config-reference diff

config-reference.md +1514 −2389

Details

6 6

7User-level configuration lives in `~/.codex/config.toml`. You can also add project-scoped overrides in `.codex/config.toml` files. Codex loads project-scoped config files only when you trust the project.7User-level configuration lives in `~/.codex/config.toml`. You can also add project-scoped overrides in `.codex/config.toml` files. Codex loads project-scoped config files only when you trust the project.

8 8

9For sandbox and approval keys (`approval_policy`, `sandbox_mode`, and `sandbox_workspace_write.*`), pair this reference with [Sandbox and approvals](https://developers.openai.com/codex/security#sandbox-and-approvals), [Protected paths in writable roots](https://developers.openai.com/codex/security#protected-paths-in-writable-roots), and [Network access](https://developers.openai.com/codex/security#network-access).9For sandbox and approval keys (`approval_policy`, `sandbox_mode`, and `sandbox_workspace_write.*`), pair this reference with [Sandbox and approvals](https://developers.openai.com/codex/agent-approvals-security#sandbox-and-approvals), [Protected paths in writable roots](https://developers.openai.com/codex/agent-approvals-security#protected-paths-in-writable-roots), and [Network access](https://developers.openai.com/codex/agent-approvals-security#network-access).

10 10

~~11| Key | Type / Values | Details |~~11<ConfigTable

~~12| --- | --- | --- |~~12 options={[

~~13| `agents.<name>.config_file` | `string (path)` | Path to a TOML config layer for that role; relative paths resolve from the config file that declares the role. |~~13 {

~~14| `agents.<name>.description` | `string` | Role guidance shown to Codex when choosing and spawning that agent type. |~~14 key: "model",

~~15| `agents.job_max_runtime_seconds` | `number` | Default per-worker timeout for `spawn_agents_on_csv` jobs. When unset, the tool falls back to 1800 seconds per worker. |~~15 type: "string",

~~16| `agents.max_depth` | `number` | Maximum nesting depth allowed for spawned agent threads (root sessions start at depth 0; default: 1). |~~16 description: "Model to use (e.g., `gpt-5.5`).",

~~17| `agents.max_threads` | `number` | Maximum number of agent threads that can be open concurrently. |~~17 },

18| `allow_login_shell` | `boolean` | Allow shell-based tools to use login-shell semantics. Defaults to `true`; when `false`, `login = true` requests are rejected and omitted `login` defaults to non-login shells. |18 {

19| `approval_policy` | `untrusted | on-request | never | { reject = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool } }` | Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { reject = { ... } }` to auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs. |19 key: "review_model",

~~20| `approval_policy.reject.mcp_elicitations` | `boolean` | When `true`, MCP elicitation prompts are auto-rejected instead of shown to the user. |~~20 type: "string",

~~21| `approval_policy.reject.rules` | `boolean` | When `true`, approvals triggered by execpolicy `prompt` rules are auto-rejected. |~~21 description:

~~22| `approval_policy.reject.sandbox_approval` | `boolean` | When `true`, sandbox escalation approval prompts are auto-rejected. |~~22 "Optional model override used by `/review` (defaults to the current session model).",

~~23| `apps._default.destructive_enabled` | `boolean` | Default allow/deny for app tools with `destructive_hint = true`. |~~23 },

~~24| `apps._default.enabled` | `boolean` | Default app enabled state for all apps unless overridden per app. |~~24 {

~~25| `apps._default.open_world_enabled` | `boolean` | Default allow/deny for app tools with `open_world_hint = true`. |~~25 key: "model_provider",

~~27| `apps.<id>.default_tools_enabled` | `boolean` | Default enabled state for tools in this app unless a per-tool override exists. |~~27 description: "Provider id from `model_providers` (default: `openai`).",

~~28| `apps.<id>.destructive_enabled` | `boolean` | Allow or block tools in this app that advertise `destructive_hint = true`. |~~28 },

~~29| `apps.<id>.enabled` | `boolean` | Enable or disable a specific app/connector by id (default: true). |~~29 {

~~30| `apps.<id>.open_world_enabled` | `boolean` | Allow or block tools in this app that advertise `open_world_hint = true`. |~~30 key: "openai_base_url",

~~32| `apps.<id>.tools.<tool>.enabled` | `boolean` | Per-tool enabled override for an app tool (for example `repos/list`). |~~32 description:

33| `background_terminal_max_timeout` | `number` | Maximum poll window in milliseconds for empty `write_stdin` polls (background terminal polling). Default: `300000` (5 minutes). Replaces the older `background_terminal_timeout` key. |33 "Base URL override for the built-in `openai` model provider.",

~~34| `chatgpt_base_url` | `string` | Override the base URL used during the ChatGPT login flow. |~~34 },

~~35| `check_for_update_on_startup` | `boolean` | Check for Codex updates on startup (set to false only when updates are centrally managed). |~~35 {

~~37| `compact_prompt` | `string` | Inline override for the history compaction prompt. |~~37 type: "number",

~~38| `developer_instructions` | `string` | Additional developer instructions injected into the session (optional). |~~38 description: "Context window tokens available to the active model.",

~~39| `disable_paste_burst` | `boolean` | Disable burst-paste detection in the TUI. |~~39 },

~~40| `experimental_compact_prompt_file` | `string (path)` | Load the compaction prompt override from a file (experimental). |~~40 {

~~41| `experimental_use_freeform_apply_patch` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform` or `codex --enable apply_patch_freeform`. |~~41 key: "model_auto_compact_token_limit",

~~42| `experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`. |~~42 type: "number",

~~43| `features.apply_patch_freeform` | `boolean` | Expose the freeform `apply_patch` tool (experimental). |~~43 description:

~~44| `features.apps` | `boolean` | Enable ChatGPT Apps/connectors support (experimental). |~~44 "Token threshold that triggers automatic history compaction (unset uses model defaults).",

~~45| `features.apps_mcp_gateway` | `boolean` | Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental). |~~45 },

~~46| `features.child_agents_md` | `boolean` | Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental). |~~46 {

~~47| `features.collaboration_modes` | `boolean` | Enable collaboration modes such as plan mode (stable; on by default). |~~47 key: "model_catalog_json",

48| `features.multi_agent` | `boolean` | Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait`, `close_agent`, and `spawn_agents_on_csv`) (experimental; off by default). |48 type: "string (path)",

~~49| `features.personality` | `boolean` | Enable personality selection controls (stable; on by default). |~~49 description:

~~50| `features.powershell_utf8` | `boolean` | Force PowerShell UTF-8 output (defaults to true). |~~50 "Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile.",

~~51| `features.remote_models` | `boolean` | Refresh remote model list before showing readiness (experimental). |~~51 },

~~52| `features.request_rule` | `boolean` | Enable Smart approvals (`prefix_rule` suggestions on escalation requests; stable; on by default). |~~52 {

~~53| `features.runtime_metrics` | `boolean` | Show runtime metrics summary in TUI turn separators (experimental). |~~53 key: "oss_provider",

~~55| `features.shell_snapshot` | `boolean` | Snapshot shell environment to speed up repeated commands (beta). |~~55 description:

~~56| `features.shell_tool` | `boolean` | Enable the default `shell` tool for running commands (stable; on by default). |~~56 "Default local provider used when running with `--oss` (defaults to prompting if unset).",

~~57| `features.unified_exec` | `boolean` | Use the unified PTY-backed exec tool (beta). |~~57 },

~~58| `features.use_linux_sandbox_bwrap` | `boolean` | Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default). |~~58 {

~~59| `features.web_search` | `boolean` | Deprecated legacy toggle; prefer the top-level `web_search` setting. |~~59 key: "approval_policy",

~~60| `features.web_search_cached` | `boolean` | Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`. |~~60 type: "untrusted | on-request | never | { granular = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool, request_permissions = bool, skill_approval = bool } }",

~~61| `features.web_search_request` | `boolean` | Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "live"`. |~~61 description:

~~62| `feedback.enabled` | `boolean` | Enable feedback submission via `/feedback` across Codex surfaces (default: true). |~~62 "Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { granular = { ... } }` to allow or auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs.",

~~63| `file_opener` | `vscode | vscode-insiders | windsurf | cursor | none` | URI scheme used to open citations from Codex output (default: `vscode`). |~~63 },

~~64| `forced_chatgpt_workspace_id` | `string (uuid)` | Limit ChatGPT logins to a specific workspace identifier. |~~64 {

~~66| `hide_agent_reasoning` | `boolean` | Suppress reasoning events in both the TUI and `codex exec` output. |~~66 type: "boolean",

~~67| `history.max_bytes` | `number` | If set, caps the history file size in bytes by dropping oldest entries. |~~67 description:

~~69| `include_apply_patch_tool` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |~~69 },

~~70| `instructions` | `string` | Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`. |~~70 {

~~71| `log_dir` | `string (path)` | Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`. |~~71 key: "approval_policy.granular.rules",

~~72| `mcp_oauth_callback_port` | `integer` | Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS. |~~72 type: "boolean",

~~73| `mcp_oauth_callback_url` | `string` | Optional redirect URI override for MCP OAuth login (for example, a devbox ingress URL). `mcp_oauth_callback_port` still controls the callback listener port. |~~73 description:

~~75| `mcp_servers.<id>.args` | `array<string>` | Arguments passed to the MCP stdio server command. |~~75 },

~~76| `mcp_servers.<id>.bearer_token_env_var` | `string` | Environment variable sourcing the bearer token for an MCP HTTP server. |~~76 {

~~77| `mcp_servers.<id>.command` | `string` | Launcher command for an MCP stdio server. |~~77 key: "approval_policy.granular.mcp_elicitations",

~~78| `mcp_servers.<id>.cwd` | `string` | Working directory for the MCP stdio server process. |~~78 type: "boolean",

~~79| `mcp_servers.<id>.disabled_tools` | `array<string>` | Deny list applied after `enabled_tools` for the MCP server. |~~79 description:

~~80| `mcp_servers.<id>.enabled` | `boolean` | Disable an MCP server without removing its configuration. |~~80 "When `true`, MCP elicitation prompts are allowed to surface instead of being auto-rejected.",

~~81| `mcp_servers.<id>.enabled_tools` | `array<string>` | Allow list of tool names exposed by the MCP server. |~~81 },

~~82| `mcp_servers.<id>.env` | `map<string,string>` | Environment variables forwarded to the MCP stdio server. |~~82 {

~~83| `mcp_servers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables for an MCP HTTP server. |~~83 key: "approval_policy.granular.request_permissions",

~~84| `mcp_servers.<id>.env_vars` | `array<string>` | Additional environment variables to whitelist for an MCP stdio server. |~~84 type: "boolean",

~~85| `mcp_servers.<id>.http_headers` | `map<string,string>` | Static HTTP headers included with each MCP HTTP request. |~~85 description:

~~86| `mcp_servers.<id>.required` | `boolean` | When true, fail startup/resume if this enabled MCP server cannot initialize. |~~86 "When `true`, prompts from the `request_permissions` tool are allowed to surface.",

~~87| `mcp_servers.<id>.startup_timeout_ms` | `number` | Alias for `startup_timeout_sec` in milliseconds. |~~87 },

~~88| `mcp_servers.<id>.startup_timeout_sec` | `number` | Override the default 10s startup timeout for an MCP server. |~~88 {

~~89| `mcp_servers.<id>.tool_timeout_sec` | `number` | Override the default 60s per-tool timeout for an MCP server. |~~89 key: "approval_policy.granular.skill_approval",

~~90| `mcp_servers.<id>.url` | `string` | Endpoint for an MCP streamable HTTP server. |~~90 type: "boolean",

~~91| `model` | `string` | Model to use (e.g., `gpt-5-codex`). |~~91 description:

~~92| `model_auto_compact_token_limit` | `number` | Token threshold that triggers automatic history compaction (unset uses model defaults). |~~92 "When `true`, skill-script approval prompts are allowed to surface.",

~~93| `model_catalog_json` | `string (path)` | Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile. |~~93 },

~~94| `model_context_window` | `number` | Context window tokens available to the active model. |~~94 {

~~95| `model_instructions_file` | `string (path)` | Replacement for built-in instructions instead of `AGENTS.md`. |~~95 key: "approvals_reviewer",

~~97| `model_providers.<id>.base_url` | `string` | API base URL for the model provider. |~~97 description:

~~98| `model_providers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables when present. |~~98 "Who reviews eligible approval prompts under `on-request` or granular approval policies. Defaults to `user`; `auto_review` uses the reviewer subagent. This setting doesn't change sandboxing or review actions already allowed inside the sandbox.",

~~99| `model_providers.<id>.env_key` | `string` | Environment variable supplying the provider API key. |~~99 },

100| `model_providers.<id>.env_key_instructions` | `string` | Optional setup guidance for the provider API key. |100 {

101| `model_providers.<id>.experimental_bearer_token` | `string` | Direct bearer token for the provider (discouraged; use `env_key`). |101 key: "auto_review.policy",

102| `model_providers.<id>.http_headers` | `map<string,string>` | Static HTTP headers added to provider requests. |102 type: "string",

103| `model_providers.<id>.name` | `string` | Display name for a custom model provider. |103 description:

104| `model_providers.<id>.query_params` | `map<string,string>` | Extra query parameters appended to provider requests. |104 "Local Markdown policy instructions for automatic review. Managed `guardian_policy_config` takes precedence. Blank values are ignored.",

105| `model_providers.<id>.request_max_retries` | `number` | Retry count for HTTP requests to the provider (default: 4). |105 },

106| `model_providers.<id>.requires_openai_auth` | `boolean` | The provider uses OpenAI authentication (defaults to false). |106 {

107| `model_providers.<id>.stream_idle_timeout_ms` | `number` | Idle timeout for SSE streams in milliseconds (default: 300000). |107 key: "allow_login_shell",

108| `model_providers.<id>.stream_max_retries` | `number` | Retry count for SSE streaming interruptions (default: 5). |108 type: "boolean",

111| `model_reasoning_summary` | `auto | concise | detailed | none` | Select reasoning summary detail or disable summaries entirely. |111 },

112| `model_supports_reasoning_summaries` | `boolean` | Force Codex to send or not send reasoning metadata. |112 {

115| `notice.hide_gpt-5.1-codex-max_migration_prompt` | `boolean` | Track acknowledgement of the gpt-5.1-codex-max migration prompt. |115 description:

116| `notice.hide_gpt5_1_migration_prompt` | `boolean` | Track acknowledgement of the GPT-5.1 migration prompt. |116 "Sandbox policy for filesystem and network access during command execution.",

117| `notice.hide_rate_limit_model_nudge` | `boolean` | Track opt-out of the rate limit model switch reminder. |117 },

118| `notice.hide_world_writable_warning` | `boolean` | Track acknowledgement of the Windows world-writable directories warning. |118 {

119| `notice.model_migrations` | `map<string,string>` | Track acknowledged model migrations as old->new mappings. |119 key: "sandbox_workspace_write.writable_roots",

120| `notify` | `array<string>` | Command invoked for notifications; receives a JSON payload from Codex. |120 type: "array<string>",

122| `otel.environment` | `string` | Environment tag applied to emitted OpenTelemetry events (default: `dev`). |122 'Additional writable roots when `sandbox_mode = "workspace-write"`.',

123| `otel.exporter` | `none | otlp-http | otlp-grpc` | Select the OpenTelemetry exporter and provide any endpoint metadata. |123 },

124| `otel.exporter.<id>.endpoint` | `string` | Exporter endpoint for OTEL logs. |124 {

125| `otel.exporter.<id>.headers` | `map<string,string>` | Static headers included with OTEL exporter requests. |125 key: "sandbox_workspace_write.network_access",

127| `otel.exporter.<id>.tls.ca-certificate` | `string` | CA certificate path for OTEL exporter TLS. |127 description:

128| `otel.exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL exporter TLS. |128 "Allow outbound network access inside the workspace-write sandbox.",

129| `otel.exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL exporter TLS. |129 },

130| `otel.log_user_prompt` | `boolean` | Opt in to exporting raw user prompts with OpenTelemetry logs. |130 {

132| `otel.trace_exporter.<id>.endpoint` | `string` | Trace exporter endpoint for OTEL logs. |132 type: "boolean",

133| `otel.trace_exporter.<id>.headers` | `map<string,string>` | Static headers included with OTEL trace exporter requests. |133 description:

135| `otel.trace_exporter.<id>.tls.ca-certificate` | `string` | CA certificate path for OTEL trace exporter TLS. |135 },

136| `otel.trace_exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL trace exporter TLS. |136 {

137| `otel.trace_exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL trace exporter TLS. |137 key: "sandbox_workspace_write.exclude_slash_tmp",

139| `profile` | `string` | Default profile applied at startup (equivalent to `--profile`). |139 description:

140| `profiles.<name>.*` | `various` | Profile-scoped overrides for any of the supported configuration keys. |140 "Exclude `/tmp` from writable roots in workspace-write mode.",

141| `profiles.<name>.experimental_use_freeform_apply_patch` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |141 },

142| `profiles.<name>.experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec`. |142 {

143| `profiles.<name>.include_apply_patch_tool` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |143 key: "windows.sandbox",

147| `profiles.<name>.web_search` | `disabled | cached | live` | Profile-scoped web search mode override (default: `"cached"`). |147 },

148| `project_doc_fallback_filenames` | `array<string>` | Additional filenames to try when `AGENTS.md` is missing. |148 {

149| `project_doc_max_bytes` | `number` | Maximum bytes read from `AGENTS.md` when building project instructions. |149 key: "windows.sandbox_private_desktop",

150| `project_root_markers` | `array<string>` | List of project root marker filenames; used when searching parent directories for the project root. |150 type: "boolean",

152| `review_model` | `string` | Optional model override used by `/review` (defaults to the current session model). |152 "Run the final sandboxed child process on a private desktop by default on native Windows. Set `false` only for compatibility with the older `Winsta0\\\\Default` behavior.",

153| `sandbox_mode` | `read-only | workspace-write | danger-full-access` | Sandbox policy for filesystem and network access during command execution. |153 },

154| `sandbox_workspace_write.exclude_slash_tmp` | `boolean` | Exclude `/tmp` from writable roots in workspace-write mode. |154 {

155| `sandbox_workspace_write.exclude_tmpdir_env_var` | `boolean` | Exclude `$TMPDIR` from writable roots in workspace-write mode. |155 key: "notify",

156| `sandbox_workspace_write.network_access` | `boolean` | Allow outbound network access inside the workspace-write sandbox. |156 type: "array<string>",

157| `sandbox_workspace_write.writable_roots` | `array<string>` | Additional writable roots when `sandbox_mode = "workspace-write"`. |157 description:

158| `shell_environment_policy.exclude` | `array<string>` | Glob patterns for removing environment variables after the defaults. |158 "Command invoked for notifications; receives a JSON payload from Codex.",

159| `shell_environment_policy.experimental_use_profile` | `boolean` | Use the user shell profile when spawning subprocesses. |159 },

160| `shell_environment_policy.ignore_default_excludes` | `boolean` | Keep variables containing KEY/SECRET/TOKEN before other filters run. |160 {

161| `shell_environment_policy.include_only` | `array<string>` | Whitelist of patterns; when set only matching variables are kept. |161 key: "check_for_update_on_startup",

163| `shell_environment_policy.set` | `map<string,string>` | Explicit environment overrides injected into every subprocess. |163 description:

164| `show_raw_agent_reasoning` | `boolean` | Surface raw reasoning content when the active model emits it. |164 "Check for Codex updates on startup (set to false only when updates are centrally managed).",

165| `skills.config` | `array<object>` | Per-skill enablement overrides stored in config.toml. |165 },

166| `skills.config.<index>.enabled` | `boolean` | Enable or disable the referenced skill. |166 {

167| `skills.config.<index>.path` | `string (path)` | Path to a skill folder containing `SKILL.md`. |167 key: "feedback.enabled",

168| `sqlite_home` | `string (path)` | Directory where Codex stores the SQLite-backed state DB used by agent jobs and other resumable runtime state. |168 type: "boolean",

169| `suppress_unstable_features_warning` | `boolean` | Suppress the warning that appears when under-development feature flags are enabled. |169 description:

170| `tool_output_token_limit` | `number` | Token budget for storing individual tool/function outputs in history. |170 "Enable feedback submission via `/feedback` across Codex surfaces (default: true).",

171| `tools.web_search` | `boolean` | Deprecated legacy toggle for web search; prefer the top-level `web_search` setting. |171 },

172| `tui` | `table` | TUI-specific options such as enabling inline desktop notifications. |172 {

174| `tui.animations` | `boolean` | Enable terminal animations (welcome screen, shimmer, spinner) (default: true). |174 type: "boolean",

175| `tui.notification_method` | `auto | osc9 | bel` | Notification method for unfocused terminal notifications (default: auto). |175 description:

177| `tui.show_tooltips` | `boolean` | Show onboarding tooltips in the TUI welcome screen (default: true). |177 },

178| `tui.status_line` | `array<string> | null` | Ordered list of TUI footer status-line item identifiers. `null` disables the status line. |178 {

179| `web_search` | `disabled | cached | live` | Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool. |179 key: "instructions",

180| `windows_wsl_setup_acknowledged` | `boolean` | Track Windows onboarding acknowledgement (Windows only). |180 type: "string",

~~182~~ 182 "Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`.",

183Key183 },

~~184~~ 184 {

185`agents.<name>.config_file`185 key: "developer_instructions",

~~186~~ 186 type: "string",

187Type / Values187 description:

~~188~~ 188 "Additional developer instructions injected into the session (optional).",

189`string (path)`189 },

~~190~~ 190 {

191Details191 key: "log_dir",

~~192~~ 192 type: "string (path)",

193Path to a TOML config layer for that role; relative paths resolve from the config file that declares the role.193 description:

~~194~~ 194 "Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`.",

195Key195 },

~~196~~ 196 {

197`agents.<name>.description`197 key: "sqlite_home",

~~198~~ 198 type: "string (path)",

199Type / Values199 description:

~~200~~ 200 "Directory where Codex stores the SQLite-backed state DB used by agent jobs and other resumable runtime state.",

201`string`201 },

~~202~~ 202 {

203Details203 key: "compact_prompt",

~~204~~ 204 type: "string",

205Role guidance shown to Codex when choosing and spawning that agent type.205 description: "Inline override for the history compaction prompt.",

~~206~~ 206 },

207Key207 {

~~208~~ 208 key: "commit_attribution",

209`agents.job_max_runtime_seconds`209 type: "string",

~~210~~ 210 description:

211Type / Values211 'Commit co-author trailer used when `[features].codex_git_commit` is enabled. Defaults to `Codex <noreply@openai.com>`; set `""` to disable.',

~~212~~ 212 },

213`number`213 {

~~214~~ 214 key: "model_instructions_file",

215Details215 type: "string (path)",

~~216~~ 216 description:

217Default per-worker timeout for `spawn_agents_on_csv` jobs. When unset, the tool falls back to 1800 seconds per worker.217 "Replacement for built-in instructions instead of `AGENTS.md`.",

~~218~~ 218 },

219Key219 {

~~220~~ 220 key: "personality",

221`agents.max_depth`221 type: "none | friendly | pragmatic",

~~222~~ 222 description:

223Type / Values223 "Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`.",

~~224~~ 224 },

225`number`225 {

~~226~~ 226 key: "service_tier",

227Details227 type: "flex | fast",

~~228~~ 228 description: "Preferred service tier for new turns.",

229Maximum nesting depth allowed for spawned agent threads (root sessions start at depth 0; default: 1).229 },

~~230~~ 230 {

231Key231 key: "experimental_compact_prompt_file",

~~232~~ 232 type: "string (path)",

233`agents.max_threads`233 description:

~~234~~ 234 "Load the compaction prompt override from a file (experimental).",

235Type / Values235 },

~~236~~ 236 {

237`number`237 key: "skills.config",

~~238~~ 238 type: "array<object>",

239Details239 description: "Per-skill enablement overrides stored in config.toml.",

~~240~~ 240 },

241Maximum number of agent threads that can be open concurrently.241 {

~~242~~ 242 key: "skills.config.<index>.path",

243Key243 type: "string (path)",

~~244~~ 244 description: "Path to a skill folder containing `SKILL.md`.",

245`allow_login_shell`245 },

~~246~~ 246 {

247Type / Values247 key: "skills.config.<index>.enabled",

~~248~~ 248 type: "boolean",

249`boolean`249 description: "Enable or disable the referenced skill.",

~~250~~ 250 },

251Details251 {

~~252~~ 252 key: "apps.<id>.enabled",

253Allow shell-based tools to use login-shell semantics. Defaults to `true`; when `false`, `login = true` requests are rejected and omitted `login` defaults to non-login shells.253 type: "boolean",

~~254~~ 254 description:

255Key255 "Enable or disable a specific app/connector by id (default: true).",

~~256~~ 256 },

257`approval_policy`257 {

~~258~~ 258 key: "apps._default.enabled",

259Type / Values259 type: "boolean",

~~260~~ 260 description:

261`untrusted | on-request | never | { reject = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool } }`261 "Default app enabled state for all apps unless overridden per app.",

~~262~~ 262 },

263Details263 {

~~264~~ 264 key: "apps._default.destructive_enabled",

265Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { reject = { ... } }` to auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs.265 type: "boolean",

~~266~~ 266 description:

267Key267 "Default allow/deny for app tools with `destructive_hint = true`.",

~~268~~ 268 },

269`approval_policy.reject.mcp_elicitations`269 {

~~270~~ 270 key: "apps._default.open_world_enabled",

271Type / Values271 type: "boolean",

~~272~~ 272 description:

273`boolean`273 "Default allow/deny for app tools with `open_world_hint = true`.",

~~274~~ 274 },

275Details275 {

~~276~~ 276 key: "apps.<id>.destructive_enabled",

277When `true`, MCP elicitation prompts are auto-rejected instead of shown to the user.277 type: "boolean",

~~278~~ 278 description:

279Key279 "Allow or block tools in this app that advertise `destructive_hint = true`.",

~~280~~ 280 },

281`approval_policy.reject.rules`281 {

~~282~~ 282 key: "apps.<id>.open_world_enabled",

283Type / Values283 type: "boolean",

~~284~~ 284 description:

285`boolean`285 "Allow or block tools in this app that advertise `open_world_hint = true`.",

~~286~~ 286 },

287Details287 {

~~288~~ 288 key: "apps.<id>.default_tools_enabled",

289When `true`, approvals triggered by execpolicy `prompt` rules are auto-rejected.289 type: "boolean",

~~290~~ 290 description:

291Key291 "Default enabled state for tools in this app unless a per-tool override exists.",

~~292~~ 292 },

293`approval_policy.reject.sandbox_approval`293 {

~~294~~ 294 key: "apps.<id>.default_tools_approval_mode",

295Type / Values295 type: "auto | prompt | approve",

~~296~~ 296 description:

297`boolean`297 "Default approval behavior for tools in this app unless a per-tool override exists.",

~~298~~ 298 },

299Details299 {

~~300~~ 300 key: "apps.<id>.tools.<tool>.enabled",

301When `true`, sandbox escalation approval prompts are auto-rejected.301 type: "boolean",

~~302~~ 302 description:

303Key303 "Per-tool enabled override for an app tool (for example `repos/list`).",

~~304~~ 304 },

305`apps._default.destructive_enabled`305 {

~~306~~ 306 key: "apps.<id>.tools.<tool>.approval_mode",

307Type / Values307 type: "auto | prompt | approve",

~~308~~ 308 description: "Per-tool approval behavior override for a single app tool.",

309`boolean`309 },

~~310~~ 310 {

311Details311 key: "tool_suggest.discoverables",

~~312~~ 312 type: "array<table>",

313Default allow/deny for app tools with `destructive_hint = true`.313 description:

~~314~~ 314 'Allow tool suggestions for additional discoverable connectors or plugins. Each entry uses `type = "connector"` or `"plugin"` and an `id`.',

315Key315 },

~~316~~ 316 {

317`apps._default.enabled`317 key: "tool_suggest.disabled_tools",

~~318~~ 318 type: "array<table>",

319Type / Values319 description:

~~320~~ 320 'Disable suggestions for specific discoverable connectors or plugins. Each entry uses `type = "connector"` or `"plugin"` and an `id`.',

321`boolean`321 },

~~322~~ 322 {

323Details323 key: "features.apps",

~~324~~ 324 type: "boolean",

325Default app enabled state for all apps unless overridden per app.325 description: "Enable ChatGPT Apps/connectors support (experimental).",

~~326~~ 326 },

327Key327 {

~~328~~ 328 key: "features.codex_hooks",

329`apps._default.open_world_enabled`329 type: "boolean",

~~330~~ 330 description:

331Type / Values331 "Enable lifecycle hooks loaded from `hooks.json` or inline `[hooks]` config.",

~~332~~ 332 },

333`boolean`333 {

~~334~~ 334 key: "features.codex_git_commit",

335Details335 type: "boolean",

~~336~~ 336 description:

337Default allow/deny for app tools with `open_world_hint = true`.337 "Enable Codex-generated git commits. When enabled, Codex uses `commit_attribution` to append a `Co-authored-by:` trailer to generated commit messages.",

~~338~~ 338 },

339Key339 {

~~340~~ 340 key: "hooks",

341`apps.<id>.default_tools_approval_mode`341 type: "table",

~~342~~ 342 description:

343Type / Values343 "Lifecycle hooks configured inline in `config.toml`. Uses the same event schema as `hooks.json`; see the Hooks guide for examples and supported events.",

~~344~~ 344 },

345`auto | prompt | approve`345 {

~~346~~ 346 key: "features.memories",

347Details347 type: "boolean",

~~348~~ 348 description: "Enable [Memories](https://developers.openai.com/codex/memories) (off by default).",

349Default approval behavior for tools in this app unless a per-tool override exists.349 },

~~350~~ 350 {

351Key351 key: "mcp_servers.<id>.command",

~~352~~ 352 type: "string",

353`apps.<id>.default_tools_enabled`353 description: "Launcher command for an MCP stdio server.",

~~354~~ 354 },

355Type / Values355 {

~~356~~ 356 key: "mcp_servers.<id>.args",

357`boolean`357 type: "array<string>",

~~358~~ 358 description: "Arguments passed to the MCP stdio server command.",

359Details359 },

~~360~~ 360 {

361Default enabled state for tools in this app unless a per-tool override exists.361 key: "mcp_servers.<id>.env",

~~362~~ 362 type: "map<string,string>",

363Key363 description: "Environment variables forwarded to the MCP stdio server.",

~~364~~ 364 },

365`apps.<id>.destructive_enabled`365 {

~~366~~ 366 key: "mcp_servers.<id>.env_vars",

367Type / Values367 type: 'array<string | { name = string, source = "local" | "remote" }>',

~~368~~ 368 description:

369`boolean`369 'Additional environment variables to whitelist for an MCP stdio server. String entries default to `source = "local"`; use `source = "remote"` only with executor-backed remote stdio.',

~~370~~ 370 },

371Details371 {

~~372~~ 372 key: "mcp_servers.<id>.cwd",

373Allow or block tools in this app that advertise `destructive_hint = true`.373 type: "string",

~~374~~ 374 description: "Working directory for the MCP stdio server process.",

375Key375 },

~~376~~ 376 {

377`apps.<id>.enabled`377 key: "mcp_servers.<id>.url",

~~378~~ 378 type: "string",

379Type / Values379 description: "Endpoint for an MCP streamable HTTP server.",

~~380~~ 380 },

381`boolean`381 {

~~382~~ 382 key: "mcp_servers.<id>.bearer_token_env_var",

383Details383 type: "string",

~~384~~ 384 description:

385Enable or disable a specific app/connector by id (default: true).385 "Environment variable sourcing the bearer token for an MCP HTTP server.",

~~386~~ 386 },

387Key387 {

~~388~~ 388 key: "mcp_servers.<id>.http_headers",

389`apps.<id>.open_world_enabled`389 type: "map<string,string>",

~~390~~ 390 description: "Static HTTP headers included with each MCP HTTP request.",

391Type / Values391 },

~~392~~ 392 {

393`boolean`393 key: "mcp_servers.<id>.env_http_headers",

~~394~~ 394 type: "map<string,string>",

395Details395 description:

~~396~~ 396 "HTTP headers populated from environment variables for an MCP HTTP server.",

397Allow or block tools in this app that advertise `open_world_hint = true`.397 },

~~398~~ 398 {

399Key399 key: "mcp_servers.<id>.enabled",

~~400~~ 400 type: "boolean",

401`apps.<id>.tools.<tool>.approval_mode`401 description: "Disable an MCP server without removing its configuration.",

~~402~~ 402 },

403Type / Values403 {

~~404~~ 404 key: "mcp_servers.<id>.required",

405`auto | prompt | approve`405 type: "boolean",

~~406~~ 406 description:

407Details407 "When true, fail startup/resume if this enabled MCP server cannot initialize.",

~~408~~ 408 },

409Per-tool approval behavior override for a single app tool.409 {

~~410~~ 410 key: "mcp_servers.<id>.startup_timeout_sec",

411Key411 type: "number",

~~412~~ 412 description:

413`apps.<id>.tools.<tool>.enabled`413 "Override the default 10s startup timeout for an MCP server.",

~~414~~ 414 },

415Type / Values415 {

~~416~~ 416 key: "mcp_servers.<id>.startup_timeout_ms",

417`boolean`417 type: "number",

~~418~~ 418 description: "Alias for `startup_timeout_sec` in milliseconds.",

419Details419 },

~~420~~ 420 {

421Per-tool enabled override for an app tool (for example `repos/list`).421 key: "mcp_servers.<id>.tool_timeout_sec",

~~422~~ 422 type: "number",

423Key423 description:

~~424~~ 424 "Override the default 60s per-tool timeout for an MCP server.",

425`background_terminal_max_timeout`425 },

~~426~~ 426 {

427Type / Values427 key: "mcp_servers.<id>.enabled_tools",

~~428~~ 428 type: "array<string>",

429`number`429 description: "Allow list of tool names exposed by the MCP server.",

~~430~~ 430 },

431Details431 {

~~432~~ 432 key: "mcp_servers.<id>.disabled_tools",

433Maximum poll window in milliseconds for empty `write_stdin` polls (background terminal polling). Default: `300000` (5 minutes). Replaces the older `background_terminal_timeout` key.433 type: "array<string>",

~~434~~ 434 description:

435Key435 "Deny list applied after `enabled_tools` for the MCP server.",

~~436~~ 436 },

437`chatgpt_base_url`437 {

~~438~~ 438 key: "mcp_servers.<id>.scopes",

439Type / Values439 type: "array<string>",

~~440~~ 440 description:

441`string`441 "OAuth scopes to request when authenticating to that MCP server.",

~~442~~ 442 },

443Details443 {

~~444~~ 444 key: "mcp_servers.<id>.oauth_resource",

445Override the base URL used during the ChatGPT login flow.445 type: "string",

~~446~~ 446 description:

447Key447 "Optional RFC 8707 OAuth resource parameter to include during MCP login.",

~~448~~ 448 },

449`check_for_update_on_startup`449 {

~~450~~ 450 key: "mcp_servers.<id>.experimental_environment",

451Type / Values451 type: "local | remote",

~~452~~ 452 description:

453`boolean`453 "Experimental placement for an MCP server. `remote` starts stdio servers through a remote executor environment; streamable HTTP remote placement is not implemented.",

~~454~~ 454 },

455Details455 {

~~456~~ 456 key: "agents.max_threads",

457Check for Codex updates on startup (set to false only when updates are centrally managed).457 type: "number",

~~458~~ 458 description:

459Key459 "Maximum number of agent threads that can be open concurrently. Defaults to `6` when unset.",

~~460~~ 460 },

461`cli_auth_credentials_store`461 {

~~462~~ 462 key: "agents.max_depth",

463Type / Values463 type: "number",

~~464~~ 464 description:

465`file | keyring | auto`465 "Maximum nesting depth allowed for spawned agent threads (root sessions start at depth 0; default: 1).",

~~466~~ 466 },

467Details467 {

~~468~~ 468 key: "agents.job_max_runtime_seconds",

469Control where the CLI stores cached credentials (file-based auth.json vs OS keychain).469 type: "number",

~~470~~ 470 description:

471Key471 "Default per-worker timeout for `spawn_agents_on_csv` jobs. When unset, the tool falls back to 1800 seconds per worker.",

~~472~~ 472 },

473`compact_prompt`473 {

~~474~~ 474 key: "agents.<name>.description",

475Type / Values475 type: "string",

~~476~~ 476 description:

477`string`477 "Role guidance shown to Codex when choosing and spawning that agent type.",

~~478~~ 478 },

479Details479 {

~~480~~ 480 key: "agents.<name>.config_file",

481Inline override for the history compaction prompt.481 type: "string (path)",

~~482~~ 482 description:

483Key483 "Path to a TOML config layer for that role; relative paths resolve from the config file that declares the role.",

~~484~~ 484 },

485`developer_instructions`485 {

~~486~~ 486 key: "agents.<name>.nickname_candidates",

487Type / Values487 type: "array<string>",

~~488~~ 488 description:

489`string`489 "Optional pool of display nicknames for spawned agents in that role.",

~~490~~ 490 },

491Details491 {

~~492~~ 492 key: "memories.generate_memories",

493Additional developer instructions injected into the session (optional).493 type: "boolean",

~~494~~ 494 description:

495Key495 "When `false`, newly created threads are not stored as memory-generation inputs. Defaults to `true`.",

~~496~~ 496 },

497`disable_paste_burst`497 {

~~498~~ 498 key: "memories.use_memories",

499Type / Values499 type: "boolean",

~~500~~ 500 description:

501`boolean`501 "When `false`, Codex skips injecting existing memories into future sessions. Defaults to `true`.",

~~502~~ 502 },

503Details503 {

~~504~~ 504 key: "memories.disable_on_external_context",

505Disable burst-paste detection in the TUI.505 type: "boolean",

~~506~~ 506 description:

507Key507 "When `true`, threads that use external context such as MCP tool calls, web search, or tool search are kept out of memory generation. Defaults to `false`. Legacy alias: `memories.no_memories_if_mcp_or_web_search`.",

~~508~~ 508 },

509`experimental_compact_prompt_file`509 {

~~510~~ 510 key: "memories.max_raw_memories_for_consolidation",

511Type / Values511 type: "number",

~~512~~ 512 description:

513`string (path)`513 "Maximum recent raw memories retained for global consolidation. Defaults to `256` and is capped at `4096`.",

~~514~~ 514 },

515Details515 {

~~516~~ 516 key: "memories.max_unused_days",

517Load the compaction prompt override from a file (experimental).517 type: "number",

~~518~~ 518 description:

519Key519 "Maximum days since a memory was last used before it becomes ineligible for consolidation. Defaults to `30` and is clamped to `0`-`365`.",

~~520~~ 520 },

521`experimental_use_freeform_apply_patch`521 {

~~522~~ 522 key: "memories.max_rollout_age_days",

523Type / Values523 type: "number",

~~524~~ 524 description:

525`boolean`525 "Maximum age of threads considered for memory generation. Defaults to `30` and is clamped to `0`-`90`.",

~~526~~ 526 },

527Details527 {

~~528~~ 528 key: "memories.max_rollouts_per_startup",

529Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform` or `codex --enable apply_patch_freeform`.529 type: "number",

~~530~~ 530 description:

531Key531 "Maximum rollout candidates processed per startup pass. Defaults to `16` and is capped at `128`.",

~~532~~ 532 },

533`experimental_use_unified_exec_tool`533 {

~~534~~ 534 key: "memories.min_rollout_idle_hours",

535Type / Values535 type: "number",

~~536~~ 536 description:

537`boolean`537 "Minimum idle time before a thread is considered for memory generation. Defaults to `6` and is clamped to `1`-`48`.",

~~538~~ 538 },

539Details539 {

~~540~~ 540 key: "memories.min_rate_limit_remaining_percent",

541Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`.541 type: "number",

~~542~~ 542 description:

543Key543 "Minimum remaining percentage required in Codex rate-limit windows before memory generation starts. Defaults to `25` and is clamped to `0`-`100`.",

~~544~~ 544 },

545`features.apply_patch_freeform`545 {

~~546~~ 546 key: "memories.extract_model",

547Type / Values547 type: "string",

~~548~~ 548 description: "Optional model override for per-thread memory extraction.",

549`boolean`549 },

~~550~~ 550 {

551Details551 key: "memories.consolidation_model",

~~552~~ 552 type: "string",

553Expose the freeform `apply_patch` tool (experimental).553 description: "Optional model override for global memory consolidation.",

~~554~~ 554 },

555Key555 {

~~556~~ 556 key: "features.unified_exec",

557`features.apps`557 type: "boolean",

~~558~~ 558 description:

559Type / Values559 "Use the unified PTY-backed exec tool (stable; enabled by default except on Windows).",

~~560~~ 560 },

561`boolean`561 {

~~562~~ 562 key: "features.shell_snapshot",

563Details563 type: "boolean",

~~564~~ 564 description:

565Enable ChatGPT Apps/connectors support (experimental).565 "Snapshot shell environment to speed up repeated commands (stable; on by default).",

~~566~~ 566 },

567Key567 {

~~568~~ 568 key: "features.undo",

569`features.apps_mcp_gateway`569 type: "boolean",

~~570~~ 570 description: "Enable undo support (stable; off by default).",

571Type / Values571 },

~~572~~ 572 {

573`boolean`573 key: "features.multi_agent",

~~574~~ 574 type: "boolean",

575Details575 description:

~~576~~ 576 "Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait_agent`, and `close_agent`) (stable; on by default).",

577Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental).577 },

~~578~~ 578 {

579Key579 key: "features.personality",

~~580~~ 580 type: "boolean",

581`features.child_agents_md`581 description:

~~582~~ 582 "Enable personality selection controls (stable; on by default).",

583Type / Values583 },

~~584~~ 584 {

585`boolean`585 key: "features.web_search",

~~586~~ 586 type: "boolean",

587Details587 description:

~~588~~ 588 "Deprecated legacy toggle; prefer the top-level `web_search` setting.",

589Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental).589 },

~~590~~ 590 {

591Key591 key: "features.web_search_cached",

~~592~~ 592 type: "boolean",

593`features.collaboration_modes`593 description:

~~594~~ 594 'Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`.',

595Type / Values595 },

~~596~~ 596 {

597`boolean`597 key: "features.web_search_request",

~~598~~ 598 type: "boolean",

599Details599 description:

~~600~~ 600 'Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "live"`.',

601Enable collaboration modes such as plan mode (stable; on by default).601 },

~~602~~ 602 {

603Key603 key: "features.shell_tool",

~~604~~ 604 type: "boolean",

605`features.multi_agent`605 description:

~~606~~ 606 "Enable the default `shell` tool for running commands (stable; on by default).",

607Type / Values607 },

~~608~~ 608 {

609`boolean`609 key: "features.enable_request_compression",

~~610~~ 610 type: "boolean",

611Details611 description:

~~612~~ 612 "Compress streaming request bodies with zstd when supported (stable; on by default).",

613Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait`, `close_agent`, and `spawn_agents_on_csv`) (experimental; off by default).613 },

~~614~~ 614 {

615Key615 key: "features.skill_mcp_dependency_install",

~~616~~ 616 type: "boolean",

617`features.personality`617 description:

~~618~~ 618 "Allow prompting and installing missing MCP dependencies for skills (stable; on by default).",

619Type / Values619 },

~~620~~ 620 {

621`boolean`621 key: "features.fast_mode",

~~622~~ 622 type: "boolean",

623Details623 description:

~~624~~ 624 'Enable Fast mode selection and the `service_tier = "fast"` path (stable; on by default).',

625Enable personality selection controls (stable; on by default).625 },

~~626~~ 626 {

627Key627 key: "features.prevent_idle_sleep",

~~628~~ 628 type: "boolean",

629`features.powershell_utf8`629 description:

~~630~~ 630 "Prevent the machine from sleeping while a turn is actively running (experimental; off by default).",

631Type / Values631 },

~~632~~ 632 {

633`boolean`633 key: "suppress_unstable_features_warning",

~~634~~ 634 type: "boolean",

635Details635 description:

~~636~~ 636 "Suppress the warning that appears when under-development feature flags are enabled.",

637Force PowerShell UTF-8 output (defaults to true).637 },

~~638~~ 638 {

639Key639 key: "model_providers.<id>",

~~640~~ 640 type: "table",

641`features.remote_models`641 description:

~~642~~ 642 "Custom provider definition. Built-in provider IDs (`openai`, `ollama`, and `lmstudio`) are reserved and cannot be overridden.",

643Type / Values643 },

~~644~~ 644 {

645`boolean`645 key: "model_providers.<id>.name",

~~646~~ 646 type: "string",

647Details647 description: "Display name for a custom model provider.",

~~648~~ 648 },

649Refresh remote model list before showing readiness (experimental).649 {

~~650~~ 650 key: "model_providers.<id>.base_url",

651Key651 type: "string",

~~652~~ 652 description: "API base URL for the model provider.",

653`features.request_rule`653 },

~~654~~ 654 {

655Type / Values655 key: "model_providers.<id>.env_key",

~~656~~ 656 type: "string",

657`boolean`657 description: "Environment variable supplying the provider API key.",

~~658~~ 658 },

659Details659 {

~~660~~ 660 key: "model_providers.<id>.env_key_instructions",

661Enable Smart approvals (`prefix_rule` suggestions on escalation requests; stable; on by default).661 type: "string",

~~662~~ 662 description: "Optional setup guidance for the provider API key.",

663Key663 },

~~664~~ 664 {

665`features.runtime_metrics`665 key: "model_providers.<id>.experimental_bearer_token",

~~666~~ 666 type: "string",

667Type / Values667 description:

~~668~~ 668 "Direct bearer token for the provider (discouraged; use `env_key`).",

669`boolean`669 },

~~670~~ 670 {

671Details671 key: "model_providers.<id>.requires_openai_auth",

~~672~~ 672 type: "boolean",

673Show runtime metrics summary in TUI turn separators (experimental).673 description:

~~674~~ 674 "The provider uses OpenAI authentication (defaults to false).",

675Key675 },

~~676~~ 676 {

677`features.search_tool`677 key: "model_providers.<id>.wire_api",

~~678~~ 678 type: "responses",

679Type / Values679 description:

~~680~~ 680 "Protocol used by the provider. `responses` is the only supported value, and it is the default when omitted.",

681`boolean`681 },

~~682~~ 682 {

683Details683 key: "model_providers.<id>.query_params",

~~684~~ 684 type: "map<string,string>",

685Enable `search_tool_bm25` for Apps tool discovery before invoking app MCP tools (experimental).685 description: "Extra query parameters appended to provider requests.",

~~686~~ 686 },

687Key687 {

~~688~~ 688 key: "model_providers.<id>.http_headers",

689`features.shell_snapshot`689 type: "map<string,string>",

~~690~~ 690 description: "Static HTTP headers added to provider requests.",

691Type / Values691 },

~~692~~ 692 {

693`boolean`693 key: "model_providers.<id>.env_http_headers",

~~694~~ 694 type: "map<string,string>",

695Details695 description:

~~696~~ 696 "HTTP headers populated from environment variables when present.",

697Snapshot shell environment to speed up repeated commands (beta).697 },

~~698~~ 698 {

699Key699 key: "model_providers.<id>.request_max_retries",

~~700~~ 700 type: "number",

701`features.shell_tool`701 description:

~~702~~ 702 "Retry count for HTTP requests to the provider (default: 4).",

703Type / Values703 },

~~704~~ 704 {

705`boolean`705 key: "model_providers.<id>.stream_max_retries",

~~706~~ 706 type: "number",

707Details707 description: "Retry count for SSE streaming interruptions (default: 5).",

~~708~~ 708 },

709Enable the default `shell` tool for running commands (stable; on by default).709 {

~~710~~ 710 key: "model_providers.<id>.stream_idle_timeout_ms",

711Key711 type: "number",

~~712~~ 712 description:

713`features.unified_exec`713 "Idle timeout for SSE streams in milliseconds (default: 300000).",

~~714~~ 714 },

715Type / Values715 {

~~716~~ 716 key: "model_providers.<id>.supports_websockets",

717`boolean`717 type: "boolean",

~~718~~ 718 description:

719Details719 "Whether that provider supports the Responses API WebSocket transport.",

~~720~~ 720 },

721Use the unified PTY-backed exec tool (beta).721 {

~~722~~ 722 key: "model_providers.<id>.auth",

723Key723 type: "table",

~~724~~ 724 description:

725`features.use_linux_sandbox_bwrap`725 "Command-backed bearer token configuration for a custom provider. Do not combine with `env_key`, `experimental_bearer_token`, or `requires_openai_auth`.",

~~726~~ 726 },

727Type / Values727 {

~~728~~ 728 key: "model_providers.<id>.auth.command",

729`boolean`729 type: "string",

~~730~~ 730 description:

731Details731 "Command to run when Codex needs a bearer token. The command must print the token to stdout.",

~~732~~ 732 },

733Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default).733 {

~~734~~ 734 key: "model_providers.<id>.auth.args",

735Key735 type: "array<string>",

~~736~~ 736 description: "Arguments passed to the token command.",

737`features.web_search`737 },

~~738~~ 738 {

739Type / Values739 key: "model_providers.<id>.auth.timeout_ms",

~~740~~ 740 type: "number",

741`boolean`741 description:

~~742~~ 742 "Maximum token command runtime in milliseconds (default: 5000).",

743Details743 },

~~744~~ 744 {

745Deprecated legacy toggle; prefer the top-level `web_search` setting.745 key: "model_providers.<id>.auth.refresh_interval_ms",

~~746~~ 746 type: "number",

747Key747 description:

~~748~~ 748 "How often Codex proactively refreshes the token in milliseconds (default: 300000). Set to `0` to refresh only after an authentication retry.",

749`features.web_search_cached`749 },

~~750~~ 750 {

751Type / Values751 key: "model_providers.<id>.auth.cwd",

~~752~~ 752 type: "string (path)",

753`boolean`753 description: "Working directory for the token command.",

~~754~~ 754 },

755Details755 {

~~756~~ 756 key: "model_providers.amazon-bedrock.aws.profile",

757Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`.757 type: "string",

~~758~~ 758 description:

759Key759 "AWS profile name used by the built-in `amazon-bedrock` provider.",

~~760~~ 760 },

761`features.web_search_request`761 {

~~762~~ 762 key: "model_providers.amazon-bedrock.aws.region",

763Type / Values763 type: "string",

~~764~~ 764 description: "AWS region used by the built-in `amazon-bedrock` provider.",

765`boolean`765 },

~~766~~ 766 {

767Details767 key: "model_reasoning_effort",

~~768~~ 768 type: "minimal | low | medium | high | xhigh",

769Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "live"`.769 description:

~~770~~ 770 "Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent).",

771Key771 },

~~772~~ 772 {

773`feedback.enabled`773 key: "plan_mode_reasoning_effort",

775Type / Values775 description:

~~776~~ 776 "Plan-mode-specific reasoning override. When unset, Plan mode uses its built-in preset default.",

777`boolean`777 },

~~778~~ 778 {

779Details779 key: "model_reasoning_summary",

~~780~~ 780 type: "auto | concise | detailed | none",

781Enable feedback submission via `/feedback` across Codex surfaces (default: true).781 description:

~~782~~ 782 "Select reasoning summary detail or disable summaries entirely.",

783Key783 },

~~784~~ 784 {

785`file_opener`785 key: "model_verbosity",

~~786~~ 786 type: "low | medium | high",

787Type / Values787 description:

~~788~~ 788 "Optional GPT-5 Responses API verbosity override; when unset, the selected model/preset default is used.",

789`vscode | vscode-insiders | windsurf | cursor | none`789 },

~~790~~ 790 {

791Details791 key: "model_supports_reasoning_summaries",

~~792~~ 792 type: "boolean",

793URI scheme used to open citations from Codex output (default: `vscode`).793 description: "Force Codex to send or not send reasoning metadata.",

~~794~~ 794 },

795Key795 {

~~796~~ 796 key: "shell_environment_policy.inherit",

797`forced_chatgpt_workspace_id`797 type: "all | core | none",

~~798~~ 798 description:

799Type / Values799 "Baseline environment inheritance when spawning subprocesses.",

~~800~~ 800 },

801`string (uuid)`801 {

~~802~~ 802 key: "shell_environment_policy.ignore_default_excludes",

803Details803 type: "boolean",

~~804~~ 804 description:

805Limit ChatGPT logins to a specific workspace identifier.805 "Keep variables containing KEY/SECRET/TOKEN before other filters run.",

~~806~~ 806 },

807Key807 {

~~808~~ 808 key: "shell_environment_policy.exclude",

809`forced_login_method`809 type: "array<string>",

~~810~~ 810 description:

811Type / Values811 "Glob patterns for removing environment variables after the defaults.",

~~812~~ 812 },

813`chatgpt | api`813 {

~~814~~ 814 key: "shell_environment_policy.include_only",

815Details815 type: "array<string>",

~~816~~ 816 description:

817Restrict Codex to a specific authentication method.817 "Whitelist of patterns; when set only matching variables are kept.",

~~818~~ 818 },

819Key819 {

~~820~~ 820 key: "shell_environment_policy.set",

821`hide_agent_reasoning`821 type: "map<string,string>",

~~822~~ 822 description:

823Type / Values823 "Explicit environment overrides injected into every subprocess.",

~~824~~ 824 },

825`boolean`825 {

~~826~~ 826 key: "shell_environment_policy.experimental_use_profile",

827Details827 type: "boolean",

~~828~~ 828 description: "Use the user shell profile when spawning subprocesses.",

829Suppress reasoning events in both the TUI and `codex exec` output.829 },

~~830~~ 830 {

831Key831 key: "project_root_markers",

~~832~~ 832 type: "array<string>",

833`history.max_bytes`833 description:

~~834~~ 834 "List of project root marker filenames; used when searching parent directories for the project root.",

835Type / Values835 },

~~836~~ 836 {

837`number`837 key: "project_doc_max_bytes",

~~838~~ 838 type: "number",

839Details839 description:

~~840~~ 840 "Maximum bytes read from `AGENTS.md` when building project instructions.",

841If set, caps the history file size in bytes by dropping oldest entries.841 },

~~842~~ 842 {

843Key843 key: "project_doc_fallback_filenames",

~~844~~ 844 type: "array<string>",

845`history.persistence`845 description: "Additional filenames to try when `AGENTS.md` is missing.",

~~846~~ 846 },

847Type / Values847 {

~~848~~ 848 key: "profile",

849`save-all | none`849 type: "string",

~~850~~ 850 description:

851Details851 "Default profile applied at startup (equivalent to `--profile`).",

~~852~~ 852 },

853Control whether Codex saves session transcripts to history.jsonl.853 {

~~854~~ 854 key: "profiles.<name>.*",

855Key855 type: "various",

~~856~~ 856 description:

857`include_apply_patch_tool`857 "Profile-scoped overrides for any of the supported configuration keys.",

~~858~~ 858 },

859Type / Values859 {

~~860~~ 860 key: "profiles.<name>.service_tier",

861`boolean`861 type: "flex | fast",

~~862~~ 862 description: "Profile-scoped service tier preference for new turns.",

863Details863 },

~~864~~ 864 {

865Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.865 key: "profiles.<name>.plan_mode_reasoning_effort",

867Key867 description: "Profile-scoped Plan-mode reasoning override.",

~~868~~ 868 },

869`instructions`869 {

~~870~~ 870 key: "profiles.<name>.web_search",

871Type / Values871 type: "disabled | cached | live",

~~872~~ 872 description:

873`string`873 'Profile-scoped web search mode override (default: `"cached"`).',

~~874~~ 874 },

875Details875 {

~~876~~ 876 key: "profiles.<name>.personality",

877Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`.877 type: "none | friendly | pragmatic",

~~878~~ 878 description:

879Key879 "Profile-scoped communication style override for supported models.",

~~880~~ 880 },

881`log_dir`881 {

~~882~~ 882 key: "profiles.<name>.model_catalog_json",

883Type / Values883 type: "string (path)",

~~884~~ 884 description:

885`string (path)`885 "Profile-scoped model catalog JSON path override (applied on startup only; overrides the top-level `model_catalog_json` for that profile).",

~~886~~ 886 },

887Details887 {

~~888~~ 888 key: "profiles.<name>.model_instructions_file",

889Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`.889 type: "string (path)",

~~890~~ 890 description:

891Key891 "Profile-scoped replacement for the built-in instruction file.",

~~892~~ 892 },

893`mcp_oauth_callback_port`893 {

~~894~~ 894 key: "profiles.<name>.experimental_use_unified_exec_tool",

895Type / Values895 type: "boolean",

~~896~~ 896 description:

897`integer`897 "Legacy name for enabling unified exec; prefer `[features].unified_exec`.",

~~898~~ 898 },

899Details899 {

~~900~~ 900 key: "profiles.<name>.oss_provider",

901Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS.901 type: "lmstudio | ollama",

~~902~~ 902 description: "Profile-scoped OSS provider for `--oss` sessions.",

903Key903 },

~~904~~ 904 {

905`mcp_oauth_callback_url`905 key: "profiles.<name>.tools_view_image",

~~906~~ 906 type: "boolean",

907Type / Values907 description: "Enable or disable the `view_image` tool in that profile.",

~~908~~ 908 },

909`string`909 {

~~910~~ 910 key: "profiles.<name>.analytics.enabled",

911Details911 type: "boolean",

~~912~~ 912 description: "Profile-scoped analytics enablement override.",

913Optional redirect URI override for MCP OAuth login (for example, a devbox ingress URL). `mcp_oauth_callback_port` still controls the callback listener port.913 },

~~914~~ 914 {

915Key915 key: "profiles.<name>.windows.sandbox",

~~916~~ 916 type: "unelevated | elevated",

917`mcp_oauth_credentials_store`917 description: "Profile-scoped Windows sandbox mode override.",

~~918~~ 918 },

919Type / Values919 {

~~920~~ 920 key: "history.persistence",

921`auto | file | keyring`921 type: "save-all | none",

~~922~~ 922 description:

923Details923 "Control whether Codex saves session transcripts to history.jsonl.",

~~924~~ 924 },

925Preferred store for MCP OAuth credentials.925 {

~~926~~ 926 key: "tool_output_token_limit",

927Key927 type: "number",

~~928~~ 928 description:

929`mcp_servers.<id>.args`929 "Token budget for storing individual tool/function outputs in history.",

~~930~~ 930 },

931Type / Values931 {

~~932~~ 932 key: "background_terminal_max_timeout",

933`array<string>`933 type: "number",

~~934~~ 934 description:

935Details935 "Maximum poll window in milliseconds for empty `write_stdin` polls (background terminal polling). Default: `300000` (5 minutes). Replaces the older `background_terminal_timeout` key.",

~~936~~ 936 },

937Arguments passed to the MCP stdio server command.937 {

~~938~~ 938 key: "history.max_bytes",

939Key939 type: "number",

~~940~~ 940 description:

941`mcp_servers.<id>.bearer_token_env_var`941 "If set, caps the history file size in bytes by dropping oldest entries.",

~~942~~ 942 },

943Type / Values943 {

~~944~~ 944 key: "file_opener",

945`string`945 type: "vscode | vscode-insiders | windsurf | cursor | none",

~~946~~ 946 description:

947Details947 "URI scheme used to open citations from Codex output (default: `vscode`).",

~~948~~ 948 },

949Environment variable sourcing the bearer token for an MCP HTTP server.949 {

~~950~~ 950 key: "otel.environment",

951Key951 type: "string",

~~952~~ 952 description:

953`mcp_servers.<id>.command`953 "Environment tag applied to emitted OpenTelemetry events (default: `dev`).",

~~954~~ 954 },

955Type / Values955 {

~~956~~ 956 key: "otel.exporter",

957`string`957 type: "none | otlp-http | otlp-grpc",

~~958~~ 958 description:

959Details959 "Select the OpenTelemetry exporter and provide any endpoint metadata.",

~~960~~ 960 },

961Launcher command for an MCP stdio server.961 {

~~962~~ 962 key: "otel.trace_exporter",

963Key963 type: "none | otlp-http | otlp-grpc",

~~964~~ 964 description:

965`mcp_servers.<id>.cwd`965 "Select the OpenTelemetry trace exporter and provide any endpoint metadata.",

~~966~~ 966 },

967Type / Values967 {

~~968~~ 968 key: "otel.metrics_exporter",

969`string`969 type: "none | statsig | otlp-http | otlp-grpc",

~~970~~ 970 description:

971Details971 "Select the OpenTelemetry metrics exporter (defaults to `statsig`).",

~~972~~ 972 },

973Working directory for the MCP stdio server process.973 {

~~974~~ 974 key: "otel.log_user_prompt",

975Key975 type: "boolean",

~~976~~ 976 description:

977`mcp_servers.<id>.disabled_tools`977 "Opt in to exporting raw user prompts with OpenTelemetry logs.",

~~978~~ 978 },

979Type / Values979 {

~~980~~ 980 key: "otel.exporter.<id>.endpoint",

981`array<string>`981 type: "string",

~~982~~ 982 description: "Exporter endpoint for OTEL logs.",

983Details983 },

~~984~~ 984 {

985Deny list applied after `enabled_tools` for the MCP server.985 key: "otel.exporter.<id>.protocol",

~~986~~ 986 type: "binary | json",

987Key987 description: "Protocol used by the OTLP/HTTP exporter.",

~~988~~ 988 },

989`mcp_servers.<id>.enabled`989 {

~~990~~ 990 key: "otel.exporter.<id>.headers",

991Type / Values991 type: "map<string,string>",

~~992~~ 992 description: "Static headers included with OTEL exporter requests.",

993`boolean`993 },

~~994~~ 994 {

995Details995 key: "otel.trace_exporter.<id>.endpoint",

~~996~~ 996 type: "string",

997Disable an MCP server without removing its configuration.997 description: "Trace exporter endpoint for OTEL logs.",

~~998~~ 998 },

999Key999 {

~~1000~~ 1000 key: "otel.trace_exporter.<id>.protocol",

1001`mcp_servers.<id>.enabled_tools`1001 type: "binary | json",

~~1002~~ 1002 description: "Protocol used by the OTLP/HTTP trace exporter.",

1003Type / Values1003 },

~~1004~~ 1004 {

1005`array<string>`1005 key: "otel.trace_exporter.<id>.headers",

~~1006~~ 1006 type: "map<string,string>",

1007Details1007 description: "Static headers included with OTEL trace exporter requests.",

~~1008~~ 1008 },

1009Allow list of tool names exposed by the MCP server.1009 {

~~1010~~ 1010 key: "otel.exporter.<id>.tls.ca-certificate",

1011Key1011 type: "string",

~~1012~~ 1012 description: "CA certificate path for OTEL exporter TLS.",

1013`mcp_servers.<id>.env`1013 },

~~1014~~ 1014 {

1015Type / Values1015 key: "otel.exporter.<id>.tls.client-certificate",

~~1016~~ 1016 type: "string",

1017`map<string,string>`1017 description: "Client certificate path for OTEL exporter TLS.",

~~1018~~ 1018 },

1019Details1019 {

~~1020~~ 1020 key: "otel.exporter.<id>.tls.client-private-key",

1021Environment variables forwarded to the MCP stdio server.1021 type: "string",

~~1022~~ 1022 description: "Client private key path for OTEL exporter TLS.",

1023Key1023 },

~~1024~~ 1024 {

1025`mcp_servers.<id>.env_http_headers`1025 key: "otel.trace_exporter.<id>.tls.ca-certificate",

~~1026~~ 1026 type: "string",

1027Type / Values1027 description: "CA certificate path for OTEL trace exporter TLS.",

~~1028~~ 1028 },

1029`map<string,string>`1029 {

~~1030~~ 1030 key: "otel.trace_exporter.<id>.tls.client-certificate",

1031Details1031 type: "string",

~~1032~~ 1032 description: "Client certificate path for OTEL trace exporter TLS.",

1033HTTP headers populated from environment variables for an MCP HTTP server.1033 },

~~1034~~ 1034 {

1035Key1035 key: "otel.trace_exporter.<id>.tls.client-private-key",

~~1036~~ 1036 type: "string",

1037`mcp_servers.<id>.env_vars`1037 description: "Client private key path for OTEL trace exporter TLS.",

~~1038~~ 1038 },

1039Type / Values1039 {

~~1040~~ 1040 key: "tui",

1041`array<string>`1041 type: "table",

~~1042~~ 1042 description:

1043Details1043 "TUI-specific options such as enabling inline desktop notifications.",

~~1044~~ 1044 },

1045Additional environment variables to whitelist for an MCP stdio server.1045 {

~~1046~~ 1046 key: "tui.notifications",

1047Key1047 type: "boolean | array<string>",

~~1048~~ 1048 description:

1049`mcp_servers.<id>.http_headers`1049 "Enable TUI notifications; optionally restrict to specific event types.",

~~1050~~ 1050 },

1051Type / Values1051 {

~~1052~~ 1052 key: "tui.notification_method",

1053`map<string,string>`1053 type: "auto | osc9 | bel",

~~1054~~ 1054 description:

1055Details1055 "Notification method for terminal notifications (default: auto).",

~~1056~~ 1056 },

1057Static HTTP headers included with each MCP HTTP request.1057 {

~~1058~~ 1058 key: "tui.notification_condition",

1059Key1059 type: "unfocused | always",

~~1060~~ 1060 description:

1061`mcp_servers.<id>.required`1061 "Control whether TUI notifications fire only when the terminal is unfocused or regardless of focus. Defaults to `unfocused`.",

~~1062~~ 1062 },

1063Type / Values1063 {

~~1064~~ 1064 key: "tui.animations",

1065`boolean`1065 type: "boolean",

~~1066~~ 1066 description:

1067Details1067 "Enable terminal animations (welcome screen, shimmer, spinner) (default: true).",

~~1068~~ 1068 },

1069When true, fail startup/resume if this enabled MCP server cannot initialize.1069 {

~~1070~~ 1070 key: "tui.alternate_screen",

1071Key1071 type: "auto | always | never",

~~1072~~ 1072 description:

1073`mcp_servers.<id>.startup_timeout_ms`1073 "Control alternate screen usage for the TUI (default: auto; auto skips it in Zellij to preserve scrollback).",

~~1074~~ 1074 },

1075Type / Values1075 {

~~1076~~ 1076 key: "tui.show_tooltips",

1077`number`1077 type: "boolean",

~~1078~~ 1078 description:

1079Details1079 "Show onboarding tooltips in the TUI welcome screen (default: true).",

~~1080~~ 1080 },

1081Alias for `startup_timeout_sec` in milliseconds.1081 {

~~1082~~ 1082 key: "tui.status_line",

1083Key1083 type: "array<string> | null",

~~1084~~ 1084 description:

1085`mcp_servers.<id>.startup_timeout_sec`1085 "Ordered list of TUI footer status-line item identifiers. `null` disables the status line.",

~~1086~~ 1086 },

1087Type / Values1087 {

~~1088~~ 1088 key: "tui.terminal_title",

1089`number`1089 type: "array<string> | null",

~~1090~~ 1090 description:

1091Details1091 'Ordered list of terminal window/tab title item identifiers. Defaults to `["spinner", "project"]`; `null` disables title updates.',

~~1092~~ 1092 },

1093Override the default 10s startup timeout for an MCP server.1093 {

~~1094~~ 1094 key: "tui.theme",

1095Key1095 type: "string",

~~1096~~ 1096 description:

1097`mcp_servers.<id>.tool_timeout_sec`1097 "Syntax-highlighting theme override (kebab-case theme name).",

~~1098~~ 1098 },

1099Type / Values1099 {

~~1100~~ 1100 key: "tui.keymap.<context>.<action>",

1101`number`1101 type: "string | array<string>",

~~1102~~ 1102 description:

1103Details1103 "Keyboard shortcut binding for a TUI action. Supported contexts include `global`, `chat`, `composer`, `editor`, `pager`, `list`, and `approval`; context-specific bindings override `tui.keymap.global`.",

~~1104~~ 1104 },

1105Override the default 60s per-tool timeout for an MCP server.1105 {

~~1106~~ 1106 key: "tui.keymap.<context>.<action> = []",

1107Key1107 type: "empty array",

~~1108~~ 1108 description:

1109`mcp_servers.<id>.url`1109 "Unbind the action in that keymap context. Key names use normalized strings such as `ctrl-a`, `shift-enter`, or `page-down`.",

~~1110~~ 1110 },

1111Type / Values1111 {

~~1112~~ 1112 key: "tui.model_availability_nux.<model>",

1113`string`1113 type: "integer",

~~1114~~ 1114 description: "Internal startup-tooltip state keyed by model slug.",

1115Details1115 },

~~1116~~ 1116 {

1117Endpoint for an MCP streamable HTTP server.1117 key: "hide_agent_reasoning",

~~1118~~ 1118 type: "boolean",

1119Key1119 description:

~~1120~~ 1120 "Suppress reasoning events in both the TUI and `codex exec` output.",

1121`model`1121 },

~~1122~~ 1122 {

1123Type / Values1123 key: "show_raw_agent_reasoning",

~~1124~~ 1124 type: "boolean",

1125`string`1125 description:

~~1126~~ 1126 "Surface raw reasoning content when the active model emits it.",

1127Details1127 },

~~1128~~ 1128 {

1129Model to use (e.g., `gpt-5-codex`).1129 key: "disable_paste_burst",

~~1130~~ 1130 type: "boolean",

1131Key1131 description: "Disable burst-paste detection in the TUI.",

~~1132~~ 1132 },

1133`model_auto_compact_token_limit`1133 {

~~1134~~ 1134 key: "windows_wsl_setup_acknowledged",

1135Type / Values1135 type: "boolean",

~~1136~~ 1136 description: "Track Windows onboarding acknowledgement (Windows only).",

1137`number`1137 },

~~1138~~ 1138 {

1139Details1139 key: "chatgpt_base_url",

~~1140~~ 1140 type: "string",

1141Token threshold that triggers automatic history compaction (unset uses model defaults).1141 description: "Override the base URL used during the ChatGPT login flow.",

~~1142~~ 1142 },

1143Key1143 {

~~1144~~ 1144 key: "cli_auth_credentials_store",

1145`model_catalog_json`1145 type: "file | keyring | auto",

~~1146~~ 1146 description:

1147Type / Values1147 "Control where the CLI stores cached credentials (file-based auth.json vs OS keychain).",

~~1148~~ 1148 },

1149`string (path)`1149 {

~~1150~~ 1150 key: "mcp_oauth_credentials_store",

1151Details1151 type: "auto | file | keyring",

~~1152~~ 1152 description: "Preferred store for MCP OAuth credentials.",

1153Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile.1153 },

~~1154~~ 1154 {

1155Key1155 key: "mcp_oauth_callback_port",

~~1156~~ 1156 type: "integer",

1157`model_context_window`1157 description:

~~1158~~ 1158 "Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS.",

1159Type / Values1159 },

~~1160~~ 1160 {

1161`number`1161 key: "mcp_oauth_callback_url",

~~1162~~ 1162 type: "string",

1163Details1163 description:

~~1164~~ 1164 "Optional redirect URI override for MCP OAuth login (for example, a devbox ingress URL). `mcp_oauth_callback_port` still controls the callback listener port.",

1165Context window tokens available to the active model.1165 },

~~1166~~ 1166 {

1167Key1167 key: "experimental_use_unified_exec_tool",

~~1168~~ 1168 type: "boolean",

1169`model_instructions_file`1169 description:

~~1170~~ 1170 "Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`.",

1171Type / Values1171 },

~~1172~~ 1172 {

1173`string (path)`1173 key: "tools.web_search",

~~1174~~ 1174 type: 'boolean | { context_size = "low|medium|high", allowed_domains = [string], location = { country, region, city, timezone } }',

1175Details1175 description:

~~1176~~ 1176 "Optional web search tool configuration. The legacy boolean form is still accepted, but the object form lets you set search context size, allowed domains, and approximate user location.",

1177Replacement for built-in instructions instead of `AGENTS.md`.1177 },

~~1178~~ 1178 {

1179Key1179 key: "tools.view_image",

~~1180~~ 1180 type: "boolean",

1181`model_provider`1181 description: "Enable the local-image attachment tool `view_image`.",

~~1182~~ 1182 },

1183Type / Values1183 {

~~1184~~ 1184 key: "web_search",

1185`string`1185 type: "disabled | cached | live",

~~1186~~ 1186 description:

1187Details1187 'Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool.',

~~1188~~ 1188 },

1189Provider id from `model_providers` (default: `openai`).1189 {

~~1190~~ 1190 key: "default_permissions",

1191Key1191 type: "string",

~~1192~~ 1192 description:

1193`model_providers.<id>.base_url`1193 "Name of the default permissions profile to apply to sandboxed tool calls. Built-ins are `:read-only`, `:workspace`, and `:danger-no-sandbox`; custom profile names require matching `[permissions.<name>]` tables.",

~~1194~~ 1194 },

1195Type / Values1195 {

~~1196~~ 1196 key: "permissions.<name>.filesystem",

1197`string`1197 type: "table",

~~1198~~ 1198 description:

1199Details1199 "Named filesystem permission profile. Each key is an absolute path or special token such as `:minimal` or `:project_roots`.",

~~1200~~ 1200 },

1201API base URL for the model provider.1201 {

~~1202~~ 1202 key: "permissions.<name>.filesystem.glob_scan_max_depth",

1203Key1203 type: "number",

~~1204~~ 1204 description:

1205`model_providers.<id>.env_http_headers`1205 "Maximum depth for expanding deny-read glob patterns on platforms that snapshot matches before sandbox startup. Must be at least `1` when set.",

~~1206~~ 1206 },

1207Type / Values1207 {

~~1208~~ 1208 key: "permissions.<name>.filesystem.<path-or-glob>",

1209`map<string,string>`1209 type: '"read" | "write" | "none" | table',

~~1210~~ 1210 description:

1211Details1211 'Grant direct access for a path, glob pattern, or special token, or scope nested entries under that root. Use `"none"` to deny reads for matching paths.',

~~1212~~ 1212 },

1213HTTP headers populated from environment variables when present.1213 {

~~1214~~ 1214 key: 'permissions.<name>.filesystem.":project_roots".<subpath-or-glob>',

1215Key1215 type: '"read" | "write" | "none"',

~~1216~~ 1216 description:

1217`model_providers.<id>.env_key`1217 'Scoped filesystem access relative to the detected project roots. Use `"."` for the root itself; glob subpaths such as `"**/*.env"` can deny reads with `"none"`.',

~~1218~~ 1218 },

1219Type / Values1219 {

~~1220~~ 1220 key: "permissions.<name>.network.enabled",

1221`string`1221 type: "boolean",

~~1222~~ 1222 description: "Enable network access for this named permissions profile.",

1223Details1223 },

~~1224~~ 1224 {

1225Environment variable supplying the provider API key.1225 key: "permissions.<name>.network.proxy_url",

~~1226~~ 1226 type: "string",

1227Key1227 description:

~~1228~~ 1228 "HTTP proxy endpoint used when this permissions profile enables the managed network proxy.",

1229`model_providers.<id>.env_key_instructions`1229 },

~~1230~~ 1230 {

1231Type / Values1231 key: "permissions.<name>.network.enable_socks5",

~~1232~~ 1232 type: "boolean",

1233`string`1233 description:

~~1234~~ 1234 "Expose a SOCKS5 listener when this permissions profile enables the managed network proxy.",

1235Details1235 },

~~1236~~ 1236 {

1237Optional setup guidance for the provider API key.1237 key: "permissions.<name>.network.socks_url",

~~1238~~ 1238 type: "string",

1239Key1239 description: "SOCKS5 proxy endpoint used by this permissions profile.",

~~1240~~ 1240 },

1241`model_providers.<id>.experimental_bearer_token`1241 {

~~1242~~ 1242 key: "permissions.<name>.network.enable_socks5_udp",

1243Type / Values1243 type: "boolean",

~~1244~~ 1244 description: "Allow UDP over the SOCKS5 listener when enabled.",

1245`string`1245 },

~~1246~~ 1246 {

1247Details1247 key: "permissions.<name>.network.allow_upstream_proxy",

~~1248~~ 1248 type: "boolean",

1249Direct bearer token for the provider (discouraged; use `env_key`).1249 description:

~~1250~~ 1250 "Allow the managed proxy to chain to another upstream proxy.",

1251Key1251 },

~~1252~~ 1252 {

1253`model_providers.<id>.http_headers`1253 key: "permissions.<name>.network.dangerously_allow_non_loopback_proxy",

~~1254~~ 1254 type: "boolean",

1255Type / Values1255 description:

~~1256~~ 1256 "Permit non-loopback bind addresses for the managed proxy listener.",

1257`map<string,string>`1257 },

~~1258~~ 1258 {

1259Details1259 key: "permissions.<name>.network.dangerously_allow_all_unix_sockets",

~~1260~~ 1260 type: "boolean",

1261Static HTTP headers added to provider requests.1261 description:

~~1262~~ 1262 "Allow the proxy to use arbitrary Unix sockets instead of the default restricted set.",

1263Key1263 },

~~1264~~ 1264 {

1265`model_providers.<id>.name`1265 key: "permissions.<name>.network.mode",

~~1266~~ 1266 type: "limited | full",

1267Type / Values1267 description: "Network proxy mode used for subprocess traffic.",

~~1268~~ 1268 },

1269`string`1269 {

~~1270~~ 1270 key: "permissions.<name>.network.domains",

1271Details1271 type: "map<string, allow | deny>",

~~1272~~ 1272 description:

1273Display name for a custom model provider.1273 "Domain rules for the managed proxy. Use domain names or wildcard patterns as keys, with `allow` or `deny` values.",

~~1274~~ 1274 },

1275Key1275 {

~~1276~~ 1276 key: "permissions.<name>.network.unix_sockets",

1277`model_providers.<id>.query_params`1277 type: "map<string, allow | none>",

~~1278~~ 1278 description:

1279Type / Values1279 "Unix socket rules for the managed proxy. Use socket paths as keys, with `allow` or `none` values.",

~~1280~~ 1280 },

1281`map<string,string>`1281 {

~~1282~~ 1282 key: "permissions.<name>.network.allow_local_binding",

1283Details1283 type: "boolean",

~~1284~~ 1284 description:

1285Extra query parameters appended to provider requests.1285 "Permit local bind/listen operations through the managed proxy.",

~~1286~~ 1286 },

1287Key1287 {

~~1288~~ 1288 key: "projects.<path>.trust_level",

1289`model_providers.<id>.request_max_retries`1289 type: "string",

~~1290~~ 1290 description:

1291Type / Values1291 'Mark a project or worktree as trusted or untrusted (`"trusted"` | `"untrusted"`). Untrusted projects skip project-scoped `.codex/` layers, including project-local config, hooks, and rules.',

~~1292~~ 1292 },

1293`number`1293 {

~~1294~~ 1294 key: "notice.hide_full_access_warning",

1295Details1295 type: "boolean",

~~1296~~ 1296 description: "Track acknowledgement of the full access warning prompt.",

1297Retry count for HTTP requests to the provider (default: 4).1297 },

~~1298~~ 1298 {

1299Key1299 key: "notice.hide_world_writable_warning",

~~1300~~ 1300 type: "boolean",

1301`model_providers.<id>.requires_openai_auth`1301 description:

~~1302~~ 1302 "Track acknowledgement of the Windows world-writable directories warning.",

1303Type / Values1303 },

~~1304~~ 1304 {

1305`boolean`1305 key: "notice.hide_rate_limit_model_nudge",

~~1306~~ 1306 type: "boolean",

1307Details1307 description: "Track opt-out of the rate limit model switch reminder.",

~~1308~~ 1308 },

1309The provider uses OpenAI authentication (defaults to false).1309 {

~~1310~~ 1310 key: "notice.hide_gpt5_1_migration_prompt",

1311Key1311 type: "boolean",

~~1312~~ 1312 description: "Track acknowledgement of the GPT-5.1 migration prompt.",

1313`model_providers.<id>.stream_idle_timeout_ms`1313 },

~~1314~~ 1314 {

1315Type / Values1315 key: "notice.hide_gpt-5.1-codex-max_migration_prompt",

~~1316~~ 1316 type: "boolean",

1317`number`1317 description:

~~1318~~ 1318 "Track acknowledgement of the gpt-5.1-codex-max migration prompt.",

1319Details1319 },

~~1320~~ 1320 {

1321Idle timeout for SSE streams in milliseconds (default: 300000).1321 key: "notice.model_migrations",

~~1322~~ 1322 type: "map<string,string>",

1323Key1323 description: "Track acknowledged model migrations as old->new mappings.",

~~1324~~ 1324 },

1325`model_providers.<id>.stream_max_retries`1325 {

~~1326~~ 1326 key: "forced_login_method",

1327Type / Values1327 type: "chatgpt | api",

~~1328~~ 1328 description: "Restrict Codex to a specific authentication method.",

1329`number`1329 },

~~1330~~ 1330 {

1331Details1331 key: "forced_chatgpt_workspace_id",

~~1332~~ 1332 type: "string (uuid)",

1333Retry count for SSE streaming interruptions (default: 5).1333 description: "Limit ChatGPT logins to a specific workspace identifier.",

~~1334~~ 1334 },

1335Key1335 ]}

~~1336~~ 1336 client:load

1337`model_providers.<id>.wire_api`1337/>

~~1338~~

1339Type / Values

~~1340~~

1341`chat | responses`

~~1342~~

1343Details

~~1344~~

1345Protocol used by the provider (defaults to `chat` if omitted).

~~1346~~

1347Key

~~1348~~

1349`model_reasoning_effort`

~~1350~~

1351Type / Values

~~1352~~

1353`minimal | low | medium | high | xhigh`

~~1354~~

1355Details

~~1356~~

1357Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent).

~~1358~~

1359Key

~~1360~~

1361`model_reasoning_summary`

~~1362~~

1363Type / Values

~~1364~~

1365`auto | concise | detailed | none`

~~1366~~

1367Details

~~1368~~

1369Select reasoning summary detail or disable summaries entirely.

~~1370~~

1371Key

~~1372~~

1373`model_supports_reasoning_summaries`

~~1374~~

1375Type / Values

~~1376~~

1377`boolean`

~~1378~~

1379Details

~~1380~~

1381Force Codex to send or not send reasoning metadata.

~~1382~~

1383Key

~~1384~~

1385`model_verbosity`

~~1386~~

1387Type / Values

~~1388~~

1389`low | medium | high`

~~1390~~

1391Details

~~1392~~

1393Control GPT-5 Responses API verbosity (defaults to `medium`).

~~1394~~

1395Key

~~1396~~

1397`notice.hide_full_access_warning`

~~1398~~

1399Type / Values

~~1400~~

1401`boolean`

~~1402~~

1403Details

~~1404~~

1405Track acknowledgement of the full access warning prompt.

~~1406~~

1407Key

~~1408~~

1409`notice.hide_gpt-5.1-codex-max_migration_prompt`

~~1410~~

1411Type / Values

~~1412~~

1413`boolean`

~~1414~~

1415Details

~~1416~~

1417Track acknowledgement of the gpt-5.1-codex-max migration prompt.

~~1418~~

1419Key

~~1420~~

1421`notice.hide_gpt5_1_migration_prompt`

~~1422~~

1423Type / Values

~~1424~~

1425`boolean`

~~1426~~

1427Details

~~1428~~

1429Track acknowledgement of the GPT-5.1 migration prompt.

~~1430~~

1431Key

~~1432~~

1433`notice.hide_rate_limit_model_nudge`

~~1434~~

1435Type / Values

~~1436~~

1437`boolean`

~~1438~~

1439Details

~~1440~~

1441Track opt-out of the rate limit model switch reminder.

~~1442~~

1443Key

~~1444~~

1445`notice.hide_world_writable_warning`

~~1446~~

1447Type / Values

~~1448~~

1449`boolean`

~~1450~~

1451Details

~~1452~~

1453Track acknowledgement of the Windows world-writable directories warning.

~~1454~~

1455Key

~~1456~~

1457`notice.model_migrations`

~~1458~~

1459Type / Values

~~1460~~

1461`map<string,string>`

~~1462~~

1463Details

~~1464~~

1465Track acknowledged model migrations as old->new mappings.

~~1466~~

1467Key

~~1468~~

1469`notify`

~~1470~~

1471Type / Values

~~1472~~

1473`array<string>`

~~1474~~

1475Details

~~1476~~

1477Command invoked for notifications; receives a JSON payload from Codex.

~~1478~~

1479Key

~~1480~~

1481`oss_provider`

~~1482~~

1483Type / Values

~~1484~~

1485`lmstudio | ollama`

~~1486~~

1487Details

~~1488~~

1489Default local provider used when running with `--oss` (defaults to prompting if unset).

~~1490~~

1491Key

~~1492~~

1493`otel.environment`

~~1494~~

1495Type / Values

~~1496~~

1497`string`

~~1498~~

1499Details

~~1500~~

1501Environment tag applied to emitted OpenTelemetry events (default: `dev`).

~~1502~~

1503Key

~~1504~~

1505`otel.exporter`

~~1506~~

1507Type / Values

~~1508~~

1509`none | otlp-http | otlp-grpc`

~~1510~~

1511Details

~~1512~~

1513Select the OpenTelemetry exporter and provide any endpoint metadata.

~~1514~~

1515Key

~~1516~~

1517`otel.exporter.<id>.endpoint`

~~1518~~

1519Type / Values

~~1520~~

1521`string`

~~1522~~

1523Details

~~1524~~

1525Exporter endpoint for OTEL logs.

~~1526~~

1527Key

~~1528~~

1529`otel.exporter.<id>.headers`

~~1530~~

1531Type / Values

~~1532~~

1533`map<string,string>`

~~1534~~

1535Details

~~1536~~

1537Static headers included with OTEL exporter requests.

~~1538~~

1539Key

~~1540~~

1541`otel.exporter.<id>.protocol`

~~1542~~

1543Type / Values

~~1544~~

1545`binary | json`

~~1546~~

1547Details

~~1548~~

1549Protocol used by the OTLP/HTTP exporter.

~~1550~~

1551Key

~~1552~~

1553`otel.exporter.<id>.tls.ca-certificate`

~~1554~~

1555Type / Values

~~1556~~

1557`string`

~~1558~~

1559Details

~~1560~~

1561CA certificate path for OTEL exporter TLS.

~~1562~~

1563Key

~~1564~~

1565`otel.exporter.<id>.tls.client-certificate`

~~1566~~

1567Type / Values

~~1568~~

1569`string`

~~1570~~

1571Details

~~1572~~

1573Client certificate path for OTEL exporter TLS.

~~1574~~

1575Key

~~1576~~

1577`otel.exporter.<id>.tls.client-private-key`

~~1578~~

1579Type / Values

~~1580~~

1581`string`

~~1582~~

1583Details

~~1584~~

1585Client private key path for OTEL exporter TLS.

~~1586~~

1587Key

~~1588~~

1589`otel.log_user_prompt`

~~1590~~

1591Type / Values

~~1592~~

1593`boolean`

~~1594~~

1595Details

~~1596~~

1597Opt in to exporting raw user prompts with OpenTelemetry logs.

~~1598~~

1599Key

~~1600~~

1601`otel.trace_exporter`

~~1602~~

1603Type / Values

~~1604~~

1605`none | otlp-http | otlp-grpc`

~~1606~~

1607Details

~~1608~~

1609Select the OpenTelemetry trace exporter and provide any endpoint metadata.

~~1610~~

1611Key

~~1612~~

1613`otel.trace_exporter.<id>.endpoint`

~~1614~~

1615Type / Values

~~1616~~

1617`string`

~~1618~~

1619Details

~~1620~~

1621Trace exporter endpoint for OTEL logs.

~~1622~~

1623Key

~~1624~~

1625`otel.trace_exporter.<id>.headers`

~~1626~~

1627Type / Values

~~1628~~

1629`map<string,string>`

~~1630~~

1631Details

~~1632~~

1633Static headers included with OTEL trace exporter requests.

~~1634~~

1635Key

~~1636~~

1637`otel.trace_exporter.<id>.protocol`

~~1638~~

1639Type / Values

~~1640~~

1641`binary | json`

~~1642~~

1643Details

~~1644~~

1645Protocol used by the OTLP/HTTP trace exporter.

~~1646~~

1647Key

~~1648~~

1649`otel.trace_exporter.<id>.tls.ca-certificate`

~~1650~~

1651Type / Values

~~1652~~

1653`string`

~~1654~~

1655Details

~~1656~~

1657CA certificate path for OTEL trace exporter TLS.

~~1658~~

1659Key

~~1660~~

1661`otel.trace_exporter.<id>.tls.client-certificate`

~~1662~~

1663Type / Values

~~1664~~

1665`string`

~~1666~~

1667Details

~~1668~~

1669Client certificate path for OTEL trace exporter TLS.

~~1670~~

1671Key

~~1672~~

1673`otel.trace_exporter.<id>.tls.client-private-key`

~~1674~~

1675Type / Values

~~1676~~

1677`string`

~~1678~~

1679Details

~~1680~~

1681Client private key path for OTEL trace exporter TLS.

~~1682~~

1683Key

~~1684~~

1685`personality`

~~1686~~

1687Type / Values

~~1688~~

1689`none | friendly | pragmatic`

~~1690~~

1691Details

~~1692~~

1693Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`.

~~1694~~

1695Key

~~1696~~

1697`profile`

~~1698~~

1699Type / Values

~~1700~~

1701`string`

~~1702~~

1703Details

~~1704~~

1705Default profile applied at startup (equivalent to `--profile`).

~~1706~~

1707Key

~~1708~~

1709`profiles.<name>.*`

~~1710~~

1711Type / Values

~~1712~~

1713`various`

~~1714~~

1715Details

~~1716~~

1717Profile-scoped overrides for any of the supported configuration keys.

~~1718~~

1719Key

~~1720~~

1721`profiles.<name>.experimental_use_freeform_apply_patch`

~~1722~~

1723Type / Values

~~1724~~

1725`boolean`

~~1726~~

1727Details

~~1728~~

1729Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.

~~1730~~

1731Key

~~1732~~

1733`profiles.<name>.experimental_use_unified_exec_tool`

~~1734~~

1735Type / Values

~~1736~~

1737`boolean`

~~1738~~

1739Details

~~1740~~

1741Legacy name for enabling unified exec; prefer `[features].unified_exec`.

~~1742~~

1743Key

~~1744~~

1745`profiles.<name>.include_apply_patch_tool`

~~1746~~

1747Type / Values

~~1748~~

1749`boolean`

~~1750~~

1751Details

~~1752~~

1753Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.

~~1754~~

1755Key

~~1756~~

1757`profiles.<name>.model_catalog_json`

~~1758~~

1759Type / Values

~~1760~~

1761`string (path)`

~~1762~~

1763Details

~~1764~~

1765Profile-scoped model catalog JSON path override (applied on startup only; overrides the top-level `model_catalog_json` for that profile).

~~1766~~

1767Key

~~1768~~

1769`profiles.<name>.oss_provider`

~~1770~~

1771Type / Values

~~1772~~

1773`lmstudio | ollama`

~~1774~~

1775Details

~~1776~~

1777Profile-scoped OSS provider for `--oss` sessions.

~~1778~~

1779Key

~~1780~~

1781`profiles.<name>.personality`

~~1782~~

1783Type / Values

~~1784~~

1785`none | friendly | pragmatic`

~~1786~~

1787Details

~~1788~~

1789Profile-scoped communication style override for supported models.

~~1790~~

1791Key

~~1792~~

1793`profiles.<name>.web_search`

~~1794~~

1795Type / Values

~~1796~~

1797`disabled | cached | live`

~~1798~~

1799Details

~~1800~~

1801Profile-scoped web search mode override (default: `"cached"`).

~~1802~~

1803Key

~~1804~~

1805`project_doc_fallback_filenames`

~~1806~~

1807Type / Values

~~1808~~

1809`array<string>`

~~1810~~

1811Details

~~1812~~

1813Additional filenames to try when `AGENTS.md` is missing.

~~1814~~

1815Key

~~1816~~

1817`project_doc_max_bytes`

~~1818~~

1819Type / Values

~~1820~~

1821`number`

~~1822~~

1823Details

~~1824~~

1825Maximum bytes read from `AGENTS.md` when building project instructions.

~~1826~~

1827Key

~~1828~~

1829`project_root_markers`

~~1830~~

1831Type / Values

~~1832~~

1833`array<string>`

~~1834~~

1835Details

~~1836~~

1837List of project root marker filenames; used when searching parent directories for the project root.

~~1838~~

1839Key

~~1840~~

1841`projects.<path>.trust_level`

~~1842~~

1843Type / Values

~~1844~~

1845`string`

~~1846~~

1847Details

~~1848~~

1849Mark a project or worktree as trusted or untrusted (`"trusted"` | `"untrusted"`). Untrusted projects skip project-scoped `.codex/` layers.

~~1850~~

1851Key

~~1852~~

1853`review_model`

~~1854~~

1855Type / Values

~~1856~~

1857`string`

~~1858~~

1859Details

~~1860~~

1861Optional model override used by `/review` (defaults to the current session model).

~~1862~~

1863Key

~~1864~~

1865`sandbox_mode`

~~1866~~

1867Type / Values

~~1868~~

1869`read-only | workspace-write | danger-full-access`

~~1870~~

1871Details

~~1872~~

1873Sandbox policy for filesystem and network access during command execution.

~~1874~~

1875Key

~~1876~~

1877`sandbox_workspace_write.exclude_slash_tmp`

~~1878~~

1879Type / Values

~~1880~~

1881`boolean`

~~1882~~

1883Details

~~1884~~

1885Exclude `/tmp` from writable roots in workspace-write mode.

~~1886~~

1887Key

~~1888~~

1889`sandbox_workspace_write.exclude_tmpdir_env_var`

~~1890~~

1891Type / Values

~~1892~~

1893`boolean`

~~1894~~

1895Details

~~1896~~

1897Exclude `$TMPDIR` from writable roots in workspace-write mode.

~~1898~~

1899Key

~~1900~~

1901`sandbox_workspace_write.network_access`

~~1902~~

1903Type / Values

~~1904~~

1905`boolean`

~~1906~~

1907Details

~~1908~~

1909Allow outbound network access inside the workspace-write sandbox.

~~1910~~

1911Key

~~1912~~

1913`sandbox_workspace_write.writable_roots`

~~1914~~

1915Type / Values

~~1916~~

1917`array<string>`

~~1918~~

1919Details

~~1920~~

1921Additional writable roots when `sandbox_mode = "workspace-write"`.

~~1922~~

1923Key

~~1924~~

1925`shell_environment_policy.exclude`

~~1926~~

1927Type / Values

~~1928~~

1929`array<string>`

~~1930~~

1931Details

~~1932~~

1933Glob patterns for removing environment variables after the defaults.

~~1934~~

1935Key

~~1936~~

1937`shell_environment_policy.experimental_use_profile`

~~1938~~

1939Type / Values

~~1940~~

1941`boolean`

~~1942~~

1943Details

~~1944~~

1945Use the user shell profile when spawning subprocesses.

~~1946~~

1947Key

~~1948~~

1949`shell_environment_policy.ignore_default_excludes`

~~1950~~

1951Type / Values

~~1952~~

1953`boolean`

~~1954~~

1955Details

~~1956~~

1957Keep variables containing KEY/SECRET/TOKEN before other filters run.

~~1958~~

1959Key

~~1960~~

1961`shell_environment_policy.include_only`

~~1962~~

1963Type / Values

~~1964~~

1965`array<string>`

~~1966~~

1967Details

~~1968~~

1969Whitelist of patterns; when set only matching variables are kept.

~~1970~~

1971Key

~~1972~~

1973`shell_environment_policy.inherit`

~~1974~~

1975Type / Values

~~1976~~

1977`all | core | none`

~~1978~~

1979Details

~~1980~~

1981Baseline environment inheritance when spawning subprocesses.

~~1982~~

1983Key

~~1984~~

1985`shell_environment_policy.set`

~~1986~~

1987Type / Values

~~1988~~

1989`map<string,string>`

~~1990~~

1991Details

~~1992~~

1993Explicit environment overrides injected into every subprocess.

~~1994~~

1995Key

~~1996~~

1997`show_raw_agent_reasoning`

~~1998~~

1999Type / Values

~~2000~~

2001`boolean`

~~2002~~

2003Details

~~2004~~

2005Surface raw reasoning content when the active model emits it.

~~2006~~

2007Key

~~2008~~

2009`skills.config`

~~2010~~

2011Type / Values

~~2012~~

2013`array<object>`

~~2014~~

2015Details

~~2016~~

2017Per-skill enablement overrides stored in config.toml.

~~2018~~

2019Key

~~2020~~

2021`skills.config.<index>.enabled`

~~2022~~

2023Type / Values

~~2024~~

2025`boolean`

~~2026~~

2027Details

~~2028~~

2029Enable or disable the referenced skill.

~~2030~~

2031Key

~~2032~~

2033`skills.config.<index>.path`

~~2034~~

2035Type / Values

~~2036~~

2037`string (path)`

~~2038~~

2039Details

~~2040~~

2041Path to a skill folder containing `SKILL.md`.

~~2042~~

2043Key

~~2044~~

2045`sqlite_home`

~~2046~~

2047Type / Values

~~2048~~

2049`string (path)`

~~2050~~

2051Details

~~2052~~

2053Directory where Codex stores the SQLite-backed state DB used by agent jobs and other resumable runtime state.

~~2054~~

2055Key

~~2056~~

2057`suppress_unstable_features_warning`

~~2058~~

2059Type / Values

~~2060~~

2061`boolean`

~~2062~~

2063Details

~~2064~~

2065Suppress the warning that appears when under-development feature flags are enabled.

~~2066~~

2067Key

~~2068~~

2069`tool_output_token_limit`

~~2070~~

2071Type / Values

~~2072~~

2073`number`

~~2074~~

2075Details

~~2076~~

2077Token budget for storing individual tool/function outputs in history.

~~2078~~

2079Key

~~2080~~

2081`tools.web_search`

~~2082~~

2083Type / Values

~~2084~~

2085`boolean`

~~2086~~

2087Details

~~2088~~

2089Deprecated legacy toggle for web search; prefer the top-level `web_search` setting.

~~2090~~

2091Key

~~2092~~

2093`tui`

~~2094~~

2095Type / Values

~~2096~~

2097`table`

~~2098~~

2099Details

~~2100~~

2101TUI-specific options such as enabling inline desktop notifications.

~~2102~~

2103Key

~~2104~~

2105`tui.alternate_screen`

~~2106~~

2107Type / Values

~~2108~~

2109`auto | always | never`

~~2110~~

2111Details

~~2112~~

2113Control alternate screen usage for the TUI (default: auto; auto skips it in Zellij to preserve scrollback).

~~2114~~

2115Key

~~2116~~

2117`tui.animations`

~~2118~~

2119Type / Values

~~2120~~

2121`boolean`

~~2122~~

2123Details

~~2124~~

2125Enable terminal animations (welcome screen, shimmer, spinner) (default: true).

~~2126~~

2127Key

~~2128~~

2129`tui.notification_method`

~~2130~~

2131Type / Values

~~2132~~

2133`auto | osc9 | bel`

~~2134~~

2135Details

~~2136~~

2137Notification method for unfocused terminal notifications (default: auto).

~~2138~~

2139Key

~~2140~~

2141`tui.notifications`

~~2142~~

2143Type / Values

~~2144~~

2145`boolean | array<string>`

~~2146~~

2147Details

~~2148~~

2149Enable TUI notifications; optionally restrict to specific event types.

~~2150~~

2151Key

~~2152~~

2153`tui.show_tooltips`

~~2154~~

2155Type / Values

~~2156~~

2157`boolean`

~~2158~~

2159Details

~~2160~~

2161Show onboarding tooltips in the TUI welcome screen (default: true).

~~2162~~

2163Key

~~2164~~

2165`tui.status_line`

~~2166~~

2167Type / Values

~~2168~~

2169`array<string> | null`

~~2170~~

2171Details

~~2172~~

2173Ordered list of TUI footer status-line item identifiers. `null` disables the status line.

~~2174~~

2175Key

~~2176~~

2177`web_search`

~~2178~~

2179Type / Values

~~2180~~

2181`disabled | cached | live`

~~2182~~

2183Details

~~2184~~

2185Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool.

~~2186~~

2187Key

~~2188~~

2189`windows_wsl_setup_acknowledged`

~~2190~~

2191Type / Values

~~2192~~

2193`boolean`

~~2194~~

2195Details

~~2196~~

2197Track Windows onboarding acknowledgement (Windows only).

~~2198~~

2199Key

~~2200~~

2201`windows.sandbox`

~~2202~~

2203Type / Values

~~2204~~

2205`unelevated | elevated`

~~2206~~

2207Details

~~2208~~

2209Windows-only native sandbox mode when running Codex natively on Windows.

~~2210~~

2211Expand to view all

2212 1338

2213You can find the latest JSON schema for `config.toml` [here](https://developers.openai.com/codex/config-schema.json).1339You can find the latest JSON schema for `config.toml` [here](https://developers.openai.com/codex/config-schema.json).

2214 1340

2227For ChatGPT Business and Enterprise users, Codex can also apply cloud-fetched1353For ChatGPT Business and Enterprise users, Codex can also apply cloud-fetched

2228requirements. See the security page for precedence details.1354requirements. See the security page for precedence details.

2229 1355

2230| Key | Type / Values | Details |1356Use `[features]` in `requirements.toml` to pin feature flags by the same

2231| --- | --- | --- |1357canonical keys that `config.toml` uses. Omitted keys remain unconstrained.

2232| `allowed_approval_policies` | `array<string>` | Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `reject`). |1358

2233| `allowed_sandbox_modes` | `array<string>` | Allowed values for `sandbox_mode`. |1359<ConfigTable

2234| `allowed_web_search_modes` | `array<string>` | Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`. |1360 options={[

2235| `mcp_servers` | `table` | Allowlist of MCP servers that may be enabled. Both the server name (`<id>`) and its identity must match for the MCP server to be enabled. Any configured MCP server not in the allowlist (or with a mismatched identity) is disabled. |1361 {

2236| `mcp_servers.<id>.identity` | `table` | Identity rule for a single MCP server. Set either `command` (stdio) or `url` (streamable HTTP). |1362 key: "allowed_approval_policies",

2237| `mcp_servers.<id>.identity.command` | `string` | Allow an MCP stdio server when its `mcp_servers.<id>.command` matches this command. |1363 type: "array<string>",

2238| `mcp_servers.<id>.identity.url` | `string` | Allow an MCP streamable HTTP server when its `mcp_servers.<id>.url` matches this URL. |1364 description:

2239| `rules` | `table` | Admin-enforced command rules merged with `.rules` files. Requirements rules must be restrictive. |1365 "Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `granular`).",

2240| `rules.prefix_rules` | `array<table>` | List of enforced prefix rules. Each rule must include `pattern` and `decision`. |1366 },

2241| `rules.prefix_rules[].decision` | `prompt | forbidden` | Required. Requirements rules can only prompt or forbid (not allow). |1367 {

2242| `rules.prefix_rules[].justification` | `string` | Optional non-empty rationale surfaced in approval prompts or rejection messages. |1368 key: "allowed_approvals_reviewers",

2243| `rules.prefix_rules[].pattern` | `array<table>` | Command prefix expressed as pattern tokens. Each token sets either `token` or `any_of`. |1369 type: "array<string>",

2244| `rules.prefix_rules[].pattern[].any_of` | `array<string>` | A list of allowed alternative tokens at this position. |1370 description:

2245| `rules.prefix_rules[].pattern[].token` | `string` | A single literal token at this position. |1371 "Allowed values for `approvals_reviewer`, such as `user` and `auto_review`.",

~~2246~~ 1372 },

2247Key1373 {

~~2248~~ 1374 key: "guardian_policy_config",

2249`allowed_approval_policies`1375 type: "string",

~~2250~~ 1376 description:

2251Type / Values1377 "Managed Markdown policy instructions for automatic review. This takes precedence over local `[auto_review].policy`. Blank values are ignored.",

~~2252~~ 1378 },

2253`array<string>`1379 {

~~2254~~ 1380 key: "allowed_sandbox_modes",

2255Details1381 type: "array<string>",

~~2256~~ 1382 description: "Allowed values for `sandbox_mode`.",

2257Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `reject`).1383 },

~~2258~~ 1384 {

2259Key1385 key: "remote_sandbox_config",

~~2260~~ 1386 type: "array<table>",

2261`allowed_sandbox_modes`1387 description:

~~2262~~ 1388 "Host-specific sandbox requirements. The first entry whose `hostname_patterns` match the resolved host name overrides top-level `allowed_sandbox_modes` for that requirements source. Host-specific entries currently override sandbox modes only.",

2263Type / Values1389 },

~~2264~~ 1390 {

2265`array<string>`1391 key: "remote_sandbox_config[].hostname_patterns",

~~2266~~ 1392 type: "array<string>",

2267Details1393 description:

~~2268~~ 1394 "Case-insensitive host name patterns. Supports `*` for any sequence of characters and `?` for one character.",

2269Allowed values for `sandbox_mode`.1395 },

~~2270~~ 1396 {

2271Key1397 key: "remote_sandbox_config[].allowed_sandbox_modes",

~~2272~~ 1398 type: "array<string>",

2273`allowed_web_search_modes`1399 description:

~~2274~~ 1400 "Allowed sandbox modes to apply when this host-specific entry matches.",

2275Type / Values1401 },

~~2276~~ 1402 {

2277`array<string>`1403 key: "allowed_web_search_modes",

~~2278~~ 1404 type: "array<string>",

2279Details1405 description:

~~2280~~ 1406 "Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`.",

2281Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`.1407 },

~~2282~~ 1408 {

2283Key1409 key: "features",

~~2284~~ 1410 type: "table",

2285`mcp_servers`1411 description:

~~2286~~ 1412 "Pinned feature values keyed by the canonical names from `config.toml`'s `[features]` table.",

2287Type / Values1413 },

~~2288~~ 1414 {

2289`table`1415 key: "features.<name>",

~~2290~~ 1416 type: "boolean",

2291Details1417 description:

~~2292~~ 1418 "Require a specific canonical feature key to stay enabled or disabled.",

2293Allowlist of MCP servers that may be enabled. Both the server name (`<id>`) and its identity must match for the MCP server to be enabled. Any configured MCP server not in the allowlist (or with a mismatched identity) is disabled.1419 },

~~2294~~ 1420 {

2295Key1421 key: "features.in_app_browser",

~~2296~~ 1422 type: "boolean",

2297`mcp_servers.<id>.identity`1423 description:

~~2298~~ 1424 "Set to `false` in `requirements.toml` to disable the in-app browser pane.",

2299Type / Values1425 },

~~2300~~ 1426 {

2301`table`1427 key: "features.browser_use",

~~2302~~ 1428 type: "boolean",

2303Details1429 description:

~~2304~~ 1430 "Set to `false` in `requirements.toml` to disable Browser Use and Browser Agent availability.",

2305Identity rule for a single MCP server. Set either `command` (stdio) or `url` (streamable HTTP).1431 },

~~2306~~ 1432 {

2307Key1433 key: "features.computer_use",

~~2308~~ 1434 type: "boolean",

2309`mcp_servers.<id>.identity.command`1435 description:

~~2310~~ 1436 "Set to `false` in `requirements.toml` to disable Computer Use availability and related install or enablement flows.",

2311Type / Values1437 },

~~2312~~ 1438 {

2313`string`1439 key: "hooks",

~~2314~~ 1440 type: "table",

2315Details1441 description:

~~2316~~ 1442 "Admin-enforced managed lifecycle hooks. Requires a managed hook directory and uses the same event schema as inline `[hooks]` in `config.toml`.",

2317Allow an MCP stdio server when its `mcp_servers.<id>.command` matches this command.1443 },

~~2318~~ 1444 {

2319Key1445 key: "hooks.managed_dir",

~~2320~~ 1446 type: "string (absolute path)",

2321`mcp_servers.<id>.identity.url`1447 description:

~~2322~~ 1448 "Directory containing managed hook scripts on macOS and Linux. Codex validates that it is absolute and exists before loading managed hooks.",

2323Type / Values1449 },

~~2324~~ 1450 {

2325`string`1451 key: "hooks.windows_managed_dir",

~~2326~~ 1452 type: "string (absolute path)",

2327Details1453 description:

~~2328~~ 1454 "Directory containing managed hook scripts on Windows. Codex validates that it is absolute and exists before loading managed hooks.",

2329Allow an MCP streamable HTTP server when its `mcp_servers.<id>.url` matches this URL.1455 },

~~2330~~ 1456 {

2331Key1457 key: "hooks.<Event>",

~~2332~~ 1458 type: "array<table>",

2333`rules`1459 description:

~~2334~~ 1460 "Matcher groups for a hook event such as `PreToolUse`, `PostToolUse`, `PermissionRequest`, `SessionStart`, `UserPromptSubmit`, or `Stop`.",

2335Type / Values1461 },

~~2336~~ 1462 {

2337`table`1463 key: "hooks.<Event>[].hooks",

~~2338~~ 1464 type: "array<table>",

2339Details1465 description:

~~2340~~ 1466 "Hook handlers for a matcher group. Command hooks are currently supported; prompt and agent hook handlers are parsed but skipped.",

2341Admin-enforced command rules merged with `.rules` files. Requirements rules must be restrictive.1467 },

~~2342~~ 1468 {

2343Key1469 key: "permissions.filesystem.deny_read",

~~2344~~ 1470 type: "array<string>",

2345`rules.prefix_rules`1471 description:

~~2346~~ 1472 "Admin-enforced filesystem read denials. Entries can be paths or glob patterns, and users cannot weaken them with local config.",

2347Type / Values1473 },

~~2348~~ 1474 {

2349`array<table>`1475 key: "mcp_servers",

~~2350~~ 1476 type: "table",

2351Details1477 description:

~~2352~~ 1478 "Allowlist of MCP servers that may be enabled. Both the server name (`<id>`) and its identity must match for the MCP server to be enabled. Any configured MCP server not in the allowlist (or with a mismatched identity) is disabled.",

2353List of enforced prefix rules. Each rule must include `pattern` and `decision`.1479 },

~~2354~~ 1480 {

2355Key1481 key: "mcp_servers.<id>.identity",

~~2356~~ 1482 type: "table",

2357`rules.prefix_rules[].decision`1483 description:

~~2358~~ 1484 "Identity rule for a single MCP server. Set either `command` (stdio) or `url` (streamable HTTP).",

2359Type / Values1485 },

~~2360~~ 1486 {

2361`prompt | forbidden`1487 key: "mcp_servers.<id>.identity.command",

~~2362~~ 1488 type: "string",

2363Details1489 description:

~~2364~~ 1490 "Allow an MCP stdio server when its `mcp_servers.<id>.command` matches this command.",

2365Required. Requirements rules can only prompt or forbid (not allow).1491 },

~~2366~~ 1492 {

2367Key1493 key: "mcp_servers.<id>.identity.url",

~~2368~~ 1494 type: "string",

2369`rules.prefix_rules[].justification`1495 description:

~~2370~~ 1496 "Allow an MCP streamable HTTP server when its `mcp_servers.<id>.url` matches this URL.",

2371Type / Values1497 },

~~2372~~ 1498 {

2373`string`1499 key: "rules",

~~2374~~ 1500 type: "table",

2375Details1501 description:

~~2376~~ 1502 "Admin-enforced command rules merged with `.rules` files. Requirements rules must be restrictive.",

2377Optional non-empty rationale surfaced in approval prompts or rejection messages.1503 },

~~2378~~ 1504 {

2379Key1505 key: "rules.prefix_rules",

~~2380~~ 1506 type: "array<table>",

2381`rules.prefix_rules[].pattern`1507 description:

~~2382~~ 1508 "List of enforced prefix rules. Each rule must include `pattern` and `decision`.",

2383Type / Values1509 },

~~2384~~ 1510 {

2385`array<table>`1511 key: "rules.prefix_rules[].pattern",

~~2386~~ 1512 type: "array<table>",

2387Details1513 description:

~~2388~~ 1514 "Command prefix expressed as pattern tokens. Each token sets either `token` or `any_of`.",

2389Command prefix expressed as pattern tokens. Each token sets either `token` or `any_of`.1515 },

~~2390~~ 1516 {

2391Key1517 key: "rules.prefix_rules[].pattern[].token",

~~2392~~ 1518 type: "string",

2393`rules.prefix_rules[].pattern[].any_of`1519 description: "A single literal token at this position.",

~~2394~~ 1520 },

2395Type / Values1521 {

~~2396~~ 1522 key: "rules.prefix_rules[].pattern[].any_of",

2397`array<string>`1523 type: "array<string>",

~~2398~~ 1524 description: "A list of allowed alternative tokens at this position.",

2399Details1525 },

~~2400~~ 1526 {

2401A list of allowed alternative tokens at this position.1527 key: "rules.prefix_rules[].decision",

~~2402~~ 1528 type: "prompt | forbidden",

2403Key1529 description:

~~2404~~ 1530 "Required. Requirements rules can only prompt or forbid (not allow).",

2405`rules.prefix_rules[].pattern[].token`1531 },

~~2406~~ 1532 {

2407Type / Values1533 key: "rules.prefix_rules[].justification",

~~2408~~ 1534 type: "string",

2409`string`1535 description:

~~2410~~ 1536 "Optional non-empty rationale surfaced in approval prompts or rejection messages.",

2411Details1537 },

~~2412~~ 1538 ]}

2413A single literal token at this position.1539 client:load

~~2414~~ 1540/>

2415Expand to view all

config-reference.md Codex Docs, 2026-03-04 06:20 UTC → 2026-05-12 01:59 UTC