config-reference diff

config-reference.md +1514 −2376

Details

6 6

7User-level configuration lives in `~/.codex/config.toml`. You can also add project-scoped overrides in `.codex/config.toml` files. Codex loads project-scoped config files only when you trust the project.7User-level configuration lives in `~/.codex/config.toml`. You can also add project-scoped overrides in `.codex/config.toml` files. Codex loads project-scoped config files only when you trust the project.

8 8

9For sandbox and approval keys (`approval_policy`, `sandbox_mode`, and `sandbox_workspace_write.*`), pair this reference with [Sandbox and approvals](https://developers.openai.com/codex/security#sandbox-and-approvals), [Protected paths in writable roots](https://developers.openai.com/codex/security#protected-paths-in-writable-roots), and [Network access](https://developers.openai.com/codex/security#network-access).9For sandbox and approval keys (`approval_policy`, `sandbox_mode`, and `sandbox_workspace_write.*`), pair this reference with [Sandbox and approvals](https://developers.openai.com/codex/agent-approvals-security#sandbox-and-approvals), [Protected paths in writable roots](https://developers.openai.com/codex/agent-approvals-security#protected-paths-in-writable-roots), and [Network access](https://developers.openai.com/codex/agent-approvals-security#network-access).

10 10

~~11| Key | Type / Values | Details |~~11<ConfigTable

~~12| --- | --- | --- |~~12 options={[

~~13| `agents.<name>.config_file` | `string (path)` | Path to a TOML config layer for that role; relative paths resolve from the config file that declares the role. |~~13 {

~~14| `agents.<name>.description` | `string` | Role guidance shown to Codex when choosing and spawning that agent type. |~~14 key: "model",

~~15| `agents.max_depth` | `number` | Maximum nesting depth allowed for spawned agent threads (root sessions start at depth 0; default: 1). |~~15 type: "string",

~~16| `agents.max_threads` | `number` | Maximum number of agent threads that can be open concurrently. |~~16 description: "Model to use (e.g., `gpt-5.5`).",

17| `allow_login_shell` | `boolean` | Allow shell-based tools to use login-shell semantics. Defaults to `true`; when `false`, `login = true` requests are rejected and omitted `login` defaults to non-login shells. |17 },

18| `approval_policy` | `untrusted | on-request | never | { reject = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool } }` | Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { reject = { ... } }` to auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs. |18 {

~~19| `approval_policy.reject.mcp_elicitations` | `boolean` | When `true`, MCP elicitation prompts are auto-rejected instead of shown to the user. |~~19 key: "review_model",

~~20| `approval_policy.reject.rules` | `boolean` | When `true`, approvals triggered by execpolicy `prompt` rules are auto-rejected. |~~20 type: "string",

~~21| `approval_policy.reject.sandbox_approval` | `boolean` | When `true`, sandbox escalation approval prompts are auto-rejected. |~~21 description:

~~22| `apps._default.destructive_enabled` | `boolean` | Default allow/deny for app tools with `destructive_hint = true`. |~~22 "Optional model override used by `/review` (defaults to the current session model).",

~~23| `apps._default.enabled` | `boolean` | Default app enabled state for all apps unless overridden per app. |~~23 },

~~24| `apps._default.open_world_enabled` | `boolean` | Default allow/deny for app tools with `open_world_hint = true`. |~~24 {

~~26| `apps.<id>.default_tools_enabled` | `boolean` | Default enabled state for tools in this app unless a per-tool override exists. |~~26 type: "string",

~~27| `apps.<id>.destructive_enabled` | `boolean` | Allow or block tools in this app that advertise `destructive_hint = true`. |~~27 description: "Provider id from `model_providers` (default: `openai`).",

~~28| `apps.<id>.enabled` | `boolean` | Enable or disable a specific app/connector by id (default: true). |~~28 },

~~29| `apps.<id>.open_world_enabled` | `boolean` | Allow or block tools in this app that advertise `open_world_hint = true`. |~~29 {

~~31| `apps.<id>.tools.<tool>.enabled` | `boolean` | Per-tool enabled override for an app tool (for example `repos/list`). |~~31 type: "string",

32| `background_terminal_max_timeout` | `number` | Maximum poll window in milliseconds for empty `write_stdin` polls (background terminal polling). Default: `300000` (5 minutes). Replaces the older `background_terminal_timeout` key. |32 description:

~~33| `chatgpt_base_url` | `string` | Override the base URL used during the ChatGPT login flow. |~~33 "Base URL override for the built-in `openai` model provider.",

~~34| `check_for_update_on_startup` | `boolean` | Check for Codex updates on startup (set to false only when updates are centrally managed). |~~34 },

~~35| `cli_auth_credentials_store` | `file | keyring | auto` | Control where the CLI stores cached credentials (file-based auth.json vs OS keychain). |~~35 {

~~36| `compact_prompt` | `string` | Inline override for the history compaction prompt. |~~36 key: "model_context_window",

~~37| `developer_instructions` | `string` | Additional developer instructions injected into the session (optional). |~~37 type: "number",

~~38| `disable_paste_burst` | `boolean` | Disable burst-paste detection in the TUI. |~~38 description: "Context window tokens available to the active model.",

~~39| `experimental_compact_prompt_file` | `string (path)` | Load the compaction prompt override from a file (experimental). |~~39 },

~~40| `experimental_use_freeform_apply_patch` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform` or `codex --enable apply_patch_freeform`. |~~40 {

~~41| `experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`. |~~41 key: "model_auto_compact_token_limit",

~~42| `features.apply_patch_freeform` | `boolean` | Expose the freeform `apply_patch` tool (experimental). |~~42 type: "number",

~~43| `features.apps` | `boolean` | Enable ChatGPT Apps/connectors support (experimental). |~~43 description:

~~44| `features.apps_mcp_gateway` | `boolean` | Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental). |~~44 "Token threshold that triggers automatic history compaction (unset uses model defaults).",

~~45| `features.child_agents_md` | `boolean` | Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental). |~~45 },

~~46| `features.collaboration_modes` | `boolean` | Enable collaboration modes such as plan mode (stable; on by default). |~~46 {

~~47| `features.elevated_windows_sandbox` | `boolean` | Enable the elevated Windows sandbox pipeline (experimental). |~~47 key: "model_catalog_json",

~~48| `features.experimental_windows_sandbox` | `boolean` | Run the Windows restricted-token sandbox (experimental). |~~48 type: "string (path)",

~~49| `features.multi_agent` | `boolean` | Enable multi-agent collaboration tools (`spawn\_agent`, `send\_input`, `resume\_agent`, `wait`, and `close\_agent`) (experimental; off by default). |~~49 description:

~~50| `features.personality` | `boolean` | Enable personality selection controls (stable; on by default). |~~50 "Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile.",

~~51| `features.powershell_utf8` | `boolean` | Force PowerShell UTF-8 output (defaults to true). |~~51 },

~~52| `features.remote_models` | `boolean` | Refresh remote model list before showing readiness (experimental). |~~52 {

~~53| `features.request_rule` | `boolean` | Enable Smart approvals (`prefix_rule` suggestions on escalation requests; stable; on by default). |~~53 key: "oss_provider",

~~55| `features.search_tool` | `boolean` | Enable `search_tool_bm25` for Apps tool discovery before invoking app MCP tools (experimental). |~~55 description:

~~56| `features.shell_snapshot` | `boolean` | Snapshot shell environment to speed up repeated commands (beta). |~~56 "Default local provider used when running with `--oss` (defaults to prompting if unset).",

~~57| `features.shell_tool` | `boolean` | Enable the default `shell` tool for running commands (stable; on by default). |~~57 },

~~58| `features.unified_exec` | `boolean` | Use the unified PTY-backed exec tool (beta). |~~58 {

~~59| `features.use_linux_sandbox_bwrap` | `boolean` | Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default). |~~59 key: "approval_policy",

~~60| `features.web_search` | `boolean` | Deprecated legacy toggle; prefer the top-level `web_search` setting. |~~60 type: "untrusted | on-request | never | { granular = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool, request_permissions = bool, skill_approval = bool } }",

~~61| `features.web_search_cached` | `boolean` | Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`. |~~61 description:

~~62| `features.web_search_request` | `boolean` | Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "live"`. |~~62 "Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { granular = { ... } }` to allow or auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs.",

~~63| `feedback.enabled` | `boolean` | Enable feedback submission via `/feedback` across Codex surfaces (default: true). |~~63 },

~~64| `file_opener` | `vscode | vscode-insiders | windsurf | cursor | none` | URI scheme used to open citations from Codex output (default: `vscode`). |~~64 {

~~65| `forced_chatgpt_workspace_id` | `string (uuid)` | Limit ChatGPT logins to a specific workspace identifier. |~~65 key: "approval_policy.granular.sandbox_approval",

~~67| `hide_agent_reasoning` | `boolean` | Suppress reasoning events in both the TUI and `codex exec` output. |~~67 description:

~~68| `history.max_bytes` | `number` | If set, caps the history file size in bytes by dropping oldest entries. |~~68 "When `true`, sandbox escalation approval prompts are allowed to surface.",

~~69| `history.persistence` | `save-all | none` | Control whether Codex saves session transcripts to history.jsonl. |~~69 },

~~70| `include_apply_patch_tool` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |~~70 {

~~71| `instructions` | `string` | Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`. |~~71 key: "approval_policy.granular.rules",

~~72| `log_dir` | `string (path)` | Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`. |~~72 type: "boolean",

~~73| `mcp_oauth_callback_port` | `integer` | Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS. |~~73 description:

~~74| `mcp_oauth_callback_url` | `string` | Optional redirect URI override for MCP OAuth login (for example, a devbox ingress URL). `mcp_oauth_callback_port` still controls the callback listener port. |~~74 "When `true`, approvals triggered by execpolicy `prompt` rules are allowed to surface.",

~~75| `mcp_oauth_credentials_store` | `auto | file | keyring` | Preferred store for MCP OAuth credentials. |~~75 },

~~76| `mcp_servers.<id>.args` | `array<string>` | Arguments passed to the MCP stdio server command. |~~76 {

~~77| `mcp_servers.<id>.bearer_token_env_var` | `string` | Environment variable sourcing the bearer token for an MCP HTTP server. |~~77 key: "approval_policy.granular.mcp_elicitations",

~~78| `mcp_servers.<id>.command` | `string` | Launcher command for an MCP stdio server. |~~78 type: "boolean",

~~79| `mcp_servers.<id>.cwd` | `string` | Working directory for the MCP stdio server process. |~~79 description:

~~80| `mcp_servers.<id>.disabled_tools` | `array<string>` | Deny list applied after `enabled_tools` for the MCP server. |~~80 "When `true`, MCP elicitation prompts are allowed to surface instead of being auto-rejected.",

~~81| `mcp_servers.<id>.enabled` | `boolean` | Disable an MCP server without removing its configuration. |~~81 },

~~82| `mcp_servers.<id>.enabled_tools` | `array<string>` | Allow list of tool names exposed by the MCP server. |~~82 {

~~83| `mcp_servers.<id>.env` | `map<string,string>` | Environment variables forwarded to the MCP stdio server. |~~83 key: "approval_policy.granular.request_permissions",

~~84| `mcp_servers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables for an MCP HTTP server. |~~84 type: "boolean",

~~85| `mcp_servers.<id>.env_vars` | `array<string>` | Additional environment variables to whitelist for an MCP stdio server. |~~85 description:

~~86| `mcp_servers.<id>.http_headers` | `map<string,string>` | Static HTTP headers included with each MCP HTTP request. |~~86 "When `true`, prompts from the `request_permissions` tool are allowed to surface.",

~~87| `mcp_servers.<id>.required` | `boolean` | When true, fail startup/resume if this enabled MCP server cannot initialize. |~~87 },

~~88| `mcp_servers.<id>.startup_timeout_ms` | `number` | Alias for `startup_timeout_sec` in milliseconds. |~~88 {

~~89| `mcp_servers.<id>.startup_timeout_sec` | `number` | Override the default 10s startup timeout for an MCP server. |~~89 key: "approval_policy.granular.skill_approval",

~~90| `mcp_servers.<id>.tool_timeout_sec` | `number` | Override the default 60s per-tool timeout for an MCP server. |~~90 type: "boolean",

~~91| `mcp_servers.<id>.url` | `string` | Endpoint for an MCP streamable HTTP server. |~~91 description:

~~92| `model` | `string` | Model to use (e.g., `gpt-5-codex`). |~~92 "When `true`, skill-script approval prompts are allowed to surface.",

~~93| `model_auto_compact_token_limit` | `number` | Token threshold that triggers automatic history compaction (unset uses model defaults). |~~93 },

~~94| `model_catalog_json` | `string (path)` | Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile. |~~94 {

~~95| `model_context_window` | `number` | Context window tokens available to the active model. |~~95 key: "approvals_reviewer",

~~97| `model_provider` | `string` | Provider id from `model_providers` (default: `openai`). |~~97 description:

~~98| `model_providers.<id>.base_url` | `string` | API base URL for the model provider. |~~98 "Who reviews eligible approval prompts under `on-request` or granular approval policies. Defaults to `user`; `auto_review` uses the reviewer subagent. This setting doesn't change sandboxing or review actions already allowed inside the sandbox.",

~~99| `model_providers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables when present. |~~99 },

100| `model_providers.<id>.env_key` | `string` | Environment variable supplying the provider API key. |100 {

101| `model_providers.<id>.env_key_instructions` | `string` | Optional setup guidance for the provider API key. |101 key: "auto_review.policy",

102| `model_providers.<id>.experimental_bearer_token` | `string` | Direct bearer token for the provider (discouraged; use `env_key`). |102 type: "string",

103| `model_providers.<id>.http_headers` | `map<string,string>` | Static HTTP headers added to provider requests. |103 description:

104| `model_providers.<id>.name` | `string` | Display name for a custom model provider. |104 "Local Markdown policy instructions for automatic review. Managed `guardian_policy_config` takes precedence. Blank values are ignored.",

105| `model_providers.<id>.query_params` | `map<string,string>` | Extra query parameters appended to provider requests. |105 },

106| `model_providers.<id>.request_max_retries` | `number` | Retry count for HTTP requests to the provider (default: 4). |106 {

107| `model_providers.<id>.requires_openai_auth` | `boolean` | The provider uses OpenAI authentication (defaults to false). |107 key: "allow_login_shell",

108| `model_providers.<id>.stream_idle_timeout_ms` | `number` | Idle timeout for SSE streams in milliseconds (default: 300000). |108 type: "boolean",

109| `model_providers.<id>.stream_max_retries` | `number` | Retry count for SSE streaming interruptions (default: 5). |109 description:

110| `model_providers.<id>.wire_api` | `chat | responses` | Protocol used by the provider (defaults to `chat` if omitted). |110 "Allow shell-based tools to use login-shell semantics. Defaults to `true`; when `false`, `login = true` requests are rejected and omitted `login` defaults to non-login shells.",

111| `model_reasoning_effort` | `minimal | low | medium | high | xhigh` | Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent). |111 },

112| `model_reasoning_summary` | `auto | concise | detailed | none` | Select reasoning summary detail or disable summaries entirely. |112 {

113| `model_supports_reasoning_summaries` | `boolean` | Force Codex to send or not send reasoning metadata. |113 key: "sandbox_mode",

115| `notice.hide_full_access_warning` | `boolean` | Track acknowledgement of the full access warning prompt. |115 description:

116| `notice.hide_gpt-5.1-codex-max_migration_prompt` | `boolean` | Track acknowledgement of the gpt-5.1-codex-max migration prompt. |116 "Sandbox policy for filesystem and network access during command execution.",

117| `notice.hide_gpt5_1_migration_prompt` | `boolean` | Track acknowledgement of the GPT-5.1 migration prompt. |117 },

118| `notice.hide_rate_limit_model_nudge` | `boolean` | Track opt-out of the rate limit model switch reminder. |118 {

119| `notice.hide_world_writable_warning` | `boolean` | Track acknowledgement of the Windows world-writable directories warning. |119 key: "sandbox_workspace_write.writable_roots",

120| `notice.model_migrations` | `map<string,string>` | Track acknowledged model migrations as old->new mappings. |120 type: "array<string>",

121| `notify` | `array<string>` | Command invoked for notifications; receives a JSON payload from Codex. |121 description:

123| `otel.environment` | `string` | Environment tag applied to emitted OpenTelemetry events (default: `dev`). |123 },

124| `otel.exporter` | `none | otlp-http | otlp-grpc` | Select the OpenTelemetry exporter and provide any endpoint metadata. |124 {

125| `otel.exporter.<id>.endpoint` | `string` | Exporter endpoint for OTEL logs. |125 key: "sandbox_workspace_write.network_access",

126| `otel.exporter.<id>.headers` | `map<string,string>` | Static headers included with OTEL exporter requests. |126 type: "boolean",

128| `otel.exporter.<id>.tls.ca-certificate` | `string` | CA certificate path for OTEL exporter TLS. |128 "Allow outbound network access inside the workspace-write sandbox.",

129| `otel.exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL exporter TLS. |129 },

130| `otel.exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL exporter TLS. |130 {

131| `otel.log_user_prompt` | `boolean` | Opt in to exporting raw user prompts with OpenTelemetry logs. |131 key: "sandbox_workspace_write.exclude_tmpdir_env_var",

133| `otel.trace_exporter.<id>.endpoint` | `string` | Trace exporter endpoint for OTEL logs. |133 description:

134| `otel.trace_exporter.<id>.headers` | `map<string,string>` | Static headers included with OTEL trace exporter requests. |134 "Exclude `$TMPDIR` from writable roots in workspace-write mode.",

135| `otel.trace_exporter.<id>.protocol` | `binary | json` | Protocol used by the OTLP/HTTP trace exporter. |135 },

136| `otel.trace_exporter.<id>.tls.ca-certificate` | `string` | CA certificate path for OTEL trace exporter TLS. |136 {

137| `otel.trace_exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL trace exporter TLS. |137 key: "sandbox_workspace_write.exclude_slash_tmp",

138| `otel.trace_exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL trace exporter TLS. |138 type: "boolean",

140| `profile` | `string` | Default profile applied at startup (equivalent to `--profile`). |140 "Exclude `/tmp` from writable roots in workspace-write mode.",

141| `profiles.<name>.*` | `various` | Profile-scoped overrides for any of the supported configuration keys. |141 },

142| `profiles.<name>.experimental_use_freeform_apply_patch` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |142 {

143| `profiles.<name>.experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec`. |143 key: "windows.sandbox",

145| `profiles.<name>.model_catalog_json` | `string (path)` | Profile-scoped model catalog JSON path override (applied on startup only; overrides the top-level `model_catalog_json` for that profile). |145 description:

147| `profiles.<name>.personality` | `none | friendly | pragmatic` | Profile-scoped communication style override for supported models. |147 },

148| `profiles.<name>.web_search` | `disabled | cached | live` | Profile-scoped web search mode override (default: `"cached"`). |148 {

149| `project_doc_fallback_filenames` | `array<string>` | Additional filenames to try when `AGENTS.md` is missing. |149 key: "windows.sandbox_private_desktop",

150| `project_doc_max_bytes` | `number` | Maximum bytes read from `AGENTS.md` when building project instructions. |150 type: "boolean",

151| `project_root_markers` | `array<string>` | List of project root marker filenames; used when searching parent directories for the project root. |151 description:

152| `projects.<path>.trust_level` | `string` | Mark a project or worktree as trusted or untrusted (`"trusted"` | `"untrusted"`). Untrusted projects skip project-scoped `.codex/` layers. |152 "Run the final sandboxed child process on a private desktop by default on native Windows. Set `false` only for compatibility with the older `Winsta0\\\\Default` behavior.",

153| `review_model` | `string` | Optional model override used by `/review` (defaults to the current session model). |153 },

154| `sandbox_mode` | `read-only | workspace-write | danger-full-access` | Sandbox policy for filesystem and network access during command execution. |154 {

155| `sandbox_workspace_write.exclude_slash_tmp` | `boolean` | Exclude `/tmp` from writable roots in workspace-write mode. |155 key: "notify",

156| `sandbox_workspace_write.exclude_tmpdir_env_var` | `boolean` | Exclude `$TMPDIR` from writable roots in workspace-write mode. |156 type: "array<string>",

157| `sandbox_workspace_write.network_access` | `boolean` | Allow outbound network access inside the workspace-write sandbox. |157 description:

158| `sandbox_workspace_write.writable_roots` | `array<string>` | Additional writable roots when `sandbox_mode = "workspace-write"`. |158 "Command invoked for notifications; receives a JSON payload from Codex.",

159| `shell_environment_policy.exclude` | `array<string>` | Glob patterns for removing environment variables after the defaults. |159 },

160| `shell_environment_policy.experimental_use_profile` | `boolean` | Use the user shell profile when spawning subprocesses. |160 {

161| `shell_environment_policy.ignore_default_excludes` | `boolean` | Keep variables containing KEY/SECRET/TOKEN before other filters run. |161 key: "check_for_update_on_startup",

162| `shell_environment_policy.include_only` | `array<string>` | Whitelist of patterns; when set only matching variables are kept. |162 type: "boolean",

164| `shell_environment_policy.set` | `map<string,string>` | Explicit environment overrides injected into every subprocess. |164 "Check for Codex updates on startup (set to false only when updates are centrally managed).",

165| `show_raw_agent_reasoning` | `boolean` | Surface raw reasoning content when the active model emits it. |165 },

166| `skills.config` | `array<object>` | Per-skill enablement overrides stored in config.toml. |166 {

167| `skills.config.<index>.enabled` | `boolean` | Enable or disable the referenced skill. |167 key: "feedback.enabled",

168| `skills.config.<index>.path` | `string (path)` | Path to a skill folder containing `SKILL.md`. |168 type: "boolean",

169| `suppress_unstable_features_warning` | `boolean` | Suppress the warning that appears when under-development feature flags are enabled. |169 description:

170| `tool_output_token_limit` | `number` | Token budget for storing individual tool/function outputs in history. |170 "Enable feedback submission via `/feedback` across Codex surfaces (default: true).",

171| `tools.web_search` | `boolean` | Deprecated legacy toggle for web search; prefer the top-level `web_search` setting. |171 },

172| `tui` | `table` | TUI-specific options such as enabling inline desktop notifications. |172 {

174| `tui.animations` | `boolean` | Enable terminal animations (welcome screen, shimmer, spinner) (default: true). |174 type: "boolean",

175| `tui.notification_method` | `auto | osc9 | bel` | Notification method for unfocused terminal notifications (default: auto). |175 description:

177| `tui.show_tooltips` | `boolean` | Show onboarding tooltips in the TUI welcome screen (default: true). |177 },

178| `tui.status_line` | `array<string> | null` | Ordered list of TUI footer status-line item identifiers. `null` disables the status line. |178 {

179| `web_search` | `disabled | cached | live` | Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool. |179 key: "instructions",

180| `windows_wsl_setup_acknowledged` | `boolean` | Track Windows onboarding acknowledgement (Windows only). |180 type: "string",

~~181~~ 181 description:

182Key182 "Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`.",

~~183~~ 183 },

184`agents.<name>.config_file`184 {

~~185~~ 185 key: "developer_instructions",

186Type / Values186 type: "string",

~~187~~ 187 description:

188`string (path)`188 "Additional developer instructions injected into the session (optional).",

~~189~~ 189 },

190Details190 {

~~191~~ 191 key: "log_dir",

192Path to a TOML config layer for that role; relative paths resolve from the config file that declares the role.192 type: "string (path)",

~~193~~ 193 description:

194Key194 "Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`.",

~~195~~ 195 },

196`agents.<name>.description`196 {

~~197~~ 197 key: "sqlite_home",

198Type / Values198 type: "string (path)",

~~199~~ 199 description:

200`string`200 "Directory where Codex stores the SQLite-backed state DB used by agent jobs and other resumable runtime state.",

~~201~~ 201 },

202Details202 {

~~203~~ 203 key: "compact_prompt",

204Role guidance shown to Codex when choosing and spawning that agent type.204 type: "string",

~~205~~ 205 description: "Inline override for the history compaction prompt.",

206Key206 },

~~207~~ 207 {

208`agents.max_depth`208 key: "commit_attribution",

~~209~~ 209 type: "string",

210Type / Values210 description:

~~211~~ 211 'Commit co-author trailer used when `[features].codex_git_commit` is enabled. Defaults to `Codex <noreply@openai.com>`; set `""` to disable.',

212`number`212 },

~~213~~ 213 {

214Details214 key: "model_instructions_file",

~~215~~ 215 type: "string (path)",

216Maximum nesting depth allowed for spawned agent threads (root sessions start at depth 0; default: 1).216 description:

~~217~~ 217 "Replacement for built-in instructions instead of `AGENTS.md`.",

218Key218 },

~~219~~ 219 {

220`agents.max_threads`220 key: "personality",

~~221~~ 221 type: "none | friendly | pragmatic",

222Type / Values222 description:

~~223~~ 223 "Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`.",

224`number`224 },

~~225~~ 225 {

226Details226 key: "service_tier",

~~227~~ 227 type: "flex | fast",

228Maximum number of agent threads that can be open concurrently.228 description: "Preferred service tier for new turns.",

~~229~~ 229 },

230Key230 {

~~231~~ 231 key: "experimental_compact_prompt_file",

232`allow_login_shell`232 type: "string (path)",

~~233~~ 233 description:

234Type / Values234 "Load the compaction prompt override from a file (experimental).",

~~235~~ 235 },

236`boolean`236 {

~~237~~ 237 key: "skills.config",

238Details238 type: "array<object>",

~~239~~ 239 description: "Per-skill enablement overrides stored in config.toml.",

240Allow shell-based tools to use login-shell semantics. Defaults to `true`; when `false`, `login = true` requests are rejected and omitted `login` defaults to non-login shells.240 },

~~241~~ 241 {

242Key242 key: "skills.config.<index>.path",

~~243~~ 243 type: "string (path)",

244`approval_policy`244 description: "Path to a skill folder containing `SKILL.md`.",

~~245~~ 245 },

246Type / Values246 {

~~247~~ 247 key: "skills.config.<index>.enabled",

248`untrusted | on-request | never | { reject = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool } }`248 type: "boolean",

~~249~~ 249 description: "Enable or disable the referenced skill.",

250Details250 },

~~251~~ 251 {

252Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { reject = { ... } }` to auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs.252 key: "apps.<id>.enabled",

~~253~~ 253 type: "boolean",

254Key254 description:

~~255~~ 255 "Enable or disable a specific app/connector by id (default: true).",

256`approval_policy.reject.mcp_elicitations`256 },

~~257~~ 257 {

258Type / Values258 key: "apps._default.enabled",

~~259~~ 259 type: "boolean",

260`boolean`260 description:

~~261~~ 261 "Default app enabled state for all apps unless overridden per app.",

262Details262 },

~~263~~ 263 {

264When `true`, MCP elicitation prompts are auto-rejected instead of shown to the user.264 key: "apps._default.destructive_enabled",

~~265~~ 265 type: "boolean",

266Key266 description:

~~267~~ 267 "Default allow/deny for app tools with `destructive_hint = true`.",

268`approval_policy.reject.rules`268 },

~~269~~ 269 {

270Type / Values270 key: "apps._default.open_world_enabled",

~~271~~ 271 type: "boolean",

272`boolean`272 description:

~~273~~ 273 "Default allow/deny for app tools with `open_world_hint = true`.",

274Details274 },

~~275~~ 275 {

276When `true`, approvals triggered by execpolicy `prompt` rules are auto-rejected.276 key: "apps.<id>.destructive_enabled",

~~277~~ 277 type: "boolean",

278Key278 description:

~~279~~ 279 "Allow or block tools in this app that advertise `destructive_hint = true`.",

280`approval_policy.reject.sandbox_approval`280 },

~~281~~ 281 {

282Type / Values282 key: "apps.<id>.open_world_enabled",

~~283~~ 283 type: "boolean",

284`boolean`284 description:

~~285~~ 285 "Allow or block tools in this app that advertise `open_world_hint = true`.",

286Details286 },

~~287~~ 287 {

288When `true`, sandbox escalation approval prompts are auto-rejected.288 key: "apps.<id>.default_tools_enabled",

~~289~~ 289 type: "boolean",

290Key290 description:

~~291~~ 291 "Default enabled state for tools in this app unless a per-tool override exists.",

292`apps._default.destructive_enabled`292 },

~~293~~ 293 {

294Type / Values294 key: "apps.<id>.default_tools_approval_mode",

~~295~~ 295 type: "auto | prompt | approve",

296`boolean`296 description:

~~297~~ 297 "Default approval behavior for tools in this app unless a per-tool override exists.",

298Details298 },

~~299~~ 299 {

300Default allow/deny for app tools with `destructive_hint = true`.300 key: "apps.<id>.tools.<tool>.enabled",

~~301~~ 301 type: "boolean",

302Key302 description:

~~303~~ 303 "Per-tool enabled override for an app tool (for example `repos/list`).",

304`apps._default.enabled`304 },

~~305~~ 305 {

306Type / Values306 key: "apps.<id>.tools.<tool>.approval_mode",

~~307~~ 307 type: "auto | prompt | approve",

308`boolean`308 description: "Per-tool approval behavior override for a single app tool.",

~~309~~ 309 },

310Details310 {

~~311~~ 311 key: "tool_suggest.discoverables",

312Default app enabled state for all apps unless overridden per app.312 type: "array<table>",

~~313~~ 313 description:

314Key314 'Allow tool suggestions for additional discoverable connectors or plugins. Each entry uses `type = "connector"` or `"plugin"` and an `id`.',

~~315~~ 315 },

316`apps._default.open_world_enabled`316 {

~~317~~ 317 key: "tool_suggest.disabled_tools",

318Type / Values318 type: "array<table>",

~~319~~ 319 description:

320`boolean`320 'Disable suggestions for specific discoverable connectors or plugins. Each entry uses `type = "connector"` or `"plugin"` and an `id`.',

~~321~~ 321 },

322Details322 {

~~323~~ 323 key: "features.apps",

324Default allow/deny for app tools with `open_world_hint = true`.324 type: "boolean",

~~325~~ 325 description: "Enable ChatGPT Apps/connectors support (experimental).",

326Key326 },

~~327~~ 327 {

328`apps.<id>.default_tools_approval_mode`328 key: "features.codex_hooks",

~~329~~ 329 type: "boolean",

330Type / Values330 description:

~~331~~ 331 "Enable lifecycle hooks loaded from `hooks.json` or inline `[hooks]` config.",

332`auto | prompt | approve`332 },

~~333~~ 333 {

334Details334 key: "features.codex_git_commit",

~~335~~ 335 type: "boolean",

336Default approval behavior for tools in this app unless a per-tool override exists.336 description:

~~337~~ 337 "Enable Codex-generated git commits. When enabled, Codex uses `commit_attribution` to append a `Co-authored-by:` trailer to generated commit messages.",

338Key338 },

~~339~~ 339 {

340`apps.<id>.default_tools_enabled`340 key: "hooks",

~~341~~ 341 type: "table",

342Type / Values342 description:

~~343~~ 343 "Lifecycle hooks configured inline in `config.toml`. Uses the same event schema as `hooks.json`; see the Hooks guide for examples and supported events.",

344`boolean`344 },

~~345~~ 345 {

346Details346 key: "features.memories",

~~347~~ 347 type: "boolean",

348Default enabled state for tools in this app unless a per-tool override exists.348 description: "Enable [Memories](https://developers.openai.com/codex/memories) (off by default).",

~~349~~ 349 },

350Key350 {

~~351~~ 351 key: "mcp_servers.<id>.command",

352`apps.<id>.destructive_enabled`352 type: "string",

~~353~~ 353 description: "Launcher command for an MCP stdio server.",

354Type / Values354 },

~~355~~ 355 {

356`boolean`356 key: "mcp_servers.<id>.args",

~~357~~ 357 type: "array<string>",

358Details358 description: "Arguments passed to the MCP stdio server command.",

~~359~~ 359 },

360Allow or block tools in this app that advertise `destructive_hint = true`.360 {

~~361~~ 361 key: "mcp_servers.<id>.env",

362Key362 type: "map<string,string>",

~~363~~ 363 description: "Environment variables forwarded to the MCP stdio server.",

364`apps.<id>.enabled`364 },

~~365~~ 365 {

366Type / Values366 key: "mcp_servers.<id>.env_vars",

~~367~~ 367 type: 'array<string | { name = string, source = "local" | "remote" }>',

368`boolean`368 description:

~~369~~ 369 'Additional environment variables to whitelist for an MCP stdio server. String entries default to `source = "local"`; use `source = "remote"` only with executor-backed remote stdio.',

370Details370 },

~~371~~ 371 {

372Enable or disable a specific app/connector by id (default: true).372 key: "mcp_servers.<id>.cwd",

~~373~~ 373 type: "string",

374Key374 description: "Working directory for the MCP stdio server process.",

~~375~~ 375 },

376`apps.<id>.open_world_enabled`376 {

~~377~~ 377 key: "mcp_servers.<id>.url",

378Type / Values378 type: "string",

~~379~~ 379 description: "Endpoint for an MCP streamable HTTP server.",

380`boolean`380 },

~~381~~ 381 {

382Details382 key: "mcp_servers.<id>.bearer_token_env_var",

~~383~~ 383 type: "string",

384Allow or block tools in this app that advertise `open_world_hint = true`.384 description:

~~385~~ 385 "Environment variable sourcing the bearer token for an MCP HTTP server.",

386Key386 },

~~387~~ 387 {

388`apps.<id>.tools.<tool>.approval_mode`388 key: "mcp_servers.<id>.http_headers",

~~389~~ 389 type: "map<string,string>",

390Type / Values390 description: "Static HTTP headers included with each MCP HTTP request.",

~~391~~ 391 },

392`auto | prompt | approve`392 {

~~393~~ 393 key: "mcp_servers.<id>.env_http_headers",

394Details394 type: "map<string,string>",

~~395~~ 395 description:

396Per-tool approval behavior override for a single app tool.396 "HTTP headers populated from environment variables for an MCP HTTP server.",

~~397~~ 397 },

398Key398 {

~~399~~ 399 key: "mcp_servers.<id>.enabled",

400`apps.<id>.tools.<tool>.enabled`400 type: "boolean",

~~401~~ 401 description: "Disable an MCP server without removing its configuration.",

402Type / Values402 },

~~403~~ 403 {

404`boolean`404 key: "mcp_servers.<id>.required",

~~405~~ 405 type: "boolean",

406Details406 description:

~~407~~ 407 "When true, fail startup/resume if this enabled MCP server cannot initialize.",

408Per-tool enabled override for an app tool (for example `repos/list`).408 },

~~409~~ 409 {

410Key410 key: "mcp_servers.<id>.startup_timeout_sec",

~~411~~ 411 type: "number",

412`background_terminal_max_timeout`412 description:

~~413~~ 413 "Override the default 10s startup timeout for an MCP server.",

414Type / Values414 },

~~415~~ 415 {

416`number`416 key: "mcp_servers.<id>.startup_timeout_ms",

~~417~~ 417 type: "number",

418Details418 description: "Alias for `startup_timeout_sec` in milliseconds.",

~~419~~ 419 },

420Maximum poll window in milliseconds for empty `write_stdin` polls (background terminal polling). Default: `300000` (5 minutes). Replaces the older `background_terminal_timeout` key.420 {

~~421~~ 421 key: "mcp_servers.<id>.tool_timeout_sec",

422Key422 type: "number",

~~423~~ 423 description:

424`chatgpt_base_url`424 "Override the default 60s per-tool timeout for an MCP server.",

~~425~~ 425 },

426Type / Values426 {

~~427~~ 427 key: "mcp_servers.<id>.enabled_tools",

428`string`428 type: "array<string>",

~~429~~ 429 description: "Allow list of tool names exposed by the MCP server.",

430Details430 },

~~431~~ 431 {

432Override the base URL used during the ChatGPT login flow.432 key: "mcp_servers.<id>.disabled_tools",

~~433~~ 433 type: "array<string>",

434Key434 description:

~~435~~ 435 "Deny list applied after `enabled_tools` for the MCP server.",

436`check_for_update_on_startup`436 },

~~437~~ 437 {

438Type / Values438 key: "mcp_servers.<id>.scopes",

~~439~~ 439 type: "array<string>",

440`boolean`440 description:

~~441~~ 441 "OAuth scopes to request when authenticating to that MCP server.",

442Details442 },

~~443~~ 443 {

444Check for Codex updates on startup (set to false only when updates are centrally managed).444 key: "mcp_servers.<id>.oauth_resource",

~~445~~ 445 type: "string",

446Key446 description:

~~447~~ 447 "Optional RFC 8707 OAuth resource parameter to include during MCP login.",

448`cli_auth_credentials_store`448 },

~~449~~ 449 {

450Type / Values450 key: "mcp_servers.<id>.experimental_environment",

~~451~~ 451 type: "local | remote",

452`file | keyring | auto`452 description:

~~453~~ 453 "Experimental placement for an MCP server. `remote` starts stdio servers through a remote executor environment; streamable HTTP remote placement is not implemented.",

454Details454 },

~~455~~ 455 {

456Control where the CLI stores cached credentials (file-based auth.json vs OS keychain).456 key: "agents.max_threads",

~~457~~ 457 type: "number",

458Key458 description:

~~459~~ 459 "Maximum number of agent threads that can be open concurrently. Defaults to `6` when unset.",

460`compact_prompt`460 },

~~461~~ 461 {

462Type / Values462 key: "agents.max_depth",

~~463~~ 463 type: "number",

464`string`464 description:

~~465~~ 465 "Maximum nesting depth allowed for spawned agent threads (root sessions start at depth 0; default: 1).",

466Details466 },

~~467~~ 467 {

468Inline override for the history compaction prompt.468 key: "agents.job_max_runtime_seconds",

~~469~~ 469 type: "number",

470Key470 description:

~~471~~ 471 "Default per-worker timeout for `spawn_agents_on_csv` jobs. When unset, the tool falls back to 1800 seconds per worker.",

472`developer_instructions`472 },

~~473~~ 473 {

474Type / Values474 key: "agents.<name>.description",

~~475~~ 475 type: "string",

476`string`476 description:

~~477~~ 477 "Role guidance shown to Codex when choosing and spawning that agent type.",

478Details478 },

~~479~~ 479 {

480Additional developer instructions injected into the session (optional).480 key: "agents.<name>.config_file",

~~481~~ 481 type: "string (path)",

482Key482 description:

~~483~~ 483 "Path to a TOML config layer for that role; relative paths resolve from the config file that declares the role.",

484`disable_paste_burst`484 },

~~485~~ 485 {

486Type / Values486 key: "agents.<name>.nickname_candidates",

~~487~~ 487 type: "array<string>",

488`boolean`488 description:

~~489~~ 489 "Optional pool of display nicknames for spawned agents in that role.",

490Details490 },

~~491~~ 491 {

492Disable burst-paste detection in the TUI.492 key: "memories.generate_memories",

~~493~~ 493 type: "boolean",

494Key494 description:

~~495~~ 495 "When `false`, newly created threads are not stored as memory-generation inputs. Defaults to `true`.",

496`experimental_compact_prompt_file`496 },

~~497~~ 497 {

498Type / Values498 key: "memories.use_memories",

~~499~~ 499 type: "boolean",

500`string (path)`500 description:

~~501~~ 501 "When `false`, Codex skips injecting existing memories into future sessions. Defaults to `true`.",

502Details502 },

~~503~~ 503 {

504Load the compaction prompt override from a file (experimental).504 key: "memories.disable_on_external_context",

~~505~~ 505 type: "boolean",

506Key506 description:

~~507~~ 507 "When `true`, threads that use external context such as MCP tool calls, web search, or tool search are kept out of memory generation. Defaults to `false`. Legacy alias: `memories.no_memories_if_mcp_or_web_search`.",

508`experimental_use_freeform_apply_patch`508 },

~~509~~ 509 {

510Type / Values510 key: "memories.max_raw_memories_for_consolidation",

~~511~~ 511 type: "number",

512`boolean`512 description:

~~513~~ 513 "Maximum recent raw memories retained for global consolidation. Defaults to `256` and is capped at `4096`.",

514Details514 },

~~515~~ 515 {

516Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform` or `codex --enable apply_patch_freeform`.516 key: "memories.max_unused_days",

~~517~~ 517 type: "number",

518Key518 description:

~~519~~ 519 "Maximum days since a memory was last used before it becomes ineligible for consolidation. Defaults to `30` and is clamped to `0`-`365`.",

520`experimental_use_unified_exec_tool`520 },

~~521~~ 521 {

522Type / Values522 key: "memories.max_rollout_age_days",

~~523~~ 523 type: "number",

524`boolean`524 description:

~~525~~ 525 "Maximum age of threads considered for memory generation. Defaults to `30` and is clamped to `0`-`90`.",

526Details526 },

~~527~~ 527 {

528Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`.528 key: "memories.max_rollouts_per_startup",

~~529~~ 529 type: "number",

530Key530 description:

~~531~~ 531 "Maximum rollout candidates processed per startup pass. Defaults to `16` and is capped at `128`.",

532`features.apply_patch_freeform`532 },

~~533~~ 533 {

534Type / Values534 key: "memories.min_rollout_idle_hours",

~~535~~ 535 type: "number",

536`boolean`536 description:

~~537~~ 537 "Minimum idle time before a thread is considered for memory generation. Defaults to `6` and is clamped to `1`-`48`.",

538Details538 },

~~539~~ 539 {

540Expose the freeform `apply_patch` tool (experimental).540 key: "memories.min_rate_limit_remaining_percent",

~~541~~ 541 type: "number",

542Key542 description:

~~543~~ 543 "Minimum remaining percentage required in Codex rate-limit windows before memory generation starts. Defaults to `25` and is clamped to `0`-`100`.",

544`features.apps`544 },

~~545~~ 545 {

546Type / Values546 key: "memories.extract_model",

~~547~~ 547 type: "string",

548`boolean`548 description: "Optional model override for per-thread memory extraction.",

~~549~~ 549 },

550Details550 {

~~551~~ 551 key: "memories.consolidation_model",

552Enable ChatGPT Apps/connectors support (experimental).552 type: "string",

~~553~~ 553 description: "Optional model override for global memory consolidation.",

554Key554 },

~~555~~ 555 {

556`features.apps_mcp_gateway`556 key: "features.unified_exec",

~~557~~ 557 type: "boolean",

558Type / Values558 description:

~~559~~ 559 "Use the unified PTY-backed exec tool (stable; enabled by default except on Windows).",

560`boolean`560 },

~~561~~ 561 {

562Details562 key: "features.shell_snapshot",

~~563~~ 563 type: "boolean",

564Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental).564 description:

~~565~~ 565 "Snapshot shell environment to speed up repeated commands (stable; on by default).",

566Key566 },

~~567~~ 567 {

568`features.child_agents_md`568 key: "features.undo",

~~569~~ 569 type: "boolean",

570Type / Values570 description: "Enable undo support (stable; off by default).",

~~571~~ 571 },

572`boolean`572 {

~~573~~ 573 key: "features.multi_agent",

574Details574 type: "boolean",

~~575~~ 575 description:

576Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental).576 "Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait_agent`, and `close_agent`) (stable; on by default).",

~~577~~ 577 },

578Key578 {

~~579~~ 579 key: "features.personality",

580`features.collaboration_modes`580 type: "boolean",

~~581~~ 581 description:

582Type / Values582 "Enable personality selection controls (stable; on by default).",

~~583~~ 583 },

584`boolean`584 {

~~585~~ 585 key: "features.web_search",

586Details586 type: "boolean",

~~587~~ 587 description:

588Enable collaboration modes such as plan mode (stable; on by default).588 "Deprecated legacy toggle; prefer the top-level `web_search` setting.",

~~589~~ 589 },

590Key590 {

~~591~~ 591 key: "features.web_search_cached",

592`features.elevated_windows_sandbox`592 type: "boolean",

~~593~~ 593 description:

594Type / Values594 'Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`.',

~~595~~ 595 },

596`boolean`596 {

~~597~~ 597 key: "features.web_search_request",

598Details598 type: "boolean",

~~599~~ 599 description:

600Enable the elevated Windows sandbox pipeline (experimental).600 'Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "live"`.',

~~601~~ 601 },

602Key602 {

~~603~~ 603 key: "features.shell_tool",

604`features.experimental_windows_sandbox`604 type: "boolean",

~~605~~ 605 description:

606Type / Values606 "Enable the default `shell` tool for running commands (stable; on by default).",

~~607~~ 607 },

608`boolean`608 {

~~609~~ 609 key: "features.enable_request_compression",

610Details610 type: "boolean",

~~611~~ 611 description:

612Run the Windows restricted-token sandbox (experimental).612 "Compress streaming request bodies with zstd when supported (stable; on by default).",

~~613~~ 613 },

614Key614 {

~~615~~ 615 key: "features.skill_mcp_dependency_install",

616`features.multi_agent`616 type: "boolean",

~~617~~ 617 description:

618Type / Values618 "Allow prompting and installing missing MCP dependencies for skills (stable; on by default).",

~~619~~ 619 },

620`boolean`620 {

~~621~~ 621 key: "features.fast_mode",

622Details622 type: "boolean",

~~623~~ 623 description:

624Enable multi-agent collaboration tools (`spawn\_agent`, `send\_input`, `resume\_agent`, `wait`, and `close\_agent`) (experimental; off by default).624 'Enable Fast mode selection and the `service_tier = "fast"` path (stable; on by default).',

~~625~~ 625 },

626Key626 {

~~627~~ 627 key: "features.prevent_idle_sleep",

628`features.personality`628 type: "boolean",

~~629~~ 629 description:

630Type / Values630 "Prevent the machine from sleeping while a turn is actively running (experimental; off by default).",

~~631~~ 631 },

632`boolean`632 {

~~633~~ 633 key: "suppress_unstable_features_warning",

634Details634 type: "boolean",

~~635~~ 635 description:

636Enable personality selection controls (stable; on by default).636 "Suppress the warning that appears when under-development feature flags are enabled.",

~~637~~ 637 },

638Key638 {

~~639~~ 639 key: "model_providers.<id>",

640`features.powershell_utf8`640 type: "table",

~~641~~ 641 description:

642Type / Values642 "Custom provider definition. Built-in provider IDs (`openai`, `ollama`, and `lmstudio`) are reserved and cannot be overridden.",

~~643~~ 643 },

644`boolean`644 {

~~645~~ 645 key: "model_providers.<id>.name",

646Details646 type: "string",

~~647~~ 647 description: "Display name for a custom model provider.",

648Force PowerShell UTF-8 output (defaults to true).648 },

~~649~~ 649 {

650Key650 key: "model_providers.<id>.base_url",

~~651~~ 651 type: "string",

652`features.remote_models`652 description: "API base URL for the model provider.",

~~653~~ 653 },

654Type / Values654 {

~~655~~ 655 key: "model_providers.<id>.env_key",

656`boolean`656 type: "string",

~~657~~ 657 description: "Environment variable supplying the provider API key.",

658Details658 },

~~659~~ 659 {

660Refresh remote model list before showing readiness (experimental).660 key: "model_providers.<id>.env_key_instructions",

~~661~~ 661 type: "string",

662Key662 description: "Optional setup guidance for the provider API key.",

~~663~~ 663 },

664`features.request_rule`664 {

~~665~~ 665 key: "model_providers.<id>.experimental_bearer_token",

666Type / Values666 type: "string",

~~667~~ 667 description:

668`boolean`668 "Direct bearer token for the provider (discouraged; use `env_key`).",

~~669~~ 669 },

670Details670 {

~~671~~ 671 key: "model_providers.<id>.requires_openai_auth",

672Enable Smart approvals (`prefix_rule` suggestions on escalation requests; stable; on by default).672 type: "boolean",

~~673~~ 673 description:

674Key674 "The provider uses OpenAI authentication (defaults to false).",

~~675~~ 675 },

676`features.runtime_metrics`676 {

~~677~~ 677 key: "model_providers.<id>.wire_api",

678Type / Values678 type: "responses",

~~679~~ 679 description:

680`boolean`680 "Protocol used by the provider. `responses` is the only supported value, and it is the default when omitted.",

~~681~~ 681 },

682Details682 {

~~683~~ 683 key: "model_providers.<id>.query_params",

684Show runtime metrics summary in TUI turn separators (experimental).684 type: "map<string,string>",

~~685~~ 685 description: "Extra query parameters appended to provider requests.",

686Key686 },

~~687~~ 687 {

688`features.search_tool`688 key: "model_providers.<id>.http_headers",

~~689~~ 689 type: "map<string,string>",

690Type / Values690 description: "Static HTTP headers added to provider requests.",

~~691~~ 691 },

692`boolean`692 {

~~693~~ 693 key: "model_providers.<id>.env_http_headers",

694Details694 type: "map<string,string>",

~~695~~ 695 description:

696Enable `search_tool_bm25` for Apps tool discovery before invoking app MCP tools (experimental).696 "HTTP headers populated from environment variables when present.",

~~697~~ 697 },

698Key698 {

~~699~~ 699 key: "model_providers.<id>.request_max_retries",

700`features.shell_snapshot`700 type: "number",

~~701~~ 701 description:

702Type / Values702 "Retry count for HTTP requests to the provider (default: 4).",

~~703~~ 703 },

704`boolean`704 {

~~705~~ 705 key: "model_providers.<id>.stream_max_retries",

706Details706 type: "number",

~~707~~ 707 description: "Retry count for SSE streaming interruptions (default: 5).",

708Snapshot shell environment to speed up repeated commands (beta).708 },

~~709~~ 709 {

710Key710 key: "model_providers.<id>.stream_idle_timeout_ms",

~~711~~ 711 type: "number",

712`features.shell_tool`712 description:

~~713~~ 713 "Idle timeout for SSE streams in milliseconds (default: 300000).",

714Type / Values714 },

~~715~~ 715 {

716`boolean`716 key: "model_providers.<id>.supports_websockets",

~~717~~ 717 type: "boolean",

718Details718 description:

~~719~~ 719 "Whether that provider supports the Responses API WebSocket transport.",

720Enable the default `shell` tool for running commands (stable; on by default).720 },

~~721~~ 721 {

722Key722 key: "model_providers.<id>.auth",

~~723~~ 723 type: "table",

724`features.unified_exec`724 description:

~~725~~ 725 "Command-backed bearer token configuration for a custom provider. Do not combine with `env_key`, `experimental_bearer_token`, or `requires_openai_auth`.",

726Type / Values726 },

~~727~~ 727 {

728`boolean`728 key: "model_providers.<id>.auth.command",

~~729~~ 729 type: "string",

730Details730 description:

~~731~~ 731 "Command to run when Codex needs a bearer token. The command must print the token to stdout.",

732Use the unified PTY-backed exec tool (beta).732 },

~~733~~ 733 {

734Key734 key: "model_providers.<id>.auth.args",

~~735~~ 735 type: "array<string>",

736`features.use_linux_sandbox_bwrap`736 description: "Arguments passed to the token command.",

~~737~~ 737 },

738Type / Values738 {

~~739~~ 739 key: "model_providers.<id>.auth.timeout_ms",

740`boolean`740 type: "number",

~~741~~ 741 description:

742Details742 "Maximum token command runtime in milliseconds (default: 5000).",

~~743~~ 743 },

744Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default).744 {

~~745~~ 745 key: "model_providers.<id>.auth.refresh_interval_ms",

746Key746 type: "number",

~~747~~ 747 description:

748`features.web_search`748 "How often Codex proactively refreshes the token in milliseconds (default: 300000). Set to `0` to refresh only after an authentication retry.",

~~749~~ 749 },

750Type / Values750 {

~~751~~ 751 key: "model_providers.<id>.auth.cwd",

752`boolean`752 type: "string (path)",

~~753~~ 753 description: "Working directory for the token command.",

754Details754 },

~~755~~ 755 {

756Deprecated legacy toggle; prefer the top-level `web_search` setting.756 key: "model_providers.amazon-bedrock.aws.profile",

~~757~~ 757 type: "string",

758Key758 description:

~~759~~ 759 "AWS profile name used by the built-in `amazon-bedrock` provider.",

760`features.web_search_cached`760 },

~~761~~ 761 {

762Type / Values762 key: "model_providers.amazon-bedrock.aws.region",

~~763~~ 763 type: "string",

764`boolean`764 description: "AWS region used by the built-in `amazon-bedrock` provider.",

~~765~~ 765 },

766Details766 {

~~767~~ 767 key: "model_reasoning_effort",

768Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`.768 type: "minimal | low | medium | high | xhigh",

~~769~~ 769 description:

770Key770 "Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent).",

~~771~~ 771 },

772`features.web_search_request`772 {

~~773~~ 773 key: "plan_mode_reasoning_effort",

~~775~~ 775 description:

776`boolean`776 "Plan-mode-specific reasoning override. When unset, Plan mode uses its built-in preset default.",

~~777~~ 777 },

778Details778 {

~~779~~ 779 key: "model_reasoning_summary",

780Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "live"`.780 type: "auto | concise | detailed | none",

~~781~~ 781 description:

782Key782 "Select reasoning summary detail or disable summaries entirely.",

~~783~~ 783 },

784`feedback.enabled`784 {

~~785~~ 785 key: "model_verbosity",

786Type / Values786 type: "low | medium | high",

~~787~~ 787 description:

788`boolean`788 "Optional GPT-5 Responses API verbosity override; when unset, the selected model/preset default is used.",

~~789~~ 789 },

790Details790 {

~~791~~ 791 key: "model_supports_reasoning_summaries",

792Enable feedback submission via `/feedback` across Codex surfaces (default: true).792 type: "boolean",

~~793~~ 793 description: "Force Codex to send or not send reasoning metadata.",

794Key794 },

~~795~~ 795 {

796`file_opener`796 key: "shell_environment_policy.inherit",

~~797~~ 797 type: "all | core | none",

798Type / Values798 description:

~~799~~ 799 "Baseline environment inheritance when spawning subprocesses.",

800`vscode | vscode-insiders | windsurf | cursor | none`800 },

~~801~~ 801 {

802Details802 key: "shell_environment_policy.ignore_default_excludes",

~~803~~ 803 type: "boolean",

804URI scheme used to open citations from Codex output (default: `vscode`).804 description:

~~805~~ 805 "Keep variables containing KEY/SECRET/TOKEN before other filters run.",

806Key806 },

~~807~~ 807 {

808`forced_chatgpt_workspace_id`808 key: "shell_environment_policy.exclude",

~~809~~ 809 type: "array<string>",

810Type / Values810 description:

~~811~~ 811 "Glob patterns for removing environment variables after the defaults.",

812`string (uuid)`812 },

~~813~~ 813 {

814Details814 key: "shell_environment_policy.include_only",

~~815~~ 815 type: "array<string>",

816Limit ChatGPT logins to a specific workspace identifier.816 description:

~~817~~ 817 "Whitelist of patterns; when set only matching variables are kept.",

818Key818 },

~~819~~ 819 {

820`forced_login_method`820 key: "shell_environment_policy.set",

~~821~~ 821 type: "map<string,string>",

822Type / Values822 description:

~~823~~ 823 "Explicit environment overrides injected into every subprocess.",

824`chatgpt | api`824 },

~~825~~ 825 {

826Details826 key: "shell_environment_policy.experimental_use_profile",

~~827~~ 827 type: "boolean",

828Restrict Codex to a specific authentication method.828 description: "Use the user shell profile when spawning subprocesses.",

~~829~~ 829 },

830Key830 {

~~831~~ 831 key: "project_root_markers",

832`hide_agent_reasoning`832 type: "array<string>",

~~833~~ 833 description:

834Type / Values834 "List of project root marker filenames; used when searching parent directories for the project root.",

~~835~~ 835 },

836`boolean`836 {

~~837~~ 837 key: "project_doc_max_bytes",

838Details838 type: "number",

~~839~~ 839 description:

840Suppress reasoning events in both the TUI and `codex exec` output.840 "Maximum bytes read from `AGENTS.md` when building project instructions.",

~~841~~ 841 },

842Key842 {

~~843~~ 843 key: "project_doc_fallback_filenames",

844`history.max_bytes`844 type: "array<string>",

~~845~~ 845 description: "Additional filenames to try when `AGENTS.md` is missing.",

846Type / Values846 },

~~847~~ 847 {

848`number`848 key: "profile",

~~849~~ 849 type: "string",

850Details850 description:

~~851~~ 851 "Default profile applied at startup (equivalent to `--profile`).",

852If set, caps the history file size in bytes by dropping oldest entries.852 },

~~853~~ 853 {

854Key854 key: "profiles.<name>.*",

~~855~~ 855 type: "various",

856`history.persistence`856 description:

~~857~~ 857 "Profile-scoped overrides for any of the supported configuration keys.",

858Type / Values858 },

~~859~~ 859 {

860`save-all | none`860 key: "profiles.<name>.service_tier",

~~861~~ 861 type: "flex | fast",

862Details862 description: "Profile-scoped service tier preference for new turns.",

~~863~~ 863 },

864Control whether Codex saves session transcripts to history.jsonl.864 {

~~865~~ 865 key: "profiles.<name>.plan_mode_reasoning_effort",

~~867~~ 867 description: "Profile-scoped Plan-mode reasoning override.",

868`include_apply_patch_tool`868 },

~~869~~ 869 {

870Type / Values870 key: "profiles.<name>.web_search",

~~871~~ 871 type: "disabled | cached | live",

872`boolean`872 description:

~~873~~ 873 'Profile-scoped web search mode override (default: `"cached"`).',

874Details874 },

~~875~~ 875 {

876Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.876 key: "profiles.<name>.personality",

~~877~~ 877 type: "none | friendly | pragmatic",

878Key878 description:

~~879~~ 879 "Profile-scoped communication style override for supported models.",

880`instructions`880 },

~~881~~ 881 {

882Type / Values882 key: "profiles.<name>.model_catalog_json",

~~883~~ 883 type: "string (path)",

884`string`884 description:

~~885~~ 885 "Profile-scoped model catalog JSON path override (applied on startup only; overrides the top-level `model_catalog_json` for that profile).",

886Details886 },

~~887~~ 887 {

888Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`.888 key: "profiles.<name>.model_instructions_file",

~~889~~ 889 type: "string (path)",

890Key890 description:

~~891~~ 891 "Profile-scoped replacement for the built-in instruction file.",

892`log_dir`892 },

~~893~~ 893 {

894Type / Values894 key: "profiles.<name>.experimental_use_unified_exec_tool",

~~895~~ 895 type: "boolean",

896`string (path)`896 description:

~~897~~ 897 "Legacy name for enabling unified exec; prefer `[features].unified_exec`.",

898Details898 },

~~899~~ 899 {

900Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`.900 key: "profiles.<name>.oss_provider",

~~901~~ 901 type: "lmstudio | ollama",

902Key902 description: "Profile-scoped OSS provider for `--oss` sessions.",

~~903~~ 903 },

904`mcp_oauth_callback_port`904 {

~~905~~ 905 key: "profiles.<name>.tools_view_image",

906Type / Values906 type: "boolean",

~~907~~ 907 description: "Enable or disable the `view_image` tool in that profile.",

908`integer`908 },

~~909~~ 909 {

910Details910 key: "profiles.<name>.analytics.enabled",

~~911~~ 911 type: "boolean",

912Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS.912 description: "Profile-scoped analytics enablement override.",

~~913~~ 913 },

914Key914 {

~~915~~ 915 key: "profiles.<name>.windows.sandbox",

916`mcp_oauth_callback_url`916 type: "unelevated | elevated",

~~917~~ 917 description: "Profile-scoped Windows sandbox mode override.",

918Type / Values918 },

~~919~~ 919 {

920`string`920 key: "history.persistence",

~~921~~ 921 type: "save-all | none",

922Details922 description:

~~923~~ 923 "Control whether Codex saves session transcripts to history.jsonl.",

924Optional redirect URI override for MCP OAuth login (for example, a devbox ingress URL). `mcp_oauth_callback_port` still controls the callback listener port.924 },

~~925~~ 925 {

926Key926 key: "tool_output_token_limit",

~~927~~ 927 type: "number",

928`mcp_oauth_credentials_store`928 description:

~~929~~ 929 "Token budget for storing individual tool/function outputs in history.",

930Type / Values930 },

~~931~~ 931 {

932`auto | file | keyring`932 key: "background_terminal_max_timeout",

~~933~~ 933 type: "number",

934Details934 description:

~~935~~ 935 "Maximum poll window in milliseconds for empty `write_stdin` polls (background terminal polling). Default: `300000` (5 minutes). Replaces the older `background_terminal_timeout` key.",

936Preferred store for MCP OAuth credentials.936 },

~~937~~ 937 {

938Key938 key: "history.max_bytes",

~~939~~ 939 type: "number",

940`mcp_servers.<id>.args`940 description:

~~941~~ 941 "If set, caps the history file size in bytes by dropping oldest entries.",

942Type / Values942 },

~~943~~ 943 {

944`array<string>`944 key: "file_opener",

~~945~~ 945 type: "vscode | vscode-insiders | windsurf | cursor | none",

946Details946 description:

~~947~~ 947 "URI scheme used to open citations from Codex output (default: `vscode`).",

948Arguments passed to the MCP stdio server command.948 },

~~949~~ 949 {

950Key950 key: "otel.environment",

~~951~~ 951 type: "string",

952`mcp_servers.<id>.bearer_token_env_var`952 description:

~~953~~ 953 "Environment tag applied to emitted OpenTelemetry events (default: `dev`).",

954Type / Values954 },

~~955~~ 955 {

956`string`956 key: "otel.exporter",

~~957~~ 957 type: "none | otlp-http | otlp-grpc",

958Details958 description:

~~959~~ 959 "Select the OpenTelemetry exporter and provide any endpoint metadata.",

960Environment variable sourcing the bearer token for an MCP HTTP server.960 },

~~961~~ 961 {

962Key962 key: "otel.trace_exporter",

~~963~~ 963 type: "none | otlp-http | otlp-grpc",

964`mcp_servers.<id>.command`964 description:

~~965~~ 965 "Select the OpenTelemetry trace exporter and provide any endpoint metadata.",

966Type / Values966 },

~~967~~ 967 {

968`string`968 key: "otel.metrics_exporter",

~~969~~ 969 type: "none | statsig | otlp-http | otlp-grpc",

970Details970 description:

~~971~~ 971 "Select the OpenTelemetry metrics exporter (defaults to `statsig`).",

972Launcher command for an MCP stdio server.972 },

~~973~~ 973 {

974Key974 key: "otel.log_user_prompt",

~~975~~ 975 type: "boolean",

976`mcp_servers.<id>.cwd`976 description:

~~977~~ 977 "Opt in to exporting raw user prompts with OpenTelemetry logs.",

978Type / Values978 },

~~979~~ 979 {

980`string`980 key: "otel.exporter.<id>.endpoint",

~~981~~ 981 type: "string",

982Details982 description: "Exporter endpoint for OTEL logs.",

~~983~~ 983 },

984Working directory for the MCP stdio server process.984 {

~~985~~ 985 key: "otel.exporter.<id>.protocol",

986Key986 type: "binary | json",

~~987~~ 987 description: "Protocol used by the OTLP/HTTP exporter.",

988`mcp_servers.<id>.disabled_tools`988 },

~~989~~ 989 {

990Type / Values990 key: "otel.exporter.<id>.headers",

~~991~~ 991 type: "map<string,string>",

992`array<string>`992 description: "Static headers included with OTEL exporter requests.",

~~993~~ 993 },

994Details994 {

~~995~~ 995 key: "otel.trace_exporter.<id>.endpoint",

996Deny list applied after `enabled_tools` for the MCP server.996 type: "string",

~~997~~ 997 description: "Trace exporter endpoint for OTEL logs.",

998Key998 },

~~999~~ 999 {

1000`mcp_servers.<id>.enabled`1000 key: "otel.trace_exporter.<id>.protocol",

~~1001~~ 1001 type: "binary | json",

1002Type / Values1002 description: "Protocol used by the OTLP/HTTP trace exporter.",

~~1003~~ 1003 },

1004`boolean`1004 {

~~1005~~ 1005 key: "otel.trace_exporter.<id>.headers",

1006Details1006 type: "map<string,string>",

~~1007~~ 1007 description: "Static headers included with OTEL trace exporter requests.",

1008Disable an MCP server without removing its configuration.1008 },

~~1009~~ 1009 {

1010Key1010 key: "otel.exporter.<id>.tls.ca-certificate",

~~1011~~ 1011 type: "string",

1012`mcp_servers.<id>.enabled_tools`1012 description: "CA certificate path for OTEL exporter TLS.",

~~1013~~ 1013 },

1014Type / Values1014 {

~~1015~~ 1015 key: "otel.exporter.<id>.tls.client-certificate",

1016`array<string>`1016 type: "string",

~~1017~~ 1017 description: "Client certificate path for OTEL exporter TLS.",

1018Details1018 },

~~1019~~ 1019 {

1020Allow list of tool names exposed by the MCP server.1020 key: "otel.exporter.<id>.tls.client-private-key",

~~1021~~ 1021 type: "string",

1022Key1022 description: "Client private key path for OTEL exporter TLS.",

~~1023~~ 1023 },

1024`mcp_servers.<id>.env`1024 {

~~1025~~ 1025 key: "otel.trace_exporter.<id>.tls.ca-certificate",

1026Type / Values1026 type: "string",

~~1027~~ 1027 description: "CA certificate path for OTEL trace exporter TLS.",

1028`map<string,string>`1028 },

~~1029~~ 1029 {

1030Details1030 key: "otel.trace_exporter.<id>.tls.client-certificate",

~~1031~~ 1031 type: "string",

1032Environment variables forwarded to the MCP stdio server.1032 description: "Client certificate path for OTEL trace exporter TLS.",

~~1033~~ 1033 },

1034Key1034 {

~~1035~~ 1035 key: "otel.trace_exporter.<id>.tls.client-private-key",

1036`mcp_servers.<id>.env_http_headers`1036 type: "string",

~~1037~~ 1037 description: "Client private key path for OTEL trace exporter TLS.",

1038Type / Values1038 },

~~1039~~ 1039 {

1040`map<string,string>`1040 key: "tui",

~~1041~~ 1041 type: "table",

1042Details1042 description:

~~1043~~ 1043 "TUI-specific options such as enabling inline desktop notifications.",

1044HTTP headers populated from environment variables for an MCP HTTP server.1044 },

~~1045~~ 1045 {

1046Key1046 key: "tui.notifications",

~~1047~~ 1047 type: "boolean | array<string>",

1048`mcp_servers.<id>.env_vars`1048 description:

~~1049~~ 1049 "Enable TUI notifications; optionally restrict to specific event types.",

1050Type / Values1050 },

~~1051~~ 1051 {

1052`array<string>`1052 key: "tui.notification_method",

~~1053~~ 1053 type: "auto | osc9 | bel",

1054Details1054 description:

~~1055~~ 1055 "Notification method for terminal notifications (default: auto).",

1056Additional environment variables to whitelist for an MCP stdio server.1056 },

~~1057~~ 1057 {

1058Key1058 key: "tui.notification_condition",

~~1059~~ 1059 type: "unfocused | always",

1060`mcp_servers.<id>.http_headers`1060 description:

~~1061~~ 1061 "Control whether TUI notifications fire only when the terminal is unfocused or regardless of focus. Defaults to `unfocused`.",

1062Type / Values1062 },

~~1063~~ 1063 {

1064`map<string,string>`1064 key: "tui.animations",

~~1065~~ 1065 type: "boolean",

1066Details1066 description:

~~1067~~ 1067 "Enable terminal animations (welcome screen, shimmer, spinner) (default: true).",

1068Static HTTP headers included with each MCP HTTP request.1068 },

~~1069~~ 1069 {

1070Key1070 key: "tui.alternate_screen",

~~1071~~ 1071 type: "auto | always | never",

1072`mcp_servers.<id>.required`1072 description:

~~1073~~ 1073 "Control alternate screen usage for the TUI (default: auto; auto skips it in Zellij to preserve scrollback).",

1074Type / Values1074 },

~~1075~~ 1075 {

1076`boolean`1076 key: "tui.show_tooltips",

~~1077~~ 1077 type: "boolean",

1078Details1078 description:

~~1079~~ 1079 "Show onboarding tooltips in the TUI welcome screen (default: true).",

1080When true, fail startup/resume if this enabled MCP server cannot initialize.1080 },

~~1081~~ 1081 {

1082Key1082 key: "tui.status_line",

~~1083~~ 1083 type: "array<string> | null",

1084`mcp_servers.<id>.startup_timeout_ms`1084 description:

~~1085~~ 1085 "Ordered list of TUI footer status-line item identifiers. `null` disables the status line.",

1086Type / Values1086 },

~~1087~~ 1087 {

1088`number`1088 key: "tui.terminal_title",

~~1089~~ 1089 type: "array<string> | null",

1090Details1090 description:

~~1091~~ 1091 'Ordered list of terminal window/tab title item identifiers. Defaults to `["spinner", "project"]`; `null` disables title updates.',

1092Alias for `startup_timeout_sec` in milliseconds.1092 },

~~1093~~ 1093 {

1094Key1094 key: "tui.theme",

~~1095~~ 1095 type: "string",

1096`mcp_servers.<id>.startup_timeout_sec`1096 description:

~~1097~~ 1097 "Syntax-highlighting theme override (kebab-case theme name).",

1098Type / Values1098 },

~~1099~~ 1099 {

1100`number`1100 key: "tui.keymap.<context>.<action>",

~~1101~~ 1101 type: "string | array<string>",

1102Details1102 description:

~~1103~~ 1103 "Keyboard shortcut binding for a TUI action. Supported contexts include `global`, `chat`, `composer`, `editor`, `pager`, `list`, and `approval`; context-specific bindings override `tui.keymap.global`.",

1104Override the default 10s startup timeout for an MCP server.1104 },

~~1105~~ 1105 {

1106Key1106 key: "tui.keymap.<context>.<action> = []",

~~1107~~ 1107 type: "empty array",

1108`mcp_servers.<id>.tool_timeout_sec`1108 description:

~~1109~~ 1109 "Unbind the action in that keymap context. Key names use normalized strings such as `ctrl-a`, `shift-enter`, or `page-down`.",

1110Type / Values1110 },

~~1111~~ 1111 {

1112`number`1112 key: "tui.model_availability_nux.<model>",

~~1113~~ 1113 type: "integer",

1114Details1114 description: "Internal startup-tooltip state keyed by model slug.",

~~1115~~ 1115 },

1116Override the default 60s per-tool timeout for an MCP server.1116 {

~~1117~~ 1117 key: "hide_agent_reasoning",

1118Key1118 type: "boolean",

~~1119~~ 1119 description:

1120`mcp_servers.<id>.url`1120 "Suppress reasoning events in both the TUI and `codex exec` output.",

~~1121~~ 1121 },

1122Type / Values1122 {

~~1123~~ 1123 key: "show_raw_agent_reasoning",

1124`string`1124 type: "boolean",

~~1125~~ 1125 description:

1126Details1126 "Surface raw reasoning content when the active model emits it.",

~~1127~~ 1127 },

1128Endpoint for an MCP streamable HTTP server.1128 {

~~1129~~ 1129 key: "disable_paste_burst",

1130Key1130 type: "boolean",

~~1131~~ 1131 description: "Disable burst-paste detection in the TUI.",

1132`model`1132 },

~~1133~~ 1133 {

1134Type / Values1134 key: "windows_wsl_setup_acknowledged",

~~1135~~ 1135 type: "boolean",

1136`string`1136 description: "Track Windows onboarding acknowledgement (Windows only).",

~~1137~~ 1137 },

1138Details1138 {

~~1139~~ 1139 key: "chatgpt_base_url",

1140Model to use (e.g., `gpt-5-codex`).1140 type: "string",

~~1141~~ 1141 description: "Override the base URL used during the ChatGPT login flow.",

1142Key1142 },

~~1143~~ 1143 {

1144`model_auto_compact_token_limit`1144 key: "cli_auth_credentials_store",

~~1145~~ 1145 type: "file | keyring | auto",

1146Type / Values1146 description:

~~1147~~ 1147 "Control where the CLI stores cached credentials (file-based auth.json vs OS keychain).",

1148`number`1148 },

~~1149~~ 1149 {

1150Details1150 key: "mcp_oauth_credentials_store",

~~1151~~ 1151 type: "auto | file | keyring",

1152Token threshold that triggers automatic history compaction (unset uses model defaults).1152 description: "Preferred store for MCP OAuth credentials.",

~~1153~~ 1153 },

1154Key1154 {

~~1155~~ 1155 key: "mcp_oauth_callback_port",

1156`model_catalog_json`1156 type: "integer",

~~1157~~ 1157 description:

1158Type / Values1158 "Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS.",

~~1159~~ 1159 },

1160`string (path)`1160 {

~~1161~~ 1161 key: "mcp_oauth_callback_url",

1162Details1162 type: "string",

~~1163~~ 1163 description:

1164Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile.1164 "Optional redirect URI override for MCP OAuth login (for example, a devbox ingress URL). `mcp_oauth_callback_port` still controls the callback listener port.",

~~1165~~ 1165 },

1166Key1166 {

~~1167~~ 1167 key: "experimental_use_unified_exec_tool",

1168`model_context_window`1168 type: "boolean",

~~1169~~ 1169 description:

1170Type / Values1170 "Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`.",

~~1171~~ 1171 },

1172`number`1172 {

~~1173~~ 1173 key: "tools.web_search",

1174Details1174 type: 'boolean | { context_size = "low|medium|high", allowed_domains = [string], location = { country, region, city, timezone } }',

~~1175~~ 1175 description:

1176Context window tokens available to the active model.1176 "Optional web search tool configuration. The legacy boolean form is still accepted, but the object form lets you set search context size, allowed domains, and approximate user location.",

~~1177~~ 1177 },

1178Key1178 {

~~1179~~ 1179 key: "tools.view_image",

1180`model_instructions_file`1180 type: "boolean",

~~1181~~ 1181 description: "Enable the local-image attachment tool `view_image`.",

1182Type / Values1182 },

~~1183~~ 1183 {

1184`string (path)`1184 key: "web_search",

~~1185~~ 1185 type: "disabled | cached | live",

1186Details1186 description:

~~1187~~ 1187 'Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool.',

1188Replacement for built-in instructions instead of `AGENTS.md`.1188 },

~~1189~~ 1189 {

1190Key1190 key: "default_permissions",

~~1191~~ 1191 type: "string",

1192`model_provider`1192 description:

~~1193~~ 1193 "Name of the default permissions profile to apply to sandboxed tool calls. Built-ins are `:read-only`, `:workspace`, and `:danger-no-sandbox`; custom profile names require matching `[permissions.<name>]` tables.",

1194Type / Values1194 },

~~1195~~ 1195 {

1196`string`1196 key: "permissions.<name>.filesystem",

~~1197~~ 1197 type: "table",

1198Details1198 description:

~~1199~~ 1199 "Named filesystem permission profile. Each key is an absolute path or special token such as `:minimal` or `:project_roots`.",

1200Provider id from `model_providers` (default: `openai`).1200 },

~~1201~~ 1201 {

1202Key1202 key: "permissions.<name>.filesystem.glob_scan_max_depth",

~~1203~~ 1203 type: "number",

1204`model_providers.<id>.base_url`1204 description:

~~1205~~ 1205 "Maximum depth for expanding deny-read glob patterns on platforms that snapshot matches before sandbox startup. Must be at least `1` when set.",

1206Type / Values1206 },

~~1207~~ 1207 {

1208`string`1208 key: "permissions.<name>.filesystem.<path-or-glob>",

~~1209~~ 1209 type: '"read" | "write" | "none" | table',

1210Details1210 description:

~~1211~~ 1211 'Grant direct access for a path, glob pattern, or special token, or scope nested entries under that root. Use `"none"` to deny reads for matching paths.',

1212API base URL for the model provider.1212 },

~~1213~~ 1213 {

1214Key1214 key: 'permissions.<name>.filesystem.":project_roots".<subpath-or-glob>',

~~1215~~ 1215 type: '"read" | "write" | "none"',

1216`model_providers.<id>.env_http_headers`1216 description:

~~1217~~ 1217 'Scoped filesystem access relative to the detected project roots. Use `"."` for the root itself; glob subpaths such as `"**/*.env"` can deny reads with `"none"`.',

1218Type / Values1218 },

~~1219~~ 1219 {

1220`map<string,string>`1220 key: "permissions.<name>.network.enabled",

~~1221~~ 1221 type: "boolean",

1222Details1222 description: "Enable network access for this named permissions profile.",

~~1223~~ 1223 },

1224HTTP headers populated from environment variables when present.1224 {

~~1225~~ 1225 key: "permissions.<name>.network.proxy_url",

1226Key1226 type: "string",

~~1227~~ 1227 description:

1228`model_providers.<id>.env_key`1228 "HTTP proxy endpoint used when this permissions profile enables the managed network proxy.",

~~1229~~ 1229 },

1230Type / Values1230 {

~~1231~~ 1231 key: "permissions.<name>.network.enable_socks5",

1232`string`1232 type: "boolean",

~~1233~~ 1233 description:

1234Details1234 "Expose a SOCKS5 listener when this permissions profile enables the managed network proxy.",

~~1235~~ 1235 },

1236Environment variable supplying the provider API key.1236 {

~~1237~~ 1237 key: "permissions.<name>.network.socks_url",

1238Key1238 type: "string",

~~1239~~ 1239 description: "SOCKS5 proxy endpoint used by this permissions profile.",

1240`model_providers.<id>.env_key_instructions`1240 },

~~1241~~ 1241 {

1242Type / Values1242 key: "permissions.<name>.network.enable_socks5_udp",

~~1243~~ 1243 type: "boolean",

1244`string`1244 description: "Allow UDP over the SOCKS5 listener when enabled.",

~~1245~~ 1245 },

1246Details1246 {

~~1247~~ 1247 key: "permissions.<name>.network.allow_upstream_proxy",

1248Optional setup guidance for the provider API key.1248 type: "boolean",

~~1249~~ 1249 description:

1250Key1250 "Allow the managed proxy to chain to another upstream proxy.",

~~1251~~ 1251 },

1252`model_providers.<id>.experimental_bearer_token`1252 {

~~1253~~ 1253 key: "permissions.<name>.network.dangerously_allow_non_loopback_proxy",

1254Type / Values1254 type: "boolean",

~~1255~~ 1255 description:

1256`string`1256 "Permit non-loopback bind addresses for the managed proxy listener.",

~~1257~~ 1257 },

1258Details1258 {

~~1259~~ 1259 key: "permissions.<name>.network.dangerously_allow_all_unix_sockets",

1260Direct bearer token for the provider (discouraged; use `env_key`).1260 type: "boolean",

~~1261~~ 1261 description:

1262Key1262 "Allow the proxy to use arbitrary Unix sockets instead of the default restricted set.",

~~1263~~ 1263 },

1264`model_providers.<id>.http_headers`1264 {

~~1265~~ 1265 key: "permissions.<name>.network.mode",

1266Type / Values1266 type: "limited | full",

~~1267~~ 1267 description: "Network proxy mode used for subprocess traffic.",

1268`map<string,string>`1268 },

~~1269~~ 1269 {

1270Details1270 key: "permissions.<name>.network.domains",

~~1271~~ 1271 type: "map<string, allow | deny>",

1272Static HTTP headers added to provider requests.1272 description:

~~1273~~ 1273 "Domain rules for the managed proxy. Use domain names or wildcard patterns as keys, with `allow` or `deny` values.",

1274Key1274 },

~~1275~~ 1275 {

1276`model_providers.<id>.name`1276 key: "permissions.<name>.network.unix_sockets",

~~1277~~ 1277 type: "map<string, allow | none>",

1278Type / Values1278 description:

~~1279~~ 1279 "Unix socket rules for the managed proxy. Use socket paths as keys, with `allow` or `none` values.",

1280`string`1280 },

~~1281~~ 1281 {

1282Details1282 key: "permissions.<name>.network.allow_local_binding",

~~1283~~ 1283 type: "boolean",

1284Display name for a custom model provider.1284 description:

~~1285~~ 1285 "Permit local bind/listen operations through the managed proxy.",

1286Key1286 },

~~1287~~ 1287 {

1288`model_providers.<id>.query_params`1288 key: "projects.<path>.trust_level",

~~1289~~ 1289 type: "string",

1290Type / Values1290 description:

~~1291~~ 1291 'Mark a project or worktree as trusted or untrusted (`"trusted"` | `"untrusted"`). Untrusted projects skip project-scoped `.codex/` layers, including project-local config, hooks, and rules.',

1292`map<string,string>`1292 },

~~1293~~ 1293 {

1294Details1294 key: "notice.hide_full_access_warning",

~~1295~~ 1295 type: "boolean",

1296Extra query parameters appended to provider requests.1296 description: "Track acknowledgement of the full access warning prompt.",

~~1297~~ 1297 },

1298Key1298 {

~~1299~~ 1299 key: "notice.hide_world_writable_warning",

1300`model_providers.<id>.request_max_retries`1300 type: "boolean",

~~1301~~ 1301 description:

1302Type / Values1302 "Track acknowledgement of the Windows world-writable directories warning.",

~~1303~~ 1303 },

1304`number`1304 {

~~1305~~ 1305 key: "notice.hide_rate_limit_model_nudge",

1306Details1306 type: "boolean",

~~1307~~ 1307 description: "Track opt-out of the rate limit model switch reminder.",

1308Retry count for HTTP requests to the provider (default: 4).1308 },

~~1309~~ 1309 {

1310Key1310 key: "notice.hide_gpt5_1_migration_prompt",

~~1311~~ 1311 type: "boolean",

1312`model_providers.<id>.requires_openai_auth`1312 description: "Track acknowledgement of the GPT-5.1 migration prompt.",

~~1313~~ 1313 },

1314Type / Values1314 {

~~1315~~ 1315 key: "notice.hide_gpt-5.1-codex-max_migration_prompt",

1316`boolean`1316 type: "boolean",

~~1317~~ 1317 description:

1318Details1318 "Track acknowledgement of the gpt-5.1-codex-max migration prompt.",

~~1319~~ 1319 },

1320The provider uses OpenAI authentication (defaults to false).1320 {

~~1321~~ 1321 key: "notice.model_migrations",

1322Key1322 type: "map<string,string>",

~~1323~~ 1323 description: "Track acknowledged model migrations as old->new mappings.",

1324`model_providers.<id>.stream_idle_timeout_ms`1324 },

~~1325~~ 1325 {

1326Type / Values1326 key: "forced_login_method",

~~1327~~ 1327 type: "chatgpt | api",

1328`number`1328 description: "Restrict Codex to a specific authentication method.",

~~1329~~ 1329 },

1330Details1330 {

~~1331~~ 1331 key: "forced_chatgpt_workspace_id",

1332Idle timeout for SSE streams in milliseconds (default: 300000).1332 type: "string (uuid)",

~~1333~~ 1333 description: "Limit ChatGPT logins to a specific workspace identifier.",

1334Key1334 },

~~1335~~ 1335 ]}

1336`model_providers.<id>.stream_max_retries`1336 client:load

~~1337~~ 1337/>

1338Type / Values

~~1339~~

1340`number`

~~1341~~

1342Details

~~1343~~

1344Retry count for SSE streaming interruptions (default: 5).

~~1345~~

1346Key

~~1347~~

1348`model_providers.<id>.wire_api`

~~1349~~

1350Type / Values

~~1351~~

1352`chat | responses`

~~1353~~

1354Details

~~1355~~

1356Protocol used by the provider (defaults to `chat` if omitted).

~~1357~~

1358Key

~~1359~~

1360`model_reasoning_effort`

~~1361~~

1362Type / Values

~~1363~~

1364`minimal | low | medium | high | xhigh`

~~1365~~

1366Details

~~1367~~

1368Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent).

~~1369~~

1370Key

~~1371~~

1372`model_reasoning_summary`

~~1373~~

1374Type / Values

~~1375~~

1376`auto | concise | detailed | none`

~~1377~~

1378Details

~~1379~~

1380Select reasoning summary detail or disable summaries entirely.

~~1381~~

1382Key

~~1383~~

1384`model_supports_reasoning_summaries`

~~1385~~

1386Type / Values

~~1387~~

1388`boolean`

~~1389~~

1390Details

~~1391~~

1392Force Codex to send or not send reasoning metadata.

~~1393~~

1394Key

~~1395~~

1396`model_verbosity`

~~1397~~

1398Type / Values

~~1399~~

1400`low | medium | high`

~~1401~~

1402Details

~~1403~~

1404Control GPT-5 Responses API verbosity (defaults to `medium`).

~~1405~~

1406Key

~~1407~~

1408`notice.hide_full_access_warning`

~~1409~~

1410Type / Values

~~1411~~

1412`boolean`

~~1413~~

1414Details

~~1415~~

1416Track acknowledgement of the full access warning prompt.

~~1417~~

1418Key

~~1419~~

1420`notice.hide_gpt-5.1-codex-max_migration_prompt`

~~1421~~

1422Type / Values

~~1423~~

1424`boolean`

~~1425~~

1426Details

~~1427~~

1428Track acknowledgement of the gpt-5.1-codex-max migration prompt.

~~1429~~

1430Key

~~1431~~

1432`notice.hide_gpt5_1_migration_prompt`

~~1433~~

1434Type / Values

~~1435~~

1436`boolean`

~~1437~~

1438Details

~~1439~~

1440Track acknowledgement of the GPT-5.1 migration prompt.

~~1441~~

1442Key

~~1443~~

1444`notice.hide_rate_limit_model_nudge`

~~1445~~

1446Type / Values

~~1447~~

1448`boolean`

~~1449~~

1450Details

~~1451~~

1452Track opt-out of the rate limit model switch reminder.

~~1453~~

1454Key

~~1455~~

1456`notice.hide_world_writable_warning`

~~1457~~

1458Type / Values

~~1459~~

1460`boolean`

~~1461~~

1462Details

~~1463~~

1464Track acknowledgement of the Windows world-writable directories warning.

~~1465~~

1466Key

~~1467~~

1468`notice.model_migrations`

~~1469~~

1470Type / Values

~~1471~~

1472`map<string,string>`

~~1473~~

1474Details

~~1475~~

1476Track acknowledged model migrations as old->new mappings.

~~1477~~

1478Key

~~1479~~

1480`notify`

~~1481~~

1482Type / Values

~~1483~~

1484`array<string>`

~~1485~~

1486Details

~~1487~~

1488Command invoked for notifications; receives a JSON payload from Codex.

~~1489~~

1490Key

~~1491~~

1492`oss_provider`

~~1493~~

1494Type / Values

~~1495~~

1496`lmstudio | ollama`

~~1497~~

1498Details

~~1499~~

1500Default local provider used when running with `--oss` (defaults to prompting if unset).

~~1501~~

1502Key

~~1503~~

1504`otel.environment`

~~1505~~

1506Type / Values

~~1507~~

1508`string`

~~1509~~

1510Details

~~1511~~

1512Environment tag applied to emitted OpenTelemetry events (default: `dev`).

~~1513~~

1514Key

~~1515~~

1516`otel.exporter`

~~1517~~

1518Type / Values

~~1519~~

1520`none | otlp-http | otlp-grpc`

~~1521~~

1522Details

~~1523~~

1524Select the OpenTelemetry exporter and provide any endpoint metadata.

~~1525~~

1526Key

~~1527~~

1528`otel.exporter.<id>.endpoint`

~~1529~~

1530Type / Values

~~1531~~

1532`string`

~~1533~~

1534Details

~~1535~~

1536Exporter endpoint for OTEL logs.

~~1537~~

1538Key

~~1539~~

1540`otel.exporter.<id>.headers`

~~1541~~

1542Type / Values

~~1543~~

1544`map<string,string>`

~~1545~~

1546Details

~~1547~~

1548Static headers included with OTEL exporter requests.

~~1549~~

1550Key

~~1551~~

1552`otel.exporter.<id>.protocol`

~~1553~~

1554Type / Values

~~1555~~

1556`binary | json`

~~1557~~

1558Details

~~1559~~

1560Protocol used by the OTLP/HTTP exporter.

~~1561~~

1562Key

~~1563~~

1564`otel.exporter.<id>.tls.ca-certificate`

~~1565~~

1566Type / Values

~~1567~~

1568`string`

~~1569~~

1570Details

~~1571~~

1572CA certificate path for OTEL exporter TLS.

~~1573~~

1574Key

~~1575~~

1576`otel.exporter.<id>.tls.client-certificate`

~~1577~~

1578Type / Values

~~1579~~

1580`string`

~~1581~~

1582Details

~~1583~~

1584Client certificate path for OTEL exporter TLS.

~~1585~~

1586Key

~~1587~~

1588`otel.exporter.<id>.tls.client-private-key`

~~1589~~

1590Type / Values

~~1591~~

1592`string`

~~1593~~

1594Details

~~1595~~

1596Client private key path for OTEL exporter TLS.

~~1597~~

1598Key

~~1599~~

1600`otel.log_user_prompt`

~~1601~~

1602Type / Values

~~1603~~

1604`boolean`

~~1605~~

1606Details

~~1607~~

1608Opt in to exporting raw user prompts with OpenTelemetry logs.

~~1609~~

1610Key

~~1611~~

1612`otel.trace_exporter`

~~1613~~

1614Type / Values

~~1615~~

1616`none | otlp-http | otlp-grpc`

~~1617~~

1618Details

~~1619~~

1620Select the OpenTelemetry trace exporter and provide any endpoint metadata.

~~1621~~

1622Key

~~1623~~

1624`otel.trace_exporter.<id>.endpoint`

~~1625~~

1626Type / Values

~~1627~~

1628`string`

~~1629~~

1630Details

~~1631~~

1632Trace exporter endpoint for OTEL logs.

~~1633~~

1634Key

~~1635~~

1636`otel.trace_exporter.<id>.headers`

~~1637~~

1638Type / Values

~~1639~~

1640`map<string,string>`

~~1641~~

1642Details

~~1643~~

1644Static headers included with OTEL trace exporter requests.

~~1645~~

1646Key

~~1647~~

1648`otel.trace_exporter.<id>.protocol`

~~1649~~

1650Type / Values

~~1651~~

1652`binary | json`

~~1653~~

1654Details

~~1655~~

1656Protocol used by the OTLP/HTTP trace exporter.

~~1657~~

1658Key

~~1659~~

1660`otel.trace_exporter.<id>.tls.ca-certificate`

~~1661~~

1662Type / Values

~~1663~~

1664`string`

~~1665~~

1666Details

~~1667~~

1668CA certificate path for OTEL trace exporter TLS.

~~1669~~

1670Key

~~1671~~

1672`otel.trace_exporter.<id>.tls.client-certificate`

~~1673~~

1674Type / Values

~~1675~~

1676`string`

~~1677~~

1678Details

~~1679~~

1680Client certificate path for OTEL trace exporter TLS.

~~1681~~

1682Key

~~1683~~

1684`otel.trace_exporter.<id>.tls.client-private-key`

~~1685~~

1686Type / Values

~~1687~~

1688`string`

~~1689~~

1690Details

~~1691~~

1692Client private key path for OTEL trace exporter TLS.

~~1693~~

1694Key

~~1695~~

1696`personality`

~~1697~~

1698Type / Values

~~1699~~

1700`none | friendly | pragmatic`

~~1701~~

1702Details

~~1703~~

1704Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`.

~~1705~~

1706Key

~~1707~~

1708`profile`

~~1709~~

1710Type / Values

~~1711~~

1712`string`

~~1713~~

1714Details

~~1715~~

1716Default profile applied at startup (equivalent to `--profile`).

~~1717~~

1718Key

~~1719~~

1720`profiles.<name>.*`

~~1721~~

1722Type / Values

~~1723~~

1724`various`

~~1725~~

1726Details

~~1727~~

1728Profile-scoped overrides for any of the supported configuration keys.

~~1729~~

1730Key

~~1731~~

1732`profiles.<name>.experimental_use_freeform_apply_patch`

~~1733~~

1734Type / Values

~~1735~~

1736`boolean`

~~1737~~

1738Details

~~1739~~

1740Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.

~~1741~~

1742Key

~~1743~~

1744`profiles.<name>.experimental_use_unified_exec_tool`

~~1745~~

1746Type / Values

~~1747~~

1748`boolean`

~~1749~~

1750Details

~~1751~~

1752Legacy name for enabling unified exec; prefer `[features].unified_exec`.

~~1753~~

1754Key

~~1755~~

1756`profiles.<name>.include_apply_patch_tool`

~~1757~~

1758Type / Values

~~1759~~

1760`boolean`

~~1761~~

1762Details

~~1763~~

1764Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.

~~1765~~

1766Key

~~1767~~

1768`profiles.<name>.model_catalog_json`

~~1769~~

1770Type / Values

~~1771~~

1772`string (path)`

~~1773~~

1774Details

~~1775~~

1776Profile-scoped model catalog JSON path override (applied on startup only; overrides the top-level `model_catalog_json` for that profile).

~~1777~~

1778Key

~~1779~~

1780`profiles.<name>.oss_provider`

~~1781~~

1782Type / Values

~~1783~~

1784`lmstudio | ollama`

~~1785~~

1786Details

~~1787~~

1788Profile-scoped OSS provider for `--oss` sessions.

~~1789~~

1790Key

~~1791~~

1792`profiles.<name>.personality`

~~1793~~

1794Type / Values

~~1795~~

1796`none | friendly | pragmatic`

~~1797~~

1798Details

~~1799~~

1800Profile-scoped communication style override for supported models.

~~1801~~

1802Key

~~1803~~

1804`profiles.<name>.web_search`

~~1805~~

1806Type / Values

~~1807~~

1808`disabled | cached | live`

~~1809~~

1810Details

~~1811~~

1812Profile-scoped web search mode override (default: `"cached"`).

~~1813~~

1814Key

~~1815~~

1816`project_doc_fallback_filenames`

~~1817~~

1818Type / Values

~~1819~~

1820`array<string>`

~~1821~~

1822Details

~~1823~~

1824Additional filenames to try when `AGENTS.md` is missing.

~~1825~~

1826Key

~~1827~~

1828`project_doc_max_bytes`

~~1829~~

1830Type / Values

~~1831~~

1832`number`

~~1833~~

1834Details

~~1835~~

1836Maximum bytes read from `AGENTS.md` when building project instructions.

~~1837~~

1838Key

~~1839~~

1840`project_root_markers`

~~1841~~

1842Type / Values

~~1843~~

1844`array<string>`

~~1845~~

1846Details

~~1847~~

1848List of project root marker filenames; used when searching parent directories for the project root.

~~1849~~

1850Key

~~1851~~

1852`projects.<path>.trust_level`

~~1853~~

1854Type / Values

~~1855~~

1856`string`

~~1857~~

1858Details

~~1859~~

1860Mark a project or worktree as trusted or untrusted (`"trusted"` | `"untrusted"`). Untrusted projects skip project-scoped `.codex/` layers.

~~1861~~

1862Key

~~1863~~

1864`review_model`

~~1865~~

1866Type / Values

~~1867~~

1868`string`

~~1869~~

1870Details

~~1871~~

1872Optional model override used by `/review` (defaults to the current session model).

~~1873~~

1874Key

~~1875~~

1876`sandbox_mode`

~~1877~~

1878Type / Values

~~1879~~

1880`read-only | workspace-write | danger-full-access`

~~1881~~

1882Details

~~1883~~

1884Sandbox policy for filesystem and network access during command execution.

~~1885~~

1886Key

~~1887~~

1888`sandbox_workspace_write.exclude_slash_tmp`

~~1889~~

1890Type / Values

~~1891~~

1892`boolean`

~~1893~~

1894Details

~~1895~~

1896Exclude `/tmp` from writable roots in workspace-write mode.

~~1897~~

1898Key

~~1899~~

1900`sandbox_workspace_write.exclude_tmpdir_env_var`

~~1901~~

1902Type / Values

~~1903~~

1904`boolean`

~~1905~~

1906Details

~~1907~~

1908Exclude `$TMPDIR` from writable roots in workspace-write mode.

~~1909~~

1910Key

~~1911~~

1912`sandbox_workspace_write.network_access`

~~1913~~

1914Type / Values

~~1915~~

1916`boolean`

~~1917~~

1918Details

~~1919~~

1920Allow outbound network access inside the workspace-write sandbox.

~~1921~~

1922Key

~~1923~~

1924`sandbox_workspace_write.writable_roots`

~~1925~~

1926Type / Values

~~1927~~

1928`array<string>`

~~1929~~

1930Details

~~1931~~

1932Additional writable roots when `sandbox_mode = "workspace-write"`.

~~1933~~

1934Key

~~1935~~

1936`shell_environment_policy.exclude`

~~1937~~

1938Type / Values

~~1939~~

1940`array<string>`

~~1941~~

1942Details

~~1943~~

1944Glob patterns for removing environment variables after the defaults.

~~1945~~

1946Key

~~1947~~

1948`shell_environment_policy.experimental_use_profile`

~~1949~~

1950Type / Values

~~1951~~

1952`boolean`

~~1953~~

1954Details

~~1955~~

1956Use the user shell profile when spawning subprocesses.

~~1957~~

1958Key

~~1959~~

1960`shell_environment_policy.ignore_default_excludes`

~~1961~~

1962Type / Values

~~1963~~

1964`boolean`

~~1965~~

1966Details

~~1967~~

1968Keep variables containing KEY/SECRET/TOKEN before other filters run.

~~1969~~

1970Key

~~1971~~

1972`shell_environment_policy.include_only`

~~1973~~

1974Type / Values

~~1975~~

1976`array<string>`

~~1977~~

1978Details

~~1979~~

1980Whitelist of patterns; when set only matching variables are kept.

~~1981~~

1982Key

~~1983~~

1984`shell_environment_policy.inherit`

~~1985~~

1986Type / Values

~~1987~~

1988`all | core | none`

~~1989~~

1990Details

~~1991~~

1992Baseline environment inheritance when spawning subprocesses.

~~1993~~

1994Key

~~1995~~

1996`shell_environment_policy.set`

~~1997~~

1998Type / Values

~~1999~~

2000`map<string,string>`

~~2001~~

2002Details

~~2003~~

2004Explicit environment overrides injected into every subprocess.

~~2005~~

2006Key

~~2007~~

2008`show_raw_agent_reasoning`

~~2009~~

2010Type / Values

~~2011~~

2012`boolean`

~~2013~~

2014Details

~~2015~~

2016Surface raw reasoning content when the active model emits it.

~~2017~~

2018Key

~~2019~~

2020`skills.config`

~~2021~~

2022Type / Values

~~2023~~

2024`array<object>`

~~2025~~

2026Details

~~2027~~

2028Per-skill enablement overrides stored in config.toml.

~~2029~~

2030Key

~~2031~~

2032`skills.config.<index>.enabled`

~~2033~~

2034Type / Values

~~2035~~

2036`boolean`

~~2037~~

2038Details

~~2039~~

2040Enable or disable the referenced skill.

~~2041~~

2042Key

~~2043~~

2044`skills.config.<index>.path`

~~2045~~

2046Type / Values

~~2047~~

2048`string (path)`

~~2049~~

2050Details

~~2051~~

2052Path to a skill folder containing `SKILL.md`.

~~2053~~

2054Key

~~2055~~

2056`suppress_unstable_features_warning`

~~2057~~

2058Type / Values

~~2059~~

2060`boolean`

~~2061~~

2062Details

~~2063~~

2064Suppress the warning that appears when under-development feature flags are enabled.

~~2065~~

2066Key

~~2067~~

2068`tool_output_token_limit`

~~2069~~

2070Type / Values

~~2071~~

2072`number`

~~2073~~

2074Details

~~2075~~

2076Token budget for storing individual tool/function outputs in history.

~~2077~~

2078Key

~~2079~~

2080`tools.web_search`

~~2081~~

2082Type / Values

~~2083~~

2084`boolean`

~~2085~~

2086Details

~~2087~~

2088Deprecated legacy toggle for web search; prefer the top-level `web_search` setting.

~~2089~~

2090Key

~~2091~~

2092`tui`

~~2093~~

2094Type / Values

~~2095~~

2096`table`

~~2097~~

2098Details

~~2099~~

2100TUI-specific options such as enabling inline desktop notifications.

~~2101~~

2102Key

~~2103~~

2104`tui.alternate_screen`

~~2105~~

2106Type / Values

~~2107~~

2108`auto | always | never`

~~2109~~

2110Details

~~2111~~

2112Control alternate screen usage for the TUI (default: auto; auto skips it in Zellij to preserve scrollback).

~~2113~~

2114Key

~~2115~~

2116`tui.animations`

~~2117~~

2118Type / Values

~~2119~~

2120`boolean`

~~2121~~

2122Details

~~2123~~

2124Enable terminal animations (welcome screen, shimmer, spinner) (default: true).

~~2125~~

2126Key

~~2127~~

2128`tui.notification_method`

~~2129~~

2130Type / Values

~~2131~~

2132`auto | osc9 | bel`

~~2133~~

2134Details

~~2135~~

2136Notification method for unfocused terminal notifications (default: auto).

~~2137~~

2138Key

~~2139~~

2140`tui.notifications`

~~2141~~

2142Type / Values

~~2143~~

2144`boolean | array<string>`

~~2145~~

2146Details

~~2147~~

2148Enable TUI notifications; optionally restrict to specific event types.

~~2149~~

2150Key

~~2151~~

2152`tui.show_tooltips`

~~2153~~

2154Type / Values

~~2155~~

2156`boolean`

~~2157~~

2158Details

~~2159~~

2160Show onboarding tooltips in the TUI welcome screen (default: true).

~~2161~~

2162Key

~~2163~~

2164`tui.status_line`

~~2165~~

2166Type / Values

~~2167~~

2168`array<string> | null`

~~2169~~

2170Details

~~2171~~

2172Ordered list of TUI footer status-line item identifiers. `null` disables the status line.

~~2173~~

2174Key

~~2175~~

2176`web_search`

~~2177~~

2178Type / Values

~~2179~~

2180`disabled | cached | live`

~~2181~~

2182Details

~~2183~~

2184Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool.

~~2185~~

2186Key

~~2187~~

2188`windows_wsl_setup_acknowledged`

~~2189~~

2190Type / Values

~~2191~~

2192`boolean`

~~2193~~

2194Details

~~2195~~

2196Track Windows onboarding acknowledgement (Windows only).

~~2197~~

2198Expand to view all

2199 1338

2200You can find the latest JSON schema for `config.toml` [here](https://developers.openai.com/codex/config-schema.json).1339You can find the latest JSON schema for `config.toml` [here](https://developers.openai.com/codex/config-schema.json).

2201 1340

2214For ChatGPT Business and Enterprise users, Codex can also apply cloud-fetched1353For ChatGPT Business and Enterprise users, Codex can also apply cloud-fetched

2215requirements. See the security page for precedence details.1354requirements. See the security page for precedence details.

2216 1355

2217| Key | Type / Values | Details |1356Use `[features]` in `requirements.toml` to pin feature flags by the same

2218| --- | --- | --- |1357canonical keys that `config.toml` uses. Omitted keys remain unconstrained.

2219| `allowed_approval_policies` | `array<string>` | Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `reject`). |1358

2220| `allowed_sandbox_modes` | `array<string>` | Allowed values for `sandbox_mode`. |1359<ConfigTable

2221| `allowed_web_search_modes` | `array<string>` | Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`. |1360 options={[

2222| `mcp_servers` | `table` | Allowlist of MCP servers that may be enabled. Both the server name (`<id>`) and its identity must match for the MCP server to be enabled. Any configured MCP server not in the allowlist (or with a mismatched identity) is disabled. |1361 {

2223| `mcp_servers.<id>.identity` | `table` | Identity rule for a single MCP server. Set either `command` (stdio) or `url` (streamable HTTP). |1362 key: "allowed_approval_policies",

2224| `mcp_servers.<id>.identity.command` | `string` | Allow an MCP stdio server when its `mcp_servers.<id>.command` matches this command. |1363 type: "array<string>",

2225| `mcp_servers.<id>.identity.url` | `string` | Allow an MCP streamable HTTP server when its `mcp_servers.<id>.url` matches this URL. |1364 description:

2226| `rules` | `table` | Admin-enforced command rules merged with `.rules` files. Requirements rules must be restrictive. |1365 "Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `granular`).",

2227| `rules.prefix_rules` | `array<table>` | List of enforced prefix rules. Each rule must include `pattern` and `decision`. |1366 },

2228| `rules.prefix_rules[].decision` | `prompt | forbidden` | Required. Requirements rules can only prompt or forbid (not allow). |1367 {

2229| `rules.prefix_rules[].justification` | `string` | Optional non-empty rationale surfaced in approval prompts or rejection messages. |1368 key: "allowed_approvals_reviewers",

2230| `rules.prefix_rules[].pattern` | `array<table>` | Command prefix expressed as pattern tokens. Each token sets either `token` or `any_of`. |1369 type: "array<string>",

2231| `rules.prefix_rules[].pattern[].any_of` | `array<string>` | A list of allowed alternative tokens at this position. |1370 description:

2232| `rules.prefix_rules[].pattern[].token` | `string` | A single literal token at this position. |1371 "Allowed values for `approvals_reviewer`, such as `user` and `auto_review`.",

~~2233~~ 1372 },

2234Key1373 {

~~2235~~ 1374 key: "guardian_policy_config",

2236`allowed_approval_policies`1375 type: "string",

~~2237~~ 1376 description:

2238Type / Values1377 "Managed Markdown policy instructions for automatic review. This takes precedence over local `[auto_review].policy`. Blank values are ignored.",

~~2239~~ 1378 },

2240`array<string>`1379 {

~~2241~~ 1380 key: "allowed_sandbox_modes",

2242Details1381 type: "array<string>",

~~2243~~ 1382 description: "Allowed values for `sandbox_mode`.",

2244Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `reject`).1383 },

~~2245~~ 1384 {

2246Key1385 key: "remote_sandbox_config",

~~2247~~ 1386 type: "array<table>",

2248`allowed_sandbox_modes`1387 description:

~~2249~~ 1388 "Host-specific sandbox requirements. The first entry whose `hostname_patterns` match the resolved host name overrides top-level `allowed_sandbox_modes` for that requirements source. Host-specific entries currently override sandbox modes only.",

2250Type / Values1389 },

~~2251~~ 1390 {

2252`array<string>`1391 key: "remote_sandbox_config[].hostname_patterns",

~~2253~~ 1392 type: "array<string>",

2254Details1393 description:

~~2255~~ 1394 "Case-insensitive host name patterns. Supports `*` for any sequence of characters and `?` for one character.",

2256Allowed values for `sandbox_mode`.1395 },

~~2257~~ 1396 {

2258Key1397 key: "remote_sandbox_config[].allowed_sandbox_modes",

~~2259~~ 1398 type: "array<string>",

2260`allowed_web_search_modes`1399 description:

~~2261~~ 1400 "Allowed sandbox modes to apply when this host-specific entry matches.",

2262Type / Values1401 },

~~2263~~ 1402 {

2264`array<string>`1403 key: "allowed_web_search_modes",

~~2265~~ 1404 type: "array<string>",

2266Details1405 description:

~~2267~~ 1406 "Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`.",

2268Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`.1407 },

~~2269~~ 1408 {

2270Key1409 key: "features",

~~2271~~ 1410 type: "table",

2272`mcp_servers`1411 description:

~~2273~~ 1412 "Pinned feature values keyed by the canonical names from `config.toml`'s `[features]` table.",

2274Type / Values1413 },

~~2275~~ 1414 {

2276`table`1415 key: "features.<name>",

~~2277~~ 1416 type: "boolean",

2278Details1417 description:

~~2279~~ 1418 "Require a specific canonical feature key to stay enabled or disabled.",

2280Allowlist of MCP servers that may be enabled. Both the server name (`<id>`) and its identity must match for the MCP server to be enabled. Any configured MCP server not in the allowlist (or with a mismatched identity) is disabled.1419 },

~~2281~~ 1420 {

2282Key1421 key: "features.in_app_browser",

~~2283~~ 1422 type: "boolean",

2284`mcp_servers.<id>.identity`1423 description:

~~2285~~ 1424 "Set to `false` in `requirements.toml` to disable the in-app browser pane.",

2286Type / Values1425 },

~~2287~~ 1426 {

2288`table`1427 key: "features.browser_use",

~~2289~~ 1428 type: "boolean",

2290Details1429 description:

~~2291~~ 1430 "Set to `false` in `requirements.toml` to disable Browser Use and Browser Agent availability.",

2292Identity rule for a single MCP server. Set either `command` (stdio) or `url` (streamable HTTP).1431 },

~~2293~~ 1432 {

2294Key1433 key: "features.computer_use",

~~2295~~ 1434 type: "boolean",

2296`mcp_servers.<id>.identity.command`1435 description:

~~2297~~ 1436 "Set to `false` in `requirements.toml` to disable Computer Use availability and related install or enablement flows.",

2298Type / Values1437 },

~~2299~~ 1438 {

2300`string`1439 key: "hooks",

~~2301~~ 1440 type: "table",

2302Details1441 description:

~~2303~~ 1442 "Admin-enforced managed lifecycle hooks. Requires a managed hook directory and uses the same event schema as inline `[hooks]` in `config.toml`.",

2304Allow an MCP stdio server when its `mcp_servers.<id>.command` matches this command.1443 },

~~2305~~ 1444 {

2306Key1445 key: "hooks.managed_dir",

~~2307~~ 1446 type: "string (absolute path)",

2308`mcp_servers.<id>.identity.url`1447 description:

~~2309~~ 1448 "Directory containing managed hook scripts on macOS and Linux. Codex validates that it is absolute and exists before loading managed hooks.",

2310Type / Values1449 },

~~2311~~ 1450 {

2312`string`1451 key: "hooks.windows_managed_dir",

~~2313~~ 1452 type: "string (absolute path)",

2314Details1453 description:

~~2315~~ 1454 "Directory containing managed hook scripts on Windows. Codex validates that it is absolute and exists before loading managed hooks.",

2316Allow an MCP streamable HTTP server when its `mcp_servers.<id>.url` matches this URL.1455 },

~~2317~~ 1456 {

2318Key1457 key: "hooks.<Event>",

~~2319~~ 1458 type: "array<table>",

2320`rules`1459 description:

~~2321~~ 1460 "Matcher groups for a hook event such as `PreToolUse`, `PostToolUse`, `PermissionRequest`, `SessionStart`, `UserPromptSubmit`, or `Stop`.",

2322Type / Values1461 },

~~2323~~ 1462 {

2324`table`1463 key: "hooks.<Event>[].hooks",

~~2325~~ 1464 type: "array<table>",

2326Details1465 description:

~~2327~~ 1466 "Hook handlers for a matcher group. Command hooks are currently supported; prompt and agent hook handlers are parsed but skipped.",

2328Admin-enforced command rules merged with `.rules` files. Requirements rules must be restrictive.1467 },

~~2329~~ 1468 {

2330Key1469 key: "permissions.filesystem.deny_read",

~~2331~~ 1470 type: "array<string>",

2332`rules.prefix_rules`1471 description:

~~2333~~ 1472 "Admin-enforced filesystem read denials. Entries can be paths or glob patterns, and users cannot weaken them with local config.",

2334Type / Values1473 },

~~2335~~ 1474 {

2336`array<table>`1475 key: "mcp_servers",

~~2337~~ 1476 type: "table",

2338Details1477 description:

~~2339~~ 1478 "Allowlist of MCP servers that may be enabled. Both the server name (`<id>`) and its identity must match for the MCP server to be enabled. Any configured MCP server not in the allowlist (or with a mismatched identity) is disabled.",

2340List of enforced prefix rules. Each rule must include `pattern` and `decision`.1479 },

~~2341~~ 1480 {

2342Key1481 key: "mcp_servers.<id>.identity",

~~2343~~ 1482 type: "table",

2344`rules.prefix_rules[].decision`1483 description:

~~2345~~ 1484 "Identity rule for a single MCP server. Set either `command` (stdio) or `url` (streamable HTTP).",

2346Type / Values1485 },

~~2347~~ 1486 {

2348`prompt | forbidden`1487 key: "mcp_servers.<id>.identity.command",

~~2349~~ 1488 type: "string",

2350Details1489 description:

~~2351~~ 1490 "Allow an MCP stdio server when its `mcp_servers.<id>.command` matches this command.",

2352Required. Requirements rules can only prompt or forbid (not allow).1491 },

~~2353~~ 1492 {

2354Key1493 key: "mcp_servers.<id>.identity.url",

~~2355~~ 1494 type: "string",

2356`rules.prefix_rules[].justification`1495 description:

~~2357~~ 1496 "Allow an MCP streamable HTTP server when its `mcp_servers.<id>.url` matches this URL.",

2358Type / Values1497 },

~~2359~~ 1498 {

2360`string`1499 key: "rules",

~~2361~~ 1500 type: "table",

2362Details1501 description:

~~2363~~ 1502 "Admin-enforced command rules merged with `.rules` files. Requirements rules must be restrictive.",

2364Optional non-empty rationale surfaced in approval prompts or rejection messages.1503 },

~~2365~~ 1504 {

2366Key1505 key: "rules.prefix_rules",

~~2367~~ 1506 type: "array<table>",

2368`rules.prefix_rules[].pattern`1507 description:

~~2369~~ 1508 "List of enforced prefix rules. Each rule must include `pattern` and `decision`.",

2370Type / Values1509 },

~~2371~~ 1510 {

2372`array<table>`1511 key: "rules.prefix_rules[].pattern",

~~2373~~ 1512 type: "array<table>",

2374Details1513 description:

~~2375~~ 1514 "Command prefix expressed as pattern tokens. Each token sets either `token` or `any_of`.",

2376Command prefix expressed as pattern tokens. Each token sets either `token` or `any_of`.1515 },

~~2377~~ 1516 {

2378Key1517 key: "rules.prefix_rules[].pattern[].token",

~~2379~~ 1518 type: "string",

2380`rules.prefix_rules[].pattern[].any_of`1519 description: "A single literal token at this position.",

~~2381~~ 1520 },

2382Type / Values1521 {

~~2383~~ 1522 key: "rules.prefix_rules[].pattern[].any_of",

2384`array<string>`1523 type: "array<string>",

~~2385~~ 1524 description: "A list of allowed alternative tokens at this position.",

2386Details1525 },

~~2387~~ 1526 {

2388A list of allowed alternative tokens at this position.1527 key: "rules.prefix_rules[].decision",

~~2389~~ 1528 type: "prompt | forbidden",

2390Key1529 description:

~~2391~~ 1530 "Required. Requirements rules can only prompt or forbid (not allow).",

2392`rules.prefix_rules[].pattern[].token`1531 },

~~2393~~ 1532 {

2394Type / Values1533 key: "rules.prefix_rules[].justification",

~~2395~~ 1534 type: "string",

2396`string`1535 description:

~~2397~~ 1536 "Optional non-empty rationale surfaced in approval prompts or rejection messages.",

2398Details1537 },

~~2399~~ 1538 ]}

2400A single literal token at this position.1539 client:load

~~2401~~ 1540/>

2402Expand to view all

config-reference.md Codex Docs, 2026-02-24 00:33 UTC → 2026-05-14 07:00 UTC