool calls, web search, or tool search are kept out of memory generation. Defaults to `false`. Legacy alias: `memories.no_memories_if_mcp_or_web_search`.

1153 1283 

1154Key1284Key

1155 1285 

1156`model_catalog_json`1286`memories.extract_model`

1157 1287 

1158Type / Values1288Type / Values

1159 1289 

1160`string (path)`1290`string`

1161 1291 

1162Details1292Details

1163 1293 

1164Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile.1294Optional model override for per-thread memory extraction.

1165 1295 

1166Key1296Key

1167 1297 

1168`model_context_window`1298`memories.generate_memories`

1169 1299 

1170Type / Values1300Type / Values

1171 1301 

1172`number`1302`boolean`

1173 1303 

1174Details1304Details

1175 1305 

1176Context window tokens available to the active model.1306When `false`, newly created threads are not stored as memory-generation inputs. Defaults to `true`.

1177 1307 

1178Key1308Key

1179 1309 

1180`model_instructions_file`1310`memories.max_raw_memories_for_consolidation`

1181 1311 

1182Type / Values1312Type / Values

1183 1313 

1184`string (path)`1314`number`

1185 1315 

1186Details1316Details

1187 1317 

1188Replacement for built-in instructions instead of `AGENTS.md`.1318Maximum recent raw memories retained for global consolidation. Defaults to `256` and is capped at `4096`.

1189 1319 

1190Key1320Key

1191 1321 

1192`model_provider`1322`memories.max_rollout_age_days`

1193 1323 

1194Type / Values1324Type / Values

1195 1325 

1196`string`1326`number`

1197 1327 

1198Details1328Details

1199 1329 

1200Provider id from `model_providers` (default: `openai`).1330Maximum age of threads considered for memory generation. Defaults to `30` and is clamped to `0`-`90`.

1201 1331 

1202Key1332Key

1203 1333 

1204`model_providers.<id>.base_url`1334`memories.max_rollouts_per_startup`

1205 1335 

1206Type / Values1336Type / Values

1207 1337 

1208`string`1338`number`

1209 1339 

1210Details1340Details

1211 1341 

1212API base URL for the model provider.1342Maximum rollout candidates processed per startup pass. Defaults to `16` and is capped at `128`.

1213 1343 

1214Key1344Key

1215 1345 

1216`model_providers.<id>.env_http_headers`1346`memories.max_unused_days`

1217 1347 

1218Type / Values1348Type / Values

1219 1349 

1220`map<string,string>`1350`number`

1221 1351 

1222Details1352Details

1223 1353 

1224HTTP headers populated from environment variables when present.1354Maximum days since a memory was last used before it becomes ineligible for consolidation. Defaults to `30` and is clamped to `0`-`365`.

1225 1355 

1226Key1356Key

1227 1357 

1228`model_providers.<id>.env_key`1358`memories.min_rate_limit_remaining_percent`

1229 1359 

1230Type / Values1360Type / Values

1231 1361 

1232`string`1362`number`

1233 1363 

1234Details1364Details

1235 1365 

1236Environment variable supplying the provider API key.1366Minimum remaining percentage required in Codex rate-limit windows before memory generation starts. Defaults to `25` and is clamped to `0`-`100`.

1237 1367 

1238Key1368Key

1239 1369 

1240`model_providers.<id>.env_key_instructions`1370`memories.min_rollout_idle_hours`

1241 1371 

1242Type / Values1372Type / Values

1243 1373 

1244`string`1374`number`

1245 1375 

1246Details1376Details

1247 1377 

1248Optional setup guidance for the provider API key.1378Minimum idle time before a thread is considered for memory generation. Defaults to `6` and is clamped to `1`-`48`.

1249 1379 

1250Key1380Key

1251 1381 

1252`model_providers.<id>.experimental_bearer_token`1382`memories.use_memories`

1253 1383 

1254Type / Values1384Type / Values

1255 1385 

1256`string`1386`boolean`

1257 1387 

1258Details1388Details

1259 1389 

1260Direct bearer token for the provider (discouraged; use `env_key`).1390When `false`, Codex skips injecting existing memories into future sessions. Defaults to `true`.

1261 1391 

1262Key1392Key

1263 1393 

1264`model_providers.<id>.http_headers`1394`model`

1265 1395 

1266Type / Values1396Type / Values

1267 1397 

1268`map<string,string>`1398`string`

1269 1399 

1270Details1400Details

1271 1401 

1272Static HTTP headers added to provider requests.1402Model to use (e.g., `gpt-5.5`).

1273 1403 

1274Key1404Key

1275 1405 

1276`model_providers.<id>.name`1406`model_auto_compact_token_limit`

1277 1407 

1278Type / Values1408Type / Values

1279 1409 

1280`string`1410`number`

1281 1411 

1282Details1412Details

1283 1413 

1284Display name for a custom model provider.1414Token threshold that triggers automatic history compaction (unset uses model defaults).

1285 1415 

1286Key1416Key

1287 1417 

1288`model_providers.<id>.query_params`1418`model_catalog_json`

1289 1419 

1290Type / Values1420Type / Values

1291 1421 

1292`map<string,string>`1422`string (path)`

1293 1423 

1294Details1424Details

1295 1425 

1296Extra query parameters appended to provider requests.1426Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile.

1297 1427 

1298Key1428Key

1299 1429 

1300`model_providers.<id>.request_max_retries`1430`model_context_window`

1301 1431 

1302Type / Values1432Type / Values

1303 1433 

1305 1435 

1306Details1436Details

1307 1437 

1308Retry count for HTTP requests to the provider (default: 4).1438Context window tokens available to the active model.

1309 1439 

1310Key1440Key

1311 1441 

1312`model_providers.<id>.requires_openai_auth`1442`model_instructions_file`

1313 1443 

1314Type / Values1444Type / Values

1315 1445 

1316`boolean`1446`string (path)`

1317 1447 

1318Details1448Details

1319 1449 

1320The provider uses OpenAI authentication (defaults to false).1450Replacement for built-in instructions instead of `AGENTS.md`.

1321 1451 

1322Key1452Key

1323 1453 

1324`model_providers.<id>.stream_idle_timeout_ms`1454`model_provider`

1325 1455 

1326Type / Values1456Type / Values

1327 1457 

1328`number`1458`string`

1329 1459 

1330Details1460Details

1331 1461 

1332Idle timeout for SSE streams in milliseconds (default: 300000).1462Provider id from `model_providers` (default: `openai`).

1333 1463 

1334Key1464Key

1335 1465 

1336`model_providers.<id>.stream_max_retries`1466`model_providers.<id>`

1337 1467 

1338Type / Values1468Type / Values

1339 1469 

1340`number`1470`table`

1341 1471 

1342Details1472Details

1343 1473 

1344Retry count for SSE streaming interruptions (default: 5).1474Custom provider definition. Built-in provider IDs (`openai`, `ollama`, and `lmstudio`) are reserved and cannot be overridden.

1345 1475 

1346Key1476Key

1347 1477 

1348`model_providers.<id>.wire_api`1478`model_providers.<id>.auth`

1349 1479 

1350Type / Values1480Type / Values

1351 1481 

1352`chat | responses`1482`table`

1353 1483 

1354Details1484Details

1355 1485 

1356Protocol used by the provider (defaults to `chat` if omitted).1486Command-backed bearer token configuration for a custom provider. Do not combine with `env_key`, `experimental_bearer_token`, or `requires_openai_auth`.

1357 1487 

1358Key1488Key

1359 1489 

1360`model_reasoning_effort`1490`model_providers.<id>.auth.args`

1361 1491 

1362Type / Values1492Type / Values

1363 1493 

1364`minimal | low | medium | high | xhigh`1494`array<string>`

1365 1495 

1366Details1496Details

1367 1497 

1368Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent).1498Arguments passed to the token command.

1369 1499 

1370Key1500Key

1371 1501 

1372`model_reasoning_summary`1502`model_providers.<id>.auth.command`

1373 1503 

1374Type / Values1504Type / Values

1375 1505 

1376`auto | concise | detailed | none`1506`string`

1377 1507 

1378Details1508Details

1379 1509 

1380Select reasoning summary detail or disable summaries entirely.1510Command to run when Codex needs a bearer token. The command must print the token to stdout.

1381 1511 

1382Key1512Key

1383 1513 

1384`model_supports_reasoning_summaries`1514`model_providers.<id>.auth.cwd`

1385 1515 

1386Type / Values1516Type / Values

1387 1517 

1388`boolean`1518`string (path)`

1389 1519 

1390Details1520Details

1391 1521 

1392Force Codex to send or not send reasoning metadata.1522Working directory for the token command.

1393 1523 

1394Key1524Key

1395 1525 

1396`model_verbosity`1526`model_providers.<id>.auth.refresh_interval_ms`

1397 1527 

1398Type / Values1528Type / Values

1399 1529 

1400`low | medium | high`1530`number`

1401 1531 

1402Details1532Details

1403 1533 

1404Control GPT-5 Responses API verbosity (defaults to `medium`).1534How often Codex proactively refreshes the token in milliseconds (default: 300000). Set to `0` to refresh only after an authentication retry.

1405 1535 

1406Key1536Key

1407 1537 

1408`notice.hide_full_access_warning`1538`model_providers.<id>.auth.timeout_ms`

1409 1539 

1410Type / Values1540Type / Values

1411 1541 

1412`boolean`1542`number`

1413 1543 

1414Details1544Details

1415 1545 

1416Track acknowledgement of the full access warning prompt.1546Maximum token command runtime in milliseconds (default: 5000).

1417 1547 

1418Key1548Key

1419 1549 

1420`notice.hide_gpt-5.1-codex-max_migration_prompt`1550`model_providers.<id>.base_url`

1421 1551 

1422Type / Values1552Type / Values

1423 1553 

1424`boolean`1554`string`

1425 1555 

1426Details1556Details

1427 1557 

1428Track acknowledgement of the gpt-5.1-codex-max migration prompt.1558API base URL for the model provider.

1429 1559 

1430Key1560Key

1431 1561 

1432`notice.hide_gpt5_1_migration_prompt`1562`model_providers.<id>.env_http_headers`

1433 1563 

1434Type / Values1564Type / Values

1435 1565 

1436`boolean`1566`map<string,string>`

1437 1567 

1438Details1568Details

1439 1569 

1440Track acknowledgement of the GPT-5.1 migration prompt.1570HTTP headers populated from environment variables when present.

1441 1571 

1442Key1572Key

1443 1573 

1444`notice.hide_rate_limit_model_nudge`1574`model_providers.<id>.env_key`

1445 1575 

1446Type / Values1576Type / Values

1447 1577 

1448`boolean`1578`string`

1449 1579 

1450Details1580Details

1451 1581 

1452Track opt-out of the rate limit model switch reminder.1582Environment variable supplying the provider API key.

1453 1583 

1454Key1584Key

1455 1585 

1456`notice.hide_world_writable_warning`1586`model_providers.<id>.env_key_instructions`

1457 1587 

1458Type / Values1588Type / Values

1459 1589 

1460`boolean`1590`string`

1461 1591 

1462Details1592Details

1463 1593 

1464Track acknowledgement of the Windows world-writable directories warning.1594Optional setup guidance for the provider API key.

1465 1595 

1466Key1596Key

1467 1597 

1468`notice.model_migrations`1598`model_providers.<id>.experimental_bearer_token`

1469 1599 

1470Type / Values1600Type / Values

1471 1601 

1472`map<string,string>`1602`string`

1473 1603 

1474Details1604Details

1475 1605 

1476Track acknowledged model migrations as old->new mappings.1606Direct bearer token for the provider (discouraged; use `env_key`).

1477 1607 

1478Key1608Key

1479 1609 

1480`notify`1610`model_providers.<id>.http_headers`

1481 1611 

1482Type / Values1612Type / Values

1483 1613 

1484`array<string>`1614`map<string,string>`

1485 1615 

1486Details1616Details

1487 1617 

1488Command invoked for notifications; receives a JSON payload from Codex.1618Static HTTP headers added to provider requests.

1489 1619 

1490Key1620Key

1491 1621 

1492`oss_provider`1622`model_providers.<id>.name`

1493 1623 

1494Type / Values1624Type / Values

1495 1625 

1496`lmstudio | ollama`1626`string`

1497 1627 

1498Details1628Details

1499 1629 

1500Default local provider used when running with `--oss` (defaults to prompting if unset).1630Display name for a custom model provider.

1501 1631 

1502Key1632Key

1503 1633 

1504`otel.environment`1634`model_providers.<id>.query_params`

1505 1635 

1506Type / Values1636Type / Values

1507 1637 

1508`string`1638`map<string,string>`

1509 1639 

1510Details1640Details

1511 1641 

1512Environment tag applied to emitted OpenTelemetry events (default: `dev`).1642Extra query parameters appended to provider requests.

1513 1643 

1514Key1644Key

1515 1645 

1516`otel.exporter`1646`model_providers.<id>.request_max_retries`

1517 1647 

1518Type / Values1648Type / Values

1519 1649 

1520`none | otlp-http | otlp-grpc`1650`number`

1521 1651 

1522Details1652Details

1523 1653 

1524Select the OpenTelemetry exporter and provide any endpoint metadata.1654Retry count for HTTP requests to the provider (default: 4).

1525 1655 

1526Key1656Key

1527 1657 

1528`otel.exporter.<id>.endpoint`1658`model_providers.<id>.requires_openai_auth`

1529 1659 

1530Type / Values1660Type / Values

1531 1661 

1532`string`1662`boolean`

1533 1663 

1534Details1664Details

1535 1665 

1536Exporter endpoint for OTEL logs.1666The provider uses OpenAI authentication (defaults to false).

1537 1667 

1538Key1668Key

1539 1669 

1540`otel.exporter.<id>.headers`1670`model_providers.<id>.stream_idle_timeout_ms`

1541 1671 

1542Type / Values1672Type / Values

1543 1673 

1544`map<string,string>`1674`number`

1545 1675 

1546Details1676Details

1547 1677 

1548Static headers included with OTEL exporter requests.1678Idle timeout for SSE streams in milliseconds (default: 300000).

1549 1679 

1550Key1680Key

1551 1681 

1552`otel.exporter.<id>.protocol`1682`model_providers.<id>.stream_max_retries`

1553 1683 

1554Type / Values1684Type / Values

1555 1685 

1556`binary | json`1686`number`

1557 1687 

1558Details1688Details

1559 1689 

1560Protocol used by the OTLP/HTTP exporter.1690Retry count for SSE streaming interruptions (default: 5).

1561 1691 

1562Key1692Key

1563 1693 

1564`otel.exporter.<id>.tls.ca-certificate`1694`model_providers.<id>.supports_websockets`

1565 1695 

1566Type / Values1696Type / Values

1567 1697 

1568`string`1698`boolean`

1569 1699 

1570Details1700Details

1571 1701 

1572CA certificate path for OTEL exporter TLS.1702Whether that provider supports the Responses API WebSocket transport.

1573 1703 

1574Key1704Key

1575 1705 

1576`otel.exporter.<id>.tls.client-certificate`1706`model_providers.<id>.wire_api`

1577 1707 

1578Type / Values1708Type / Values

1579 1709 

1580`string`1710`responses`

1581 1711 

1582Details1712Details

1583 1713 

1584Client certificate path for OTEL exporter TLS.1714Protocol used by the provider. `responses` is the only supported value, and it is the default when omitted.

1585 1715 

1586Key1716Key

1587 1717 

1588`otel.exporter.<id>.tls.client-private-key`1718`model_reasoning_effort`

1589 1719 

1590Type / Values1720Type / Values

1591 1721 

1592`string`1722`minimal | low | medium | high | xhigh`

1593 1723 

1594Details1724Details

1595 1725 

1596Client private key path for OTEL exporter TLS.1726Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent).

1597 1727 

1598Key1728Key

1599 1729 

1600`otel.log_user_prompt`1730`model_reasoning_summary`

1601 1731 

1602Type / Values1732Type / Values

1603 1733 

1604`boolean`1734`auto | concise | detailed | none`

1605 1735 

1606Details1736Details

1607 1737 

1608Opt in to exporting raw user prompts with OpenTelemetry logs.1738Select reasoning summary detail or disable summaries entirely.

1609 1739 

1610Key1740Key

1611 1741 

1612`otel.trace_exporter`1742`model_supports_reasoning_summaries`

1613 1743 

1614Type / Values1744Type / Values

1615 1745 

1616`none | otlp-http | otlp-grpc`1746`boolean`

1617 1747 

1618Details1748Details

1619 1749 

1620Select the OpenTelemetry trace exporter and provide any endpoint metadata.1750Force Codex to send or not send reasoning metadata.

1621 1751 

1622Key1752Key

1623 1753 

1624`otel.trace_exporter.<id>.endpoint`1754`model_verbosity`

1625 1755 

1626Type / Values1756Type / Values

1627 1757 

1628`string`1758`low | medium | high`

1629 1759 

1630Details1760Details

1631 1761 

1632Trace exporter endpoint for OTEL logs.1762Optional GPT-5 Responses API verbosity override; when unset, the selected model/preset default is used.

1633 1763 

1634Key1764Key

1635 1765 

1636`otel.trace_exporter.<id>.headers`1766`notice.hide_full_access_warning`

1637 1767 

1638Type / Values1768Type / Values

1639 1769 

1640`map<string,string>`1770`boolean`

1641 1771 

1642Details1772Details

1643 1773 

1644Static headers included with OTEL trace exporter requests.1774Track acknowledgement of the full access warning prompt.

1645 1775 

1646Key1776Key

1647 1777 

1648`otel.trace_exporter.<id>.protocol`1778`notice.hide_gpt-5.1-codex-max_migration_prompt`

1649 1779 

1650Type / Values1780Type / Values

1651 1781 

1652`binary | json`1782`boolean`

1653 1783 

1654Details1784Details

1655 1785 

1656Protocol used by the OTLP/HTTP trace exporter.1786Track acknowledgement of the gpt-5.1-codex-max migration prompt.

1657 1787 

1658Key1788Key

1659 1789 

1660`otel.trace_exporter.<id>.tls.ca-certificate`1790`notice.hide_gpt5_1_migration_prompt`

1661 1791 

1662Type / Values1792Type / Values

1663 1793 

1664`string`1794`boolean`

1665 1795 

1666Details1796Details

1667 1797 

1668CA certificate path for OTEL trace exporter TLS.1798Track acknowledgement of the GPT-5.1 migration prompt.

1669 1799 

1670Key1800Key

1671 1801 

1672`otel.trace_exporter.<id>.tls.client-certificate`1802`notice.hide_rate_limit_model_nudge`

1673 1803 

1674Type / Values1804Type / Values

1675 1805 

1676`string`1806`boolean`

1677 1807 

1678Details1808Details

1679 1809 

1680Client certificate path for OTEL trace exporter TLS.1810Track opt-out of the rate limit model switch reminder.

1681 1811 

1682Key1812Key

1683 1813 

1684`otel.trace_exporter.<id>.tls.client-private-key`1814`notice.hide_world_writable_warning`

1685 1815 

1686Type / Values1816Type / Values

1687 1817 

1688`string`1818`boolean`

1689 1819 

1690Details1820Details

1691 1821 

1692Client private key path for OTEL trace exporter TLS.1822Track acknowledgement of the Windows world-writable directories warning.

1693 1823 

1694Key1824Key

1695 1825 

1696`personality`1826`notice.model_migrations`

1697 1827 

1698Type / Values1828Type / Values

1699 1829 

1700`none | friendly | pragmatic`1830`map<string,string>`

1701 1831 

1702Details1832Details

1703 1833 

1704Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`.1834Track acknowledged model migrations as old->new mappings.

1705 1835 

1706Key1836Key

1707 1837 

1708`profile`1838`notify`

1709 1839 

1710Type / Values1840Type / Values

1711 1841 

1712`string`1842`array<string>`

1713 1843 

1714Details1844Details

1715 1845 

1716Default profile applied at startup (equivalent to `--profile`).1846Command invoked for notifications; receives a JSON payload from Codex.

1717 1847 

1718Key1848Key

1719 1849 

1720`profiles.<name>.*`1850`openai_base_url`

1721 1851 

1722Type / Values1852Type / Values

1723 1853 

1724`various`1854`string`

1725 1855 

1726Details1856Details

1727 1857 

1728Profile-scoped overrides for any of the supported configuration keys.1858Base URL override for the built-in `openai` model provider.

1729 1859 

1730Key1860Key

1731 1861 

1732`profiles.<name>.experimental_use_freeform_apply_patch`1862`oss_provider`

1733 1863 

1734Type / Values1864Type / Values

1735 1865 

1736`boolean`1866`lmstudio | ollama`

1737 1867 

1738Details1868Details

1739 1869 

1740Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.1870Default local provider used when running with `--oss` (defaults to prompting if unset).

1741 1871 

1742Key1872Key

1743 1873 

1744`profiles.<name>.experimental_use_unified_exec_tool`1874`otel.environment`

1745 1875 

1746Type / Values1876Type / Values

1747 1877 

1748`boolean`1878`string`

1749 1879 

1750Details1880Details

1751 1881 

1752Legacy name for enabling unified exec; prefer `[features].unified_exec`.1882Environment tag applied to emitted OpenTelemetry events (default: `dev`).

1753 1883 

1754Key1884Key

1755 1885 

1756`profiles.<name>.include_apply_patch_tool`1886`otel.exporter`

1757 1887 

1758Type / Values1888Type / Values

1759 1889 

1760`boolean`1890`none | otlp-http | otlp-grpc`

1761 1891 

1762Details1892Details

1763 1893 

1764Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.1894Select the OpenTelemetry exporter and provide any endpoint metadata.

1765 1895 

1766Key1896Key

1767 1897 

1768`profiles.<name>.model_catalog_json`1898`otel.exporter.<id>.endpoint`

1769 1899 

1770Type / Values1900Type / Values

1771 1901 

1772`string (path)`1902`string`

1773 1903 

1774Details1904Details

1775 1905 

1776Profile-scoped model catalog JSON path override (applied on startup only; overrides the top-level `model_catalog_json` for that profile).1906Exporter endpoint for OTEL logs.

1777 1907 

1778Key1908Key

1779 1909 

1780`profiles.<name>.oss_provider`1910`otel.exporter.<id>.headers`

1781 1911 

1782Type / Values1912Type / Values

1783 1913 

1784`lmstudio | ollama`1914`map<string,string>`

1785 1915 

1786Details1916Details

1787 1917 

1788Profile-scoped OSS provider for `--oss` sessions.1918Static headers included with OTEL exporter requests.

1789 1919 

1790Key1920Key

1791 1921 

1792`profiles.<name>.personality`1922`otel.exporter.<id>.protocol`

1793 1923 

1794Type / Values1924Type / Values

1795 1925 

1796`none | friendly | pragmatic`1926`binary | json`

1797 1927 

1798Details1928Details

1799 1929 

1800Profile-scoped communication style override for supported models.1930Protocol used by the OTLP/HTTP exporter.

1801 1931 

1802Key1932Key

1803 1933 

1804`profiles.<name>.web_search`1934`otel.exporter.<id>.tls.ca-certificate`

1805 1935 

1806Type / Values1936Type / Values

1807 1937 

1808`disabled | cached | live`1938`string`

1809 1939 

1810Details1940Details

1811 1941 

1812Profile-scoped web search mode override (default: `"cached"`).1942CA certificate path for OTEL exporter TLS.

1813 1943 

1814Key1944Key

1815 1945 

1816`project_doc_fallback_filenames`1946`otel.exporter.<id>.tls.client-certificate`

1817 1947 

1818Type / Values1948Type / Values

1819 1949 

1820`array<string>`1950`string`

1821 1951 

1822Details1952Details

1823 1953 

1824Additional filenames to try when `AGENTS.md` is missing.1954Client certificate path for OTEL exporter TLS.

1825 1955 

1826Key1956Key

1827 1957 

1828`project_doc_max_bytes`1958`otel.exporter.<id>.tls.client-private-key`

1829 1959 

1830Type / Values1960Type / Values

1831 1961 

1832`number`1962`string`

1833 1963 

1834Details1964Details

1835 1965 

1836Maximum bytes read from `AGENTS.md` when building project instructions.1966Client private key path for OTEL exporter TLS.

1837 1967 

1838Key1968Key

1839 1969 

1840`project_root_markers`1970`otel.log_user_prompt`

1841 1971 

1842Type / Values1972Type / Values

1843 1973 

1844`array<string>`1974`boolean`

1845 1975 

1846Details1976Details

1847 1977 

1848List of project root marker filenames; used when searching parent directories for the project root.1978Opt in to exporting raw user prompts with OpenTelemetry logs.

1849 1979 

1850Key1980Key

1851 1981 

1852`projects.<path>.trust_level`1982`otel.metrics_exporter`

1853 1983 

1854Type / Values1984Type / Values

1855 1985 

1856`string`1986`none | statsig | otlp-http | otlp-grpc`

1857 1987 

1858Details1988Details

1859 1989 

1860Mark a project or worktree as trusted or untrusted (`"trusted"` | `"untrusted"`). Untrusted projects skip project-scoped `.codex/` layers.1990Select the OpenTelemetry metrics exporter (defaults to `statsig`).

1861 1991 

1862Key1992Key

1863 1993 

1864`review_model`1994`otel.trace_exporter`

1865 1995 

1866Type / Values1996Type / Values

1867 1997 

1868`string`1998`none | otlp-http | otlp-grpc`

1869 1999 

1870Details2000Details

1871 2001 

1872Optional model override used by `/review` (defaults to the current session model).2002Select the OpenTelemetry trace exporter and provide any endpoint metadata.

1873 2003 

1874Key2004Key

1875 2005 

1876`sandbox_mode`2006`otel.trace_exporter.<id>.endpoint`

1877 2007 

1878Type / Values2008Type / Values

1879 2009 

1880`read-only | workspace-write | danger-full-access`2010`string`

1881 2011 

1882Details2012Details

1883 2013 

1884Sandbox policy for filesystem and network access during command execution.2014Trace exporter endpoint for OTEL logs.

1885 2015 

1886Key2016Key

1887 2017 

1888`sandbox_workspace_write.exclude_slash_tmp`2018`otel.trace_exporter.<id>.headers`

1889 2019 

1890Type / Values2020Type / Values

1891 2021 

1892`boolean`2022`map<string,string>`

1893 2023 

1894Details2024Details

1895 2025 

1896Exclude `/tmp` from writable roots in workspace-write mode.2026Static headers included with OTEL trace exporter requests.

1897 2027 

1898Key2028Key

1899 2029 

1900`sandbox_workspace_write.exclude_tmpdir_env_var`2030`otel.trace_exporter.<id>.protocol`

1901 2031 

1902Type / Values2032Type / Values

1903 2033 

1904`boolean`2034`binary | json`

1905 2035 

1906Details2036Details

1907 2037 

1908Exclude `$TMPDIR` from writable roots in workspace-write mode.2038Protocol used by the OTLP/HTTP trace exporter.

1909 2039 

1910Key2040Key

1911 2041 

1912`sandbox_workspace_write.network_access`2042`otel.trace_exporter.<id>.tls.ca-certificate`

1913 2043 

1914Type / Values2044Type / Values

1915 2045 

1916`boolean`2046`string`

1917 2047 

1918Details2048Details

1919 2049 

1920Allow outbound network access inside the workspace-write sandbox.2050CA certificate path for OTEL trace exporter TLS.

1921 2051 

1922Key2052Key

1923 2053 

1924`sandbox_workspace_write.writable_roots`2054`otel.trace_exporter.<id>.tls.client-certificate`

1925 2055 

1926Type / Values2056Type / Values

1927 2057 

1928`array<string>`2058`string`

2059 

2060Details

2061 

2062Client certificate path for OTEL trace exporter TLS.

2063 

2064Key

2065 

2066`otel.trace_exporter.<id>.tls.client-private-key`

2067 

2068Type / Values

2069 

2070`string`

2071 

2072Details

2073 

2074Client private key path for OTEL trace exporter TLS.

2075 

2076Key

2077 

2078`permissions.<name>.filesystem`

2079 

2080Type / Values

2081 

2082`table`

2083 

2084Details

2085 

2086Named filesystem permission profile. Each key is an absolute path or special token such as `:minimal` or `:project_roots`.

2087 

2088Key

2089 

2090`permissions.<name>.filesystem.":project_roots".<subpath-or-glob>`

2091 

2092Type / Values

2093 

2094`"read" | "write" | "none"`

2095 

2096Details

2097 

2098Scoped filesystem access relative to the detected project roots. Use `"."` for the root itself; glob subpaths such as `"**/*.env"` can deny reads with `"none"`.

2099 

2100Key

2101 

2102`permissions.<name>.filesystem.<path-or-glob>`

2103 

2104Type / Values

2105 

2106`"read" | "write" | "none" | table`

2107 

2108Details

2109 

2110Grant direct access for a path, glob pattern, or special token, or scope nested entries under that root. Use `"none"` to deny reads for matching paths.

2111 

2112Key

2113 

2114`permissions.<name>.filesystem.glob_scan_max_depth`

2115 

2116Type / Values

2117 

2118`number`

2119 

2120Details

2121 

2122Maximum depth for expanding deny-read glob patterns on platforms that snapshot matches before sandbox startup. Must be at least `1` when set.

2123 

2124Key

2125 

2126`permissions.<name>.network.allow_local_binding`

2127 

2128Type / Values

2129 

2130`boolean`

2131 

2132Details

2133 

2134Permit local bind/listen operations through the managed proxy.

2135 

2136Key

2137 

2138`permissions.<name>.network.allow_upstream_proxy`

2139 

2140Type / Values

2141 

2142`boolean`

2143 

2144Details

2145 

2146Allow the managed proxy to chain to another upstream proxy.

2147 

2148Key

2149 

2150`permissions.<name>.network.dangerously_allow_all_unix_sockets`

2151 

2152Type / Values

2153 

2154`boolean`

2155 

2156Details

2157 

2158Allow the proxy to use arbitrary Unix sockets instead of the default restricted set.

2159 

2160Key

2161 

2162`permissions.<name>.network.dangerously_allow_non_loopback_proxy`

2163 

2164Type / Values

2165 

2166`boolean`

2167 

2168Details

2169 

2170Permit non-loopback bind addresses for the managed proxy listener.

2171 

2172Key

2173 

2174`permissions.<name>.network.domains`

2175 

2176Type / Values

2177 

2178`map<string, allow | deny>`

2179 

2180Details

2181 

2182Domain rules for the managed proxy. Use domain names or wildcard patterns as keys, with `allow` or `deny` values.

2183 

2184Key

2185 

2186`permissions.<name>.network.enable_socks5`

2187 

2188Type / Values

2189 

2190`boolean`

2191 

2192Details

2193 

2194Expose a SOCKS5 listener when this permissions profile enables the managed network proxy.

2195 

2196Key

2197 

2198`permissions.<name>.network.enable_socks5_udp`

2199 

2200Type / Values

2201 

2202`boolean`

2203 

2204Details

2205 

2206Allow UDP over the SOCKS5 listener when enabled.

2207 

2208Key

2209 

2210`permissions.<name>.network.enabled`

2211 

2212Type / Values

2213 

2214`boolean`

2215 

2216Details

2217 

2218Enable network access for this named permissions profile.

2219 

2220Key

2221 

2222`permissions.<name>.network.mode`

2223 

2224Type / Values

2225 

2226`limited | full`

2227 

2228Details

2229 

2230Network proxy mode used for subprocess traffic.

2231 

2232Key

2233 

2234`permissions.<name>.network.proxy_url`

2235 

2236Type / Values

2237 

2238`string`

2239 

2240Details

2241 

2242HTTP proxy endpoint used when this permissions profile enables the managed network proxy.

2243 

2244Key

2245 

2246`permissions.<name>.network.socks_url`

2247 

2248Type / Values

2249 

2250`string`

2251 

2252Details

2253 

2254SOCKS5 proxy endpoint used by this permissions profile.

2255 

2256Key

2257 

2258`permissions.<name>.network.unix_sockets`

2259 

2260Type / Values

2261 

2262`map<string, allow | none>`

2263 

2264Details

2265 

2266Unix socket rules for the managed proxy. Use socket paths as keys, with `allow` or `none` values.

2267 

2268Key

2269 

2270`personality`

2271 

2272Type / Values

2273 

2274`none | friendly | pragmatic`

2275 

2276Details

2277 

2278Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`.

2279 

2280Key

2281 

2282`plan_mode_reasoning_effort`

2283 

2284Type / Values

2285 

2286`none | minimal | low | medium | high | xhigh`

2287 

2288Details

2289 

2290Plan-mode-specific reasoning override. When unset, Plan mode uses its built-in preset default.

2291 

2292Key

2293 

2294`profile`

2295 

2296Type / Values

2297 

2298`string`

2299 

2300Details

2301 

2302Default profile applied at startup (equivalent to `--profile`).

2303 

2304Key

2305 

2306`profiles.<name>.*`

2307 

2308Type / Values

2309 

2310`various`

2311 

2312Details

2313 

2314Profile-scoped overrides for any of the supported configuration keys.

2315 

2316Key

2317 

2318`profiles.<name>.analytics.enabled`

2319 

2320Type / Values

2321 

2322`boolean`

2323 

2324Details

2325 

2326Profile-scoped analytics enablement override.

2327 

2328Key

2329 

2330`profiles.<name>.experimental_use_unified_exec_tool`

2331 

2332Type / Values

2333 

2334`boolean`

2335 

2336Details

2337 

2338Legacy name for enabling unified exec; prefer `[features].unified_exec`.

2339 

2340Key

2341 

2342`profiles.<name>.model_catalog_json`

2343 

2344Type / Values

2345 

2346`string (path)`

2347 

2348Details

2349 

2350Profile-scoped model catalog JSON path override (applied on startup only; overrides the top-level `model_catalog_json` for that profile).

2351 

2352Key

2353 

2354`profiles.<name>.model_instructions_file`

2355 

2356Type / Values

2357 

2358`string (path)`

2359 

2360Details

2361 

2362Profile-scoped replacement for the built-in instruction file.

2363 

2364Key

2365 

2366`profiles.<name>.oss_provider`

2367 

2368Type / Values

2369 

2370`lmstudio | ollama`

2371 

2372Details

2373 

2374Profile-scoped OSS provider for `--oss` sessions.

2375 

2376Key

2377 

2378`profiles.<name>.personality`

2379 

2380Type / Values

2381 

2382`none | friendly | pragmatic`

2383 

2384Details

2385 

2386Profile-scoped communication style override for supported models.

2387 

2388Key

2389 

2390`profiles.<name>.plan_mode_reasoning_effort`

2391 

2392Type / Values

2393 

2394`none | minimal | low | medium | high | xhigh`

2395 

2396Details

2397 

2398Profile-scoped Plan-mode reasoning override.

2399 

2400Key

2401 

2402`profiles.<name>.service_tier`

2403 

2404Type / Values

2405 

2406`flex | fast`

2407 

2408Details

2409 

2410Profile-scoped service tier preference for new turns.

2411 

2412Key

2413 

2414`profiles.<name>.tools_view_image`

2415 

2416Type / Values

2417 

2418`boolean`

2419 

2420Details

2421 

2422Enable or disable the `view_image` tool in that profile.

2423 

2424Key

2425 

2426`profiles.<name>.web_search`

2427 

2428Type / Values

2429 

2430`disabled | cached | live`

2431 

2432Details

2433 

2434Profile-scoped web search mode override (default: `"cached"`).

2435 

2436Key

2437 

2438`profiles.<name>.windows.sandbox`

2439 

2440Type / Values

2441 

2442`unelevated | elevated`

2443 

2444Details

2445 

2446Profile-scoped Windows sandbox mode override.

2447 

2448Key

2449 

2450`project_doc_fallback_filenames`

2451 

2452Type / Values

2453 

2454`array<string>`

2455 

2456Details

2457 

2458Additional filenames to try when `AGENTS.md` is missing.

2459 

2460Key

2461 

2462`project_doc_max_bytes`

2463 

2464Type / Values

2465 

2466`number`

2467 

2468Details

2469 

2470Maximum bytes read from `AGENTS.md` when building project instructions.

2471 

2472Key

2473 

2474`project_root_markers`

2475 

2476Type / Values

2477 

2478`array<string>`

2479 

2480Details

2481 

2482List of project root marker filenames; used when searching parent directories for the project root.

2483 

2484Key

2485 

2486`projects.<path>.trust_level`

2487 

2488Type / Values

2489 

2490`string`

2491 

2492Details

2493 

2494Mark a project or worktree as trusted or untrusted (`"trusted"` | `"untrusted"`). Untrusted projects skip project-scoped `.codex/` layers, including project-local config, hooks, and rules.

2495 

2496Key

2497 

2498`review_model`

2499 

2500Type / Values

2501 

2502`string`

2503 

2504Details

2505 

2506Optional model override used by `/review` (defaults to the current session model).

2507 

2508Key

2509 

2510`sandbox_mode`

2511 

2512Type / Values

2513 

2514`read-only | workspace-write | danger-full-access`

2515 

2516Details

2517 

2518Sandbox policy for filesystem and network access during command execution.

2519 

2520Key

2521 

2522`sandbox_workspace_write.exclude_slash_tmp`

2523 

2524Type / Values

2525 

2526`boolean`

2527 

2528Details

2529 

2530Exclude `/tmp` from writable roots in workspace-write mode.

2531 

2532Key

2533 

2534`sandbox_workspace_write.exclude_tmpdir_env_var`

2535 

2536Type / Values

2537 

2538`boolean`

2539 

2540Details

2541 

2542Exclude `$TMPDIR` from writable roots in workspace-write mode.

2543 

2544Key

2545 

2546`sandbox_workspace_write.network_access`

2547 

2548Type / Values

2549 

2550`boolean`

2551 

2552Details

2553 

2554Allow outbound network access inside the workspace-write sandbox.

2555 

2556Key

2557 

2558`sandbox_workspace_write.writable_roots`

2559 

2560Type / Values

2561 

2562`array<string>`

2563 

2564Details

2565 

2566Additional writable roots when `sandbox_mode = "workspace-write"`.

2567 

2568Key

2569 

2570`service_tier`

2571 

2572Type / Values

2573 

2574`flex | fast`

1929 2575 

1930Details2576Details

1931 2577 

1932Additional writable roots when `sandbox_mode = "workspace-write"`.2578Preferred service tier for new turns.

1933 2579 

1934Key2580Key

1935 2581 

2053 2699 

2054Key2700Key

2055 2701 

2702`sqlite_home`

2703 

2704Type / Values

2705 

2706`string (path)`

2707 

2708Details

2709 

2710Directory where Codex stores the SQLite-backed state DB used by agent jobs and other resumable runtime state.

2711 

2712Key

2713 

2056`suppress_unstable_features_warning`2714`suppress_unstable_features_warning`

2057 2715 

2058Type / Values2716Type / Values

2077 2735 

2078Key2736Key

2079 2737 

2080`tools.web_search`2738`tool_suggest.discoverables`

2739 

2740Type / Values

2741 

2742`array<table>`

2743 

2744Details

2745 

2746Allow tool suggestions for additional discoverable connectors or plugins. Each entry uses `type = "connector"` or `"plugin"` and an `id`.

2747 

2748Key

2749 

2750`tools.view_image`

2081 2751 

2082Type / Values2752Type / Values

2083 2753 

2085 2755 

2086Details2756Details

2087 2757 

2088Deprecated legacy toggle for web search; prefer the top-level `web_search` setting.2758Enable the local-image attachment tool `view_image`.

2759 

2760Key

2761 

2762`tools.web_search`

2763 

2764Type / Values

2765 

2766`boolean | { context_size = "low|medium|high", allowed_domains = [string], location = { country, region, city, timezone } }`

2767 

2768Details

2769 

2770Optional web search tool configuration. The legacy boolean form is still accepted, but the object form lets you set search context size, allowed domains, and approximate user location.

2089 2771 

2090Key2772Key

2091 2773 

2125 2807 

2126Key2808Key

2127 2809 

2810`tui.model_availability_nux.<model>`

2811 

2812Type / Values

2813 

2814`integer`

2815 

2816Details

2817 

2818Internal startup-tooltip state keyed by model slug.

2819 

2820Key

2821 

2822`tui.notification_condition`

2823 

2824Type / Values

2825 

2826`unfocused | always`

2827 

2828Details

2829 

2830Control whether TUI notifications fire only when the terminal is unfocused or regardless of focus. Defaults to `unfocused`.

2831 

2832Key

2833 

2128`tui.notification_method`2834`tui.notification_method`

2129 2835 

2130Type / Values2836Type / Values

2133 2839 

2134Details2840Details

2135 2841 

2136Notification method for unfocused terminal notifications (default: auto).2842Notification method for terminal notifications (default: auto).

2137 2843 

2138Key2844Key

2139 2845 

2173 2879 

2174Key2880Key

2175 2881 

2882`tui.terminal_title`

2883 

2884Type / Values

2885 

2886`array<string> | null`

2887 

2888Details

2889 

2890Ordered list of terminal window/tab title item identifiers. Defaults to `["spinner", "project"]`; `null` disables title updates.

2891 

2892Key

2893 

2894`tui.theme`

2895 

2896Type / Values

2897 

2898`string`

2899 

2900Details

2901 

2902Syntax-highlighting theme override (kebab-case theme name).

2903 

2904Key

2905 

2176`web_search`2906`web_search`

2177 2907 

2178Type / Values2908Type / Values

2195 2925 

2196Track Windows onboarding acknowledgement (Windows only).2926Track Windows onboarding acknowledgement (Windows only).

2197 2927 

2928Key

2929 

2930`windows.sandbox`

2931 

2932Type / Values

2933 

2934`unelevated | elevated`

2935 

2936Details

2937 

2938Windows-only native sandbox mode when running Codex natively on Windows.

2939 

2940Key

2941 

2942`windows.sandbox_private_desktop`

2943 

2944Type / Values

2945 

2946`boolean`

2947 

2948Details

2949 

2950Run the final sandboxed child process on a private desktop by default on native Windows. Set `false` only for compatibility with the older `Winsta0\\Default` behavior.

2951 

2198Expand to view all2952Expand to view all

2199 2953 

2200You can find the latest JSON schema for `config.toml` [here](https://developers.openai.com/codex/config-schema.json).2954You can find the latest JSON schema for `config.toml` [here](https://developers.openai.com/codex/config-schema.json).

2214For ChatGPT Business and Enterprise users, Codex can also apply cloud-fetched2968For ChatGPT Business and Enterprise users, Codex can also apply cloud-fetched

2215requirements. See the security page for precedence details.2969requirements. See the security page for precedence details.

2216 2970 

2971Use `[features]` in `requirements.toml` to pin feature flags by the same

2972canonical keys that `config.toml` uses. Omitted keys remain unconstrained.

2973 

2217| Key | Type / Values | Details |2974| Key | Type / Values | Details |

2218| --- | --- | --- |2975| --- | --- | --- |

2219| `allowed_approval_policies` | `array<string>` | Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `reject`). |2976| `allowed_approval_policies` | `array<string>` | Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `granular`). |

2977| `allowed_approvals_reviewers` | `array<string>` | Allowed values for `approvals_reviewer`, such as `user` and `auto_review`. |

2220| `allowed_sandbox_modes` | `array<string>` | Allowed values for `sandbox_mode`. |2978| `allowed_sandbox_modes` | `array<string>` | Allowed values for `sandbox_mode`. |

2221| `allowed_web_search_modes` | `array<string>` | Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`. |2979| `allowed_web_search_modes` | `array<string>` | Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`. |

2980| `features` | `table` | Pinned feature values keyed by the canonical names from `config.toml`'s `[features]` table. |

2981| `features.<name>` | `boolean` | Require a specific canonical feature key to stay enabled or disabled. |

2982| `features.browser_use` | `boolean` | Set to `false` in `requirements.toml` to disable Browser Use and Browser Agent availability. |

2983| `features.computer_use` | `boolean` | Set to `false` in `requirements.toml` to disable Computer Use availability and related install or enablement flows. |

2984| `features.in_app_browser` | `boolean` | Set to `false` in `requirements.toml` to disable the in-app browser pane. |

2985| `guardian_policy_config` | `string` | Managed Markdown policy instructions for automatic review. This takes precedence over local `[auto_review].policy`. Blank values are ignored. |

2986| `hooks` | `table` | Admin-enforced managed lifecycle hooks. Requires a managed hook directory and uses the same event schema as inline `[hooks]` in `config.toml`. |

2987| `hooks.<Event>` | `array<table>` | Matcher groups for a hook event such as `PreToolUse`, `PostToolUse`, `PermissionRequest`, `SessionStart`, `UserPromptSubmit`, or `Stop`. |

2988| `hooks.<Event>[].hooks` | `array<table>` | Hook handlers for a matcher group. Command hooks are currently supported; prompt and agent hook handlers are parsed but skipped. |

2989| `hooks.managed_dir` | `string (absolute path)` | Directory containing managed hook scripts on macOS and Linux. Codex validates that it is absolute and exists before loading managed hooks. |

2990| `hooks.windows_managed_dir` | `string (absolute path)` | Directory containing managed hook scripts on Windows. Codex validates that it is absolute and exists before loading managed hooks. |

2222| `mcp_servers` | `table` | Allowlist of MCP servers that may be enabled. Both the server name (`<id>`) and its identity must match for the MCP server to be enabled. Any configured MCP server not in the allowlist (or with a mismatched identity) is disabled. |2991| `mcp_servers` | `table` | Allowlist of MCP servers that may be enabled. Both the server name (`<id>`) and its identity must match for the MCP server to be enabled. Any configured MCP server not in the allowlist (or with a mismatched identity) is disabled. |

2223| `mcp_servers.<id>.identity` | `table` | Identity rule for a single MCP server. Set either `command` (stdio) or `url` (streamable HTTP). |2992| `mcp_servers.<id>.identity` | `table` | Identity rule for a single MCP server. Set either `command` (stdio) or `url` (streamable HTTP). |

2224| `mcp_servers.<id>.identity.command` | `string` | Allow an MCP stdio server when its `mcp_servers.<id>.command` matches this command. |2993| `mcp_servers.<id>.identity.command` | `string` | Allow an MCP stdio server when its `mcp_servers.<id>.command` matches this command. |

2225| `mcp_servers.<id>.identity.url` | `string` | Allow an MCP streamable HTTP server when its `mcp_servers.<id>.url` matches this URL. |2994| `mcp_servers.<id>.identity.url` | `string` | Allow an MCP streamable HTTP server when its `mcp_servers.<id>.url` matches this URL. |

2995| `permissions.filesystem.deny_read` | `array<string>` | Admin-enforced filesystem read denials. Entries can be paths or glob patterns, and users cannot weaken them with local config. |

2996| `remote_sandbox_config` | `array<table>` | Host-specific sandbox requirements. The first entry whose `hostname_patterns` match the resolved host name overrides top-level `allowed_sandbox_modes` for that requirements source. Host-specific entries currently override sandbox modes only. |

2997| `remote_sandbox_config[].allowed_sandbox_modes` | `array<string>` | Allowed sandbox modes to apply when this host-specific entry matches. |

2998| `remote_sandbox_config[].hostname_patterns` | `array<string>` | Case-insensitive host name patterns. Supports `*` for any sequence of characters and `?` for one character. |

2226| `rules` | `table` | Admin-enforced command rules merged with `.rules` files. Requirements rules must be restrictive. |2999| `rules` | `table` | Admin-enforced command rules merged with `.rules` files. Requirements rules must be restrictive. |

2227| `rules.prefix_rules` | `array<table>` | List of enforced prefix rules. Each rule must include `pattern` and `decision`. |3000| `rules.prefix_rules` | `array<table>` | List of enforced prefix rules. Each rule must include `pattern` and `decision`. |

2228| `rules.prefix_rules[].decision` | `prompt | forbidden` | Required. Requirements rules can only prompt or forbid (not allow). |3001| `rules.prefix_rules[].decision` | `prompt | forbidden` | Required. Requirements rules can only prompt or forbid (not allow). |

2241 3014 

2242Details3015Details

2243 3016 

2244Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `reject`).3017Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `granular`).

3018 

3019Key

3020 

3021`allowed_approvals_reviewers`

3022 

3023Type / Values

3024 

3025`array<string>`

3026 

3027Details

3028 

3029Allowed values for `approvals_reviewer`, such as `user` and `auto_review`.

2245 3030 

2246Key3031Key

2247 3032 

2269 3054 

2270Key3055Key

2271 3056 

3057`features`

3058 

3059Type / Values

3060 

3061`table`

3062 

3063Details

3064 

3065Pinned feature values keyed by the canonical names from `config.toml`'s `[features]` table.

3066 

3067Key

3068 

3069`features.<name>`

3070 

3071Type / Values

3072 

3073`boolean`

3074 

3075Details

3076 

3077Require a specific canonical feature key to stay enabled or disabled.

3078 

3079Key

3080 

3081`features.browser_use`

3082 

3083Type / Values

3084 

3085`boolean`

3086 

3087Details

3088 

3089Set to `false` in `requirements.toml` to disable Browser Use and Browser Agent availability.

3090 

3091Key

3092 

3093`features.computer_use`

3094 

3095Type / Values

3096 

3097`boolean`

3098 

3099Details

3100 

3101Set to `false` in `requirements.toml` to disable Computer Use availability and related install or enablement flows.

3102 

3103Key

3104 

3105`features.in_app_browser`

3106 

3107Type / Values

3108 

3109`boolean`

3110 

3111Details

3112 

3113Set to `false` in `requirements.toml` to disable the in-app browser pane.

3114 

3115Key

3116 

3117`guardian_policy_config`

3118 

3119Type / Values

3120 

3121`string`

3122 

3123Details

3124 

3125Managed Markdown policy instructions for automatic review. This takes precedence over local `[auto_review].policy`. Blank values are ignored.

3126 

3127Key

3128 

3129`hooks`

3130 

3131Type / Values

3132 

3133`table`

3134 

3135Details

3136 

3137Admin-enforced managed lifecycle hooks. Requires a managed hook directory and uses the same event schema as inline `[hooks]` in `config.toml`.

3138 

3139Key

3140 

3141`hooks.<Event>`

3142 

3143Type / Values

3144 

3145`array<table>`

3146 

3147Details

3148 

3149Matcher groups for a hook event such as `PreToolUse`, `PostToolUse`, `PermissionRequest`, `SessionStart`, `UserPromptSubmit`, or `Stop`.

3150 

3151Key

3152 

3153`hooks.<Event>[].hooks`

3154 

3155Type / Values

3156 

3157`array<table>`

3158 

3159Details

3160 

3161Hook handlers for a matcher group. Command hooks are currently supported; prompt and agent hook handlers are parsed but skipped.

3162 

3163Key

3164 

3165`hooks.managed_dir`

3166 

3167Type / Values

3168 

3169`string (absolute path)`

3170 

3171Details

3172 

3173Directory containing managed hook scripts on macOS and Linux. Codex validates that it is absolute and exists before loading managed hooks.

3174 

3175Key

3176 

3177`hooks.windows_managed_dir`

3178 

3179Type / Values

3180 

3181`string (absolute path)`

3182 

3183Details

3184 

3185Directory containing managed hook scripts on Windows. Codex validates that it is absolute and exists before loading managed hooks.

3186 

3187Key

3188 

2272`mcp_servers`3189`mcp_servers`

2273 3190 

2274Type / Values3191Type / Values

2317 3234 

2318Key3235Key

2319 3236 

3237`permissions.filesystem.deny_read`

3238 

3239Type / Values

3240 

3241`array<string>`

3242 

3243Details

3244 

3245Admin-enforced filesystem read denials. Entries can be paths or glob patterns, and users cannot weaken them with local config.

3246 

3247Key

3248 

3249`remote_sandbox_config`

3250 

3251Type / Values

3252 

3253`array<table>`

3254 

3255Details

3256 

3257Host-specific sandbox requirements. The first entry whose `hostname_patterns` match the resolved host name overrides top-level `allowed_sandbox_modes` for that requirements source. Host-specific entries currently override sandbox modes only.

3258 

3259Key

3260 

3261`remote_sandbox_config[].allowed_sandbox_modes`

3262 

3263Type / Values

3264 

3265`array<string>`

3266 

3267Details

3268 

3269Allowed sandbox modes to apply when this host-specific entry matches.

3270 

3271Key

3272 

3273`remote_sandbox_config[].hostname_patterns`

3274 

3275Type / Values

3276 

3277`array<string>`

3278 

3279Details

3280 

3281Case-insensitive host name patterns. Supports `*` for any sequence of characters and `?` for one character.

3282 

3283Key

3284 

2320`rules`3285`rules`

2321 3286 

2322Type / Values3287Type / Values