config-reference diff

config-reference.md +1508 −2389

Details

6 6

7User-level configuration lives in `~/.codex/config.toml`. You can also add project-scoped overrides in `.codex/config.toml` files. Codex loads project-scoped config files only when you trust the project.7User-level configuration lives in `~/.codex/config.toml`. You can also add project-scoped overrides in `.codex/config.toml` files. Codex loads project-scoped config files only when you trust the project.

8 8

9For sandbox and approval keys (`approval_policy`, `sandbox_mode`, and `sandbox_workspace_write.*`), pair this reference with [Sandbox and approvals](https://developers.openai.com/codex/security#sandbox-and-approvals), [Protected paths in writable roots](https://developers.openai.com/codex/security#protected-paths-in-writable-roots), and [Network access](https://developers.openai.com/codex/security#network-access).9For sandbox and approval keys (`approval_policy`, `sandbox_mode`, and `sandbox_workspace_write.*`), pair this reference with [Sandbox and approvals](https://developers.openai.com/codex/agent-approvals-security#sandbox-and-approvals), [Protected paths in writable roots](https://developers.openai.com/codex/agent-approvals-security#protected-paths-in-writable-roots), and [Network access](https://developers.openai.com/codex/agent-approvals-security#network-access).

10 10

~~11| Key | Type / Values | Details |~~11<ConfigTable

~~12| --- | --- | --- |~~12 options={[

~~13| `agents.<name>.config_file` | `string (path)` | Path to a TOML config layer for that role; relative paths resolve from the config file that declares the role. |~~13 {

~~14| `agents.<name>.description` | `string` | Role guidance shown to Codex when choosing and spawning that agent type. |~~14 key: "model",

~~15| `agents.job_max_runtime_seconds` | `number` | Default per-worker timeout for `spawn_agents_on_csv` jobs. When unset, the tool falls back to 1800 seconds per worker. |~~15 type: "string",

~~16| `agents.max_depth` | `number` | Maximum nesting depth allowed for spawned agent threads (root sessions start at depth 0; default: 1). |~~16 description: "Model to use (e.g., `gpt-5.5`).",

~~17| `agents.max_threads` | `number` | Maximum number of agent threads that can be open concurrently. |~~17 },

18| `allow_login_shell` | `boolean` | Allow shell-based tools to use login-shell semantics. Defaults to `true`; when `false`, `login = true` requests are rejected and omitted `login` defaults to non-login shells. |18 {

19| `approval_policy` | `untrusted | on-request | never | { reject = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool } }` | Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { reject = { ... } }` to auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs. |19 key: "review_model",

~~20| `approval_policy.reject.mcp_elicitations` | `boolean` | When `true`, MCP elicitation prompts are auto-rejected instead of shown to the user. |~~20 type: "string",

~~21| `approval_policy.reject.rules` | `boolean` | When `true`, approvals triggered by execpolicy `prompt` rules are auto-rejected. |~~21 description:

~~22| `approval_policy.reject.sandbox_approval` | `boolean` | When `true`, sandbox escalation approval prompts are auto-rejected. |~~22 "Optional model override used by `/review` (defaults to the current session model).",

~~23| `apps._default.destructive_enabled` | `boolean` | Default allow/deny for app tools with `destructive_hint = true`. |~~23 },

~~24| `apps._default.enabled` | `boolean` | Default app enabled state for all apps unless overridden per app. |~~24 {

~~25| `apps._default.open_world_enabled` | `boolean` | Default allow/deny for app tools with `open_world_hint = true`. |~~25 key: "model_provider",

~~27| `apps.<id>.default_tools_enabled` | `boolean` | Default enabled state for tools in this app unless a per-tool override exists. |~~27 description: "Provider id from `model_providers` (default: `openai`).",

~~28| `apps.<id>.destructive_enabled` | `boolean` | Allow or block tools in this app that advertise `destructive_hint = true`. |~~28 },

~~29| `apps.<id>.enabled` | `boolean` | Enable or disable a specific app/connector by id (default: true). |~~29 {

~~30| `apps.<id>.open_world_enabled` | `boolean` | Allow or block tools in this app that advertise `open_world_hint = true`. |~~30 key: "openai_base_url",

~~32| `apps.<id>.tools.<tool>.enabled` | `boolean` | Per-tool enabled override for an app tool (for example `repos/list`). |~~32 description:

33| `background_terminal_max_timeout` | `number` | Maximum poll window in milliseconds for empty `write_stdin` polls (background terminal polling). Default: `300000` (5 minutes). Replaces the older `background_terminal_timeout` key. |33 "Base URL override for the built-in `openai` model provider.",

~~34| `chatgpt_base_url` | `string` | Override the base URL used during the ChatGPT login flow. |~~34 },

~~35| `check_for_update_on_startup` | `boolean` | Check for Codex updates on startup (set to false only when updates are centrally managed). |~~35 {

~~37| `compact_prompt` | `string` | Inline override for the history compaction prompt. |~~37 type: "number",

~~38| `developer_instructions` | `string` | Additional developer instructions injected into the session (optional). |~~38 description: "Context window tokens available to the active model.",

~~39| `disable_paste_burst` | `boolean` | Disable burst-paste detection in the TUI. |~~39 },

~~40| `experimental_compact_prompt_file` | `string (path)` | Load the compaction prompt override from a file (experimental). |~~40 {

~~41| `experimental_use_freeform_apply_patch` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform` or `codex --enable apply_patch_freeform`. |~~41 key: "model_auto_compact_token_limit",

~~42| `experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`. |~~42 type: "number",

~~43| `features.apply_patch_freeform` | `boolean` | Expose the freeform `apply_patch` tool (experimental). |~~43 description:

~~44| `features.apps` | `boolean` | Enable ChatGPT Apps/connectors support (experimental). |~~44 "Token threshold that triggers automatic history compaction (unset uses model defaults).",

~~45| `features.apps_mcp_gateway` | `boolean` | Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental). |~~45 },

~~46| `features.child_agents_md` | `boolean` | Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental). |~~46 {

~~47| `features.collaboration_modes` | `boolean` | Enable collaboration modes such as plan mode (stable; on by default). |~~47 key: "model_catalog_json",

48| `features.multi_agent` | `boolean` | Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait`, `close_agent`, and `spawn_agents_on_csv`) (experimental; off by default). |48 type: "string (path)",

~~49| `features.personality` | `boolean` | Enable personality selection controls (stable; on by default). |~~49 description:

~~50| `features.powershell_utf8` | `boolean` | Force PowerShell UTF-8 output (defaults to true). |~~50 "Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile.",

~~51| `features.remote_models` | `boolean` | Refresh remote model list before showing readiness (experimental). |~~51 },

~~52| `features.request_rule` | `boolean` | Enable Smart approvals (`prefix_rule` suggestions on escalation requests; stable; on by default). |~~52 {

~~53| `features.runtime_metrics` | `boolean` | Show runtime metrics summary in TUI turn separators (experimental). |~~53 key: "oss_provider",

~~55| `features.shell_snapshot` | `boolean` | Snapshot shell environment to speed up repeated commands (beta). |~~55 description:

~~56| `features.shell_tool` | `boolean` | Enable the default `shell` tool for running commands (stable; on by default). |~~56 "Default local provider used when running with `--oss` (defaults to prompting if unset).",

~~57| `features.unified_exec` | `boolean` | Use the unified PTY-backed exec tool (beta). |~~57 },

~~58| `features.use_linux_sandbox_bwrap` | `boolean` | Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default). |~~58 {

~~59| `features.web_search` | `boolean` | Deprecated legacy toggle; prefer the top-level `web_search` setting. |~~59 key: "approval_policy",

~~60| `features.web_search_cached` | `boolean` | Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`. |~~60 type: "untrusted | on-request | never | { granular = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool, request_permissions = bool, skill_approval = bool } }",

~~61| `features.web_search_request` | `boolean` | Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "live"`. |~~61 description:

~~62| `feedback.enabled` | `boolean` | Enable feedback submission via `/feedback` across Codex surfaces (default: true). |~~62 "Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { granular = { ... } }` to allow or auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs.",

~~63| `file_opener` | `vscode | vscode-insiders | windsurf | cursor | none` | URI scheme used to open citations from Codex output (default: `vscode`). |~~63 },

~~64| `forced_chatgpt_workspace_id` | `string (uuid)` | Limit ChatGPT logins to a specific workspace identifier. |~~64 {

~~66| `hide_agent_reasoning` | `boolean` | Suppress reasoning events in both the TUI and `codex exec` output. |~~66 type: "boolean",

~~67| `history.max_bytes` | `number` | If set, caps the history file size in bytes by dropping oldest entries. |~~67 description:

~~69| `include_apply_patch_tool` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |~~69 },

~~70| `instructions` | `string` | Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`. |~~70 {

~~71| `log_dir` | `string (path)` | Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`. |~~71 key: "approval_policy.granular.rules",

~~72| `mcp_oauth_callback_port` | `integer` | Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS. |~~72 type: "boolean",

~~73| `mcp_oauth_callback_url` | `string` | Optional redirect URI override for MCP OAuth login (for example, a devbox ingress URL). `mcp_oauth_callback_port` still controls the callback listener port. |~~73 description:

~~75| `mcp_servers.<id>.args` | `array<string>` | Arguments passed to the MCP stdio server command. |~~75 },

~~76| `mcp_servers.<id>.bearer_token_env_var` | `string` | Environment variable sourcing the bearer token for an MCP HTTP server. |~~76 {

~~77| `mcp_servers.<id>.command` | `string` | Launcher command for an MCP stdio server. |~~77 key: "approval_policy.granular.mcp_elicitations",

~~78| `mcp_servers.<id>.cwd` | `string` | Working directory for the MCP stdio server process. |~~78 type: "boolean",

~~79| `mcp_servers.<id>.disabled_tools` | `array<string>` | Deny list applied after `enabled_tools` for the MCP server. |~~79 description:

~~80| `mcp_servers.<id>.enabled` | `boolean` | Disable an MCP server without removing its configuration. |~~80 "When `true`, MCP elicitation prompts are allowed to surface instead of being auto-rejected.",

~~81| `mcp_servers.<id>.enabled_tools` | `array<string>` | Allow list of tool names exposed by the MCP server. |~~81 },

~~82| `mcp_servers.<id>.env` | `map<string,string>` | Environment variables forwarded to the MCP stdio server. |~~82 {

~~83| `mcp_servers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables for an MCP HTTP server. |~~83 key: "approval_policy.granular.request_permissions",

~~84| `mcp_servers.<id>.env_vars` | `array<string>` | Additional environment variables to whitelist for an MCP stdio server. |~~84 type: "boolean",

~~85| `mcp_servers.<id>.http_headers` | `map<string,string>` | Static HTTP headers included with each MCP HTTP request. |~~85 description:

~~86| `mcp_servers.<id>.required` | `boolean` | When true, fail startup/resume if this enabled MCP server cannot initialize. |~~86 "When `true`, prompts from the `request_permissions` tool are allowed to surface.",

~~87| `mcp_servers.<id>.startup_timeout_ms` | `number` | Alias for `startup_timeout_sec` in milliseconds. |~~87 },

~~88| `mcp_servers.<id>.startup_timeout_sec` | `number` | Override the default 10s startup timeout for an MCP server. |~~88 {

~~89| `mcp_servers.<id>.tool_timeout_sec` | `number` | Override the default 60s per-tool timeout for an MCP server. |~~89 key: "approval_policy.granular.skill_approval",

~~90| `mcp_servers.<id>.url` | `string` | Endpoint for an MCP streamable HTTP server. |~~90 type: "boolean",

~~91| `model` | `string` | Model to use (e.g., `gpt-5-codex`). |~~91 description:

~~92| `model_auto_compact_token_limit` | `number` | Token threshold that triggers automatic history compaction (unset uses model defaults). |~~92 "When `true`, skill-script approval prompts are allowed to surface.",

~~93| `model_catalog_json` | `string (path)` | Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile. |~~93 },

~~94| `model_context_window` | `number` | Context window tokens available to the active model. |~~94 {

~~95| `model_instructions_file` | `string (path)` | Replacement for built-in instructions instead of `AGENTS.md`. |~~95 key: "approvals_reviewer",

~~97| `model_providers.<id>.base_url` | `string` | API base URL for the model provider. |~~97 description:

~~98| `model_providers.<id>.env_http_headers` | `map<string,string>` | HTTP headers populated from environment variables when present. |~~98 "Who reviews eligible approval prompts under `on-request` or granular approval policies. Defaults to `user`; `auto_review` uses the reviewer subagent. This setting doesn't change sandboxing or review actions already allowed inside the sandbox.",

~~99| `model_providers.<id>.env_key` | `string` | Environment variable supplying the provider API key. |~~99 },

100| `model_providers.<id>.env_key_instructions` | `string` | Optional setup guidance for the provider API key. |100 {

101| `model_providers.<id>.experimental_bearer_token` | `string` | Direct bearer token for the provider (discouraged; use `env_key`). |101 key: "auto_review.policy",

102| `model_providers.<id>.http_headers` | `map<string,string>` | Static HTTP headers added to provider requests. |102 type: "string",

103| `model_providers.<id>.name` | `string` | Display name for a custom model provider. |103 description:

104| `model_providers.<id>.query_params` | `map<string,string>` | Extra query parameters appended to provider requests. |104 "Local Markdown policy instructions for automatic review. Managed `guardian_policy_config` takes precedence. Blank values are ignored.",

105| `model_providers.<id>.request_max_retries` | `number` | Retry count for HTTP requests to the provider (default: 4). |105 },

106| `model_providers.<id>.requires_openai_auth` | `boolean` | The provider uses OpenAI authentication (defaults to false). |106 {

107| `model_providers.<id>.stream_idle_timeout_ms` | `number` | Idle timeout for SSE streams in milliseconds (default: 300000). |107 key: "allow_login_shell",

108| `model_providers.<id>.stream_max_retries` | `number` | Retry count for SSE streaming interruptions (default: 5). |108 type: "boolean",

111| `model_reasoning_summary` | `auto | concise | detailed | none` | Select reasoning summary detail or disable summaries entirely. |111 },

112| `model_supports_reasoning_summaries` | `boolean` | Force Codex to send or not send reasoning metadata. |112 {

115| `notice.hide_gpt-5.1-codex-max_migration_prompt` | `boolean` | Track acknowledgement of the gpt-5.1-codex-max migration prompt. |115 description:

116| `notice.hide_gpt5_1_migration_prompt` | `boolean` | Track acknowledgement of the GPT-5.1 migration prompt. |116 "Sandbox policy for filesystem and network access during command execution.",

117| `notice.hide_rate_limit_model_nudge` | `boolean` | Track opt-out of the rate limit model switch reminder. |117 },

118| `notice.hide_world_writable_warning` | `boolean` | Track acknowledgement of the Windows world-writable directories warning. |118 {

119| `notice.model_migrations` | `map<string,string>` | Track acknowledged model migrations as old->new mappings. |119 key: "sandbox_workspace_write.writable_roots",

120| `notify` | `array<string>` | Command invoked for notifications; receives a JSON payload from Codex. |120 type: "array<string>",

122| `otel.environment` | `string` | Environment tag applied to emitted OpenTelemetry events (default: `dev`). |122 'Additional writable roots when `sandbox_mode = "workspace-write"`.',

123| `otel.exporter` | `none | otlp-http | otlp-grpc` | Select the OpenTelemetry exporter and provide any endpoint metadata. |123 },

124| `otel.exporter.<id>.endpoint` | `string` | Exporter endpoint for OTEL logs. |124 {

125| `otel.exporter.<id>.headers` | `map<string,string>` | Static headers included with OTEL exporter requests. |125 key: "sandbox_workspace_write.network_access",

127| `otel.exporter.<id>.tls.ca-certificate` | `string` | CA certificate path for OTEL exporter TLS. |127 description:

128| `otel.exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL exporter TLS. |128 "Allow outbound network access inside the workspace-write sandbox.",

129| `otel.exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL exporter TLS. |129 },

130| `otel.log_user_prompt` | `boolean` | Opt in to exporting raw user prompts with OpenTelemetry logs. |130 {

132| `otel.trace_exporter.<id>.endpoint` | `string` | Trace exporter endpoint for OTEL logs. |132 type: "boolean",

133| `otel.trace_exporter.<id>.headers` | `map<string,string>` | Static headers included with OTEL trace exporter requests. |133 description:

135| `otel.trace_exporter.<id>.tls.ca-certificate` | `string` | CA certificate path for OTEL trace exporter TLS. |135 },

136| `otel.trace_exporter.<id>.tls.client-certificate` | `string` | Client certificate path for OTEL trace exporter TLS. |136 {

137| `otel.trace_exporter.<id>.tls.client-private-key` | `string` | Client private key path for OTEL trace exporter TLS. |137 key: "sandbox_workspace_write.exclude_slash_tmp",

139| `profile` | `string` | Default profile applied at startup (equivalent to `--profile`). |139 description:

140| `profiles.<name>.*` | `various` | Profile-scoped overrides for any of the supported configuration keys. |140 "Exclude `/tmp` from writable roots in workspace-write mode.",

141| `profiles.<name>.experimental_use_freeform_apply_patch` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |141 },

142| `profiles.<name>.experimental_use_unified_exec_tool` | `boolean` | Legacy name for enabling unified exec; prefer `[features].unified_exec`. |142 {

143| `profiles.<name>.include_apply_patch_tool` | `boolean` | Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`. |143 key: "windows.sandbox",

147| `profiles.<name>.web_search` | `disabled | cached | live` | Profile-scoped web search mode override (default: `"cached"`). |147 },

148| `project_doc_fallback_filenames` | `array<string>` | Additional filenames to try when `AGENTS.md` is missing. |148 {

149| `project_doc_max_bytes` | `number` | Maximum bytes read from `AGENTS.md` when building project instructions. |149 key: "windows.sandbox_private_desktop",

150| `project_root_markers` | `array<string>` | List of project root marker filenames; used when searching parent directories for the project root. |150 type: "boolean",

152| `review_model` | `string` | Optional model override used by `/review` (defaults to the current session model). |152 "Run the final sandboxed child process on a private desktop by default on native Windows. Set `false` only for compatibility with the older `Winsta0\\\\Default` behavior.",

153| `sandbox_mode` | `read-only | workspace-write | danger-full-access` | Sandbox policy for filesystem and network access during command execution. |153 },

154| `sandbox_workspace_write.exclude_slash_tmp` | `boolean` | Exclude `/tmp` from writable roots in workspace-write mode. |154 {

155| `sandbox_workspace_write.exclude_tmpdir_env_var` | `boolean` | Exclude `$TMPDIR` from writable roots in workspace-write mode. |155 key: "notify",

156| `sandbox_workspace_write.network_access` | `boolean` | Allow outbound network access inside the workspace-write sandbox. |156 type: "array<string>",

157| `sandbox_workspace_write.writable_roots` | `array<string>` | Additional writable roots when `sandbox_mode = "workspace-write"`. |157 description:

158| `shell_environment_policy.exclude` | `array<string>` | Glob patterns for removing environment variables after the defaults. |158 "Command invoked for notifications; receives a JSON payload from Codex.",

159| `shell_environment_policy.experimental_use_profile` | `boolean` | Use the user shell profile when spawning subprocesses. |159 },

160| `shell_environment_policy.ignore_default_excludes` | `boolean` | Keep variables containing KEY/SECRET/TOKEN before other filters run. |160 {

161| `shell_environment_policy.include_only` | `array<string>` | Whitelist of patterns; when set only matching variables are kept. |161 key: "check_for_update_on_startup",

163| `shell_environment_policy.set` | `map<string,string>` | Explicit environment overrides injected into every subprocess. |163 description:

164| `show_raw_agent_reasoning` | `boolean` | Surface raw reasoning content when the active model emits it. |164 "Check for Codex updates on startup (set to false only when updates are centrally managed).",

165| `skills.config` | `array<object>` | Per-skill enablement overrides stored in config.toml. |165 },

166| `skills.config.<index>.enabled` | `boolean` | Enable or disable the referenced skill. |166 {

167| `skills.config.<index>.path` | `string (path)` | Path to a skill folder containing `SKILL.md`. |167 key: "feedback.enabled",

168| `sqlite_home` | `string (path)` | Directory where Codex stores the SQLite-backed state DB used by agent jobs and other resumable runtime state. |168 type: "boolean",

169| `suppress_unstable_features_warning` | `boolean` | Suppress the warning that appears when under-development feature flags are enabled. |169 description:

170| `tool_output_token_limit` | `number` | Token budget for storing individual tool/function outputs in history. |170 "Enable feedback submission via `/feedback` across Codex surfaces (default: true).",

171| `tools.web_search` | `boolean` | Deprecated legacy toggle for web search; prefer the top-level `web_search` setting. |171 },

172| `tui` | `table` | TUI-specific options such as enabling inline desktop notifications. |172 {

174| `tui.animations` | `boolean` | Enable terminal animations (welcome screen, shimmer, spinner) (default: true). |174 type: "boolean",

175| `tui.notification_method` | `auto | osc9 | bel` | Notification method for unfocused terminal notifications (default: auto). |175 description:

177| `tui.show_tooltips` | `boolean` | Show onboarding tooltips in the TUI welcome screen (default: true). |177 },

178| `tui.status_line` | `array<string> | null` | Ordered list of TUI footer status-line item identifiers. `null` disables the status line. |178 {

179| `web_search` | `disabled | cached | live` | Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool. |179 key: "instructions",

180| `windows_wsl_setup_acknowledged` | `boolean` | Track Windows onboarding acknowledgement (Windows only). |180 type: "string",

~~182~~ 182 "Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`.",

183Key183 },

~~184~~ 184 {

185`agents.<name>.config_file`185 key: "developer_instructions",

~~186~~ 186 type: "string",

187Type / Values187 description:

~~188~~ 188 "Additional developer instructions injected into the session (optional).",

189`string (path)`189 },

~~190~~ 190 {

191Details191 key: "log_dir",

~~192~~ 192 type: "string (path)",

193Path to a TOML config layer for that role; relative paths resolve from the config file that declares the role.193 description:

~~194~~ 194 "Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`.",

195Key195 },

~~196~~ 196 {

197`agents.<name>.description`197 key: "sqlite_home",

~~198~~ 198 type: "string (path)",

199Type / Values199 description:

~~200~~ 200 "Directory where Codex stores the SQLite-backed state DB used by agent jobs and other resumable runtime state.",

201`string`201 },

~~202~~ 202 {

203Details203 key: "compact_prompt",

~~204~~ 204 type: "string",

205Role guidance shown to Codex when choosing and spawning that agent type.205 description: "Inline override for the history compaction prompt.",

~~206~~ 206 },

207Key207 {

~~208~~ 208 key: "commit_attribution",

209`agents.job_max_runtime_seconds`209 type: "string",

~~210~~ 210 description:

211Type / Values211 "Override the commit co-author trailer text. Set an empty string to disable automatic attribution.",

~~212~~ 212 },

213`number`213 {

~~214~~ 214 key: "model_instructions_file",

215Details215 type: "string (path)",

~~216~~ 216 description:

217Default per-worker timeout for `spawn_agents_on_csv` jobs. When unset, the tool falls back to 1800 seconds per worker.217 "Replacement for built-in instructions instead of `AGENTS.md`.",

~~218~~ 218 },

219Key219 {

~~220~~ 220 key: "personality",

221`agents.max_depth`221 type: "none | friendly | pragmatic",

~~222~~ 222 description:

223Type / Values223 "Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`.",

~~224~~ 224 },

225`number`225 {

~~226~~ 226 key: "service_tier",

227Details227 type: "flex | fast",

~~228~~ 228 description: "Preferred service tier for new turns.",

229Maximum nesting depth allowed for spawned agent threads (root sessions start at depth 0; default: 1).229 },

~~230~~ 230 {

231Key231 key: "experimental_compact_prompt_file",

~~232~~ 232 type: "string (path)",

233`agents.max_threads`233 description:

~~234~~ 234 "Load the compaction prompt override from a file (experimental).",

235Type / Values235 },

~~236~~ 236 {

237`number`237 key: "skills.config",

~~238~~ 238 type: "array<object>",

239Details239 description: "Per-skill enablement overrides stored in config.toml.",

~~240~~ 240 },

241Maximum number of agent threads that can be open concurrently.241 {

~~242~~ 242 key: "skills.config.<index>.path",

243Key243 type: "string (path)",

~~244~~ 244 description: "Path to a skill folder containing `SKILL.md`.",

245`allow_login_shell`245 },

~~246~~ 246 {

247Type / Values247 key: "skills.config.<index>.enabled",

~~248~~ 248 type: "boolean",

249`boolean`249 description: "Enable or disable the referenced skill.",

~~250~~ 250 },

251Details251 {

~~252~~ 252 key: "apps.<id>.enabled",

253Allow shell-based tools to use login-shell semantics. Defaults to `true`; when `false`, `login = true` requests are rejected and omitted `login` defaults to non-login shells.253 type: "boolean",

~~254~~ 254 description:

255Key255 "Enable or disable a specific app/connector by id (default: true).",

~~256~~ 256 },

257`approval_policy`257 {

~~258~~ 258 key: "apps._default.enabled",

259Type / Values259 type: "boolean",

~~260~~ 260 description:

261`untrusted | on-request | never | { reject = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool } }`261 "Default app enabled state for all apps unless overridden per app.",

~~262~~ 262 },

263Details263 {

~~264~~ 264 key: "apps._default.destructive_enabled",

265Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { reject = { ... } }` to auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs.265 type: "boolean",

~~266~~ 266 description:

267Key267 "Default allow/deny for app tools with `destructive_hint = true`.",

~~268~~ 268 },

269`approval_policy.reject.mcp_elicitations`269 {

~~270~~ 270 key: "apps._default.open_world_enabled",

271Type / Values271 type: "boolean",

~~272~~ 272 description:

273`boolean`273 "Default allow/deny for app tools with `open_world_hint = true`.",

~~274~~ 274 },

275Details275 {

~~276~~ 276 key: "apps.<id>.destructive_enabled",

277When `true`, MCP elicitation prompts are auto-rejected instead of shown to the user.277 type: "boolean",

~~278~~ 278 description:

279Key279 "Allow or block tools in this app that advertise `destructive_hint = true`.",

~~280~~ 280 },

281`approval_policy.reject.rules`281 {

~~282~~ 282 key: "apps.<id>.open_world_enabled",

283Type / Values283 type: "boolean",

~~284~~ 284 description:

285`boolean`285 "Allow or block tools in this app that advertise `open_world_hint = true`.",

~~286~~ 286 },

287Details287 {

~~288~~ 288 key: "apps.<id>.default_tools_enabled",

289When `true`, approvals triggered by execpolicy `prompt` rules are auto-rejected.289 type: "boolean",

~~290~~ 290 description:

291Key291 "Default enabled state for tools in this app unless a per-tool override exists.",

~~292~~ 292 },

293`approval_policy.reject.sandbox_approval`293 {

~~294~~ 294 key: "apps.<id>.default_tools_approval_mode",

295Type / Values295 type: "auto | prompt | approve",

~~296~~ 296 description:

297`boolean`297 "Default approval behavior for tools in this app unless a per-tool override exists.",

~~298~~ 298 },

299Details299 {

~~300~~ 300 key: "apps.<id>.tools.<tool>.enabled",

301When `true`, sandbox escalation approval prompts are auto-rejected.301 type: "boolean",

~~302~~ 302 description:

303Key303 "Per-tool enabled override for an app tool (for example `repos/list`).",

~~304~~ 304 },

305`apps._default.destructive_enabled`305 {

~~306~~ 306 key: "apps.<id>.tools.<tool>.approval_mode",

307Type / Values307 type: "auto | prompt | approve",

~~308~~ 308 description: "Per-tool approval behavior override for a single app tool.",

309`boolean`309 },

~~310~~ 310 {

311Details311 key: "tool_suggest.discoverables",

~~312~~ 312 type: "array<table>",

313Default allow/deny for app tools with `destructive_hint = true`.313 description:

~~314~~ 314 'Allow tool suggestions for additional discoverable connectors or plugins. Each entry uses `type = "connector"` or `"plugin"` and an `id`.',

315Key315 },

~~316~~ 316 {

317`apps._default.enabled`317 key: "tool_suggest.disabled_tools",

~~318~~ 318 type: "array<table>",

319Type / Values319 description:

~~320~~ 320 'Disable suggestions for specific discoverable connectors or plugins. Each entry uses `type = "connector"` or `"plugin"` and an `id`.',

321`boolean`321 },

~~322~~ 322 {

323Details323 key: "features.apps",

~~324~~ 324 type: "boolean",

325Default app enabled state for all apps unless overridden per app.325 description: "Enable ChatGPT Apps/connectors support (experimental).",

~~326~~ 326 },

327Key327 {

~~328~~ 328 key: "features.codex_hooks",

329`apps._default.open_world_enabled`329 type: "boolean",

~~330~~ 330 description:

331Type / Values331 "Enable lifecycle hooks loaded from `hooks.json` or inline `[hooks]` config.",

~~332~~ 332 },

333`boolean`333 {

~~334~~ 334 key: "hooks",

335Details335 type: "table",

~~336~~ 336 description:

337Default allow/deny for app tools with `open_world_hint = true`.337 "Lifecycle hooks configured inline in `config.toml`. Uses the same event schema as `hooks.json`; see the Hooks guide for examples and supported events.",

~~338~~ 338 },

339Key339 {

~~340~~ 340 key: "features.memories",

341`apps.<id>.default_tools_approval_mode`341 type: "boolean",

~~342~~ 342 description: "Enable [Memories](https://developers.openai.com/codex/memories) (off by default).",

343Type / Values343 },

~~344~~ 344 {

345`auto | prompt | approve`345 key: "mcp_servers.<id>.command",

~~346~~ 346 type: "string",

347Details347 description: "Launcher command for an MCP stdio server.",

~~348~~ 348 },

349Default approval behavior for tools in this app unless a per-tool override exists.349 {

~~350~~ 350 key: "mcp_servers.<id>.args",

351Key351 type: "array<string>",

~~352~~ 352 description: "Arguments passed to the MCP stdio server command.",

353`apps.<id>.default_tools_enabled`353 },

~~354~~ 354 {

355Type / Values355 key: "mcp_servers.<id>.env",

~~356~~ 356 type: "map<string,string>",

357`boolean`357 description: "Environment variables forwarded to the MCP stdio server.",

~~358~~ 358 },

359Details359 {

~~360~~ 360 key: "mcp_servers.<id>.env_vars",

361Default enabled state for tools in this app unless a per-tool override exists.361 type: 'array<string | { name = string, source = "local" | "remote" }>',

~~362~~ 362 description:

363Key363 'Additional environment variables to whitelist for an MCP stdio server. String entries default to `source = "local"`; use `source = "remote"` only with executor-backed remote stdio.',

~~364~~ 364 },

365`apps.<id>.destructive_enabled`365 {

~~366~~ 366 key: "mcp_servers.<id>.cwd",

367Type / Values367 type: "string",

~~368~~ 368 description: "Working directory for the MCP stdio server process.",

369`boolean`369 },

~~370~~ 370 {

371Details371 key: "mcp_servers.<id>.url",

~~372~~ 372 type: "string",

373Allow or block tools in this app that advertise `destructive_hint = true`.373 description: "Endpoint for an MCP streamable HTTP server.",

~~374~~ 374 },

375Key375 {

~~376~~ 376 key: "mcp_servers.<id>.bearer_token_env_var",

377`apps.<id>.enabled`377 type: "string",

~~378~~ 378 description:

379Type / Values379 "Environment variable sourcing the bearer token for an MCP HTTP server.",

~~380~~ 380 },

381`boolean`381 {

~~382~~ 382 key: "mcp_servers.<id>.http_headers",

383Details383 type: "map<string,string>",

~~384~~ 384 description: "Static HTTP headers included with each MCP HTTP request.",

385Enable or disable a specific app/connector by id (default: true).385 },

~~386~~ 386 {

387Key387 key: "mcp_servers.<id>.env_http_headers",

~~388~~ 388 type: "map<string,string>",

389`apps.<id>.open_world_enabled`389 description:

~~390~~ 390 "HTTP headers populated from environment variables for an MCP HTTP server.",

391Type / Values391 },

~~392~~ 392 {

393`boolean`393 key: "mcp_servers.<id>.enabled",

~~394~~ 394 type: "boolean",

395Details395 description: "Disable an MCP server without removing its configuration.",

~~396~~ 396 },

397Allow or block tools in this app that advertise `open_world_hint = true`.397 {

~~398~~ 398 key: "mcp_servers.<id>.required",

399Key399 type: "boolean",

~~400~~ 400 description:

401`apps.<id>.tools.<tool>.approval_mode`401 "When true, fail startup/resume if this enabled MCP server cannot initialize.",

~~402~~ 402 },

403Type / Values403 {

~~404~~ 404 key: "mcp_servers.<id>.startup_timeout_sec",

405`auto | prompt | approve`405 type: "number",

~~406~~ 406 description:

407Details407 "Override the default 10s startup timeout for an MCP server.",

~~408~~ 408 },

409Per-tool approval behavior override for a single app tool.409 {

~~410~~ 410 key: "mcp_servers.<id>.startup_timeout_ms",

411Key411 type: "number",

~~412~~ 412 description: "Alias for `startup_timeout_sec` in milliseconds.",

413`apps.<id>.tools.<tool>.enabled`413 },

~~414~~ 414 {

415Type / Values415 key: "mcp_servers.<id>.tool_timeout_sec",

~~416~~ 416 type: "number",

417`boolean`417 description:

~~418~~ 418 "Override the default 60s per-tool timeout for an MCP server.",

419Details419 },

~~420~~ 420 {

421Per-tool enabled override for an app tool (for example `repos/list`).421 key: "mcp_servers.<id>.enabled_tools",

~~422~~ 422 type: "array<string>",

423Key423 description: "Allow list of tool names exposed by the MCP server.",

~~424~~ 424 },

425`background_terminal_max_timeout`425 {

~~426~~ 426 key: "mcp_servers.<id>.disabled_tools",

427Type / Values427 type: "array<string>",

~~428~~ 428 description:

429`number`429 "Deny list applied after `enabled_tools` for the MCP server.",

~~430~~ 430 },

431Details431 {

~~432~~ 432 key: "mcp_servers.<id>.scopes",

433Maximum poll window in milliseconds for empty `write_stdin` polls (background terminal polling). Default: `300000` (5 minutes). Replaces the older `background_terminal_timeout` key.433 type: "array<string>",

~~434~~ 434 description:

435Key435 "OAuth scopes to request when authenticating to that MCP server.",

~~436~~ 436 },

437`chatgpt_base_url`437 {

~~438~~ 438 key: "mcp_servers.<id>.oauth_resource",

439Type / Values439 type: "string",

~~440~~ 440 description:

441`string`441 "Optional RFC 8707 OAuth resource parameter to include during MCP login.",

~~442~~ 442 },

443Details443 {

~~444~~ 444 key: "mcp_servers.<id>.experimental_environment",

445Override the base URL used during the ChatGPT login flow.445 type: "local | remote",

~~446~~ 446 description:

447Key447 "Experimental placement for an MCP server. `remote` starts stdio servers through a remote executor environment; streamable HTTP remote placement is not implemented.",

~~448~~ 448 },

449`check_for_update_on_startup`449 {

~~450~~ 450 key: "agents.max_threads",

451Type / Values451 type: "number",

~~452~~ 452 description:

453`boolean`453 "Maximum number of agent threads that can be open concurrently. Defaults to `6` when unset.",

~~454~~ 454 },

455Details455 {

~~456~~ 456 key: "agents.max_depth",

457Check for Codex updates on startup (set to false only when updates are centrally managed).457 type: "number",

~~458~~ 458 description:

459Key459 "Maximum nesting depth allowed for spawned agent threads (root sessions start at depth 0; default: 1).",

~~460~~ 460 },

461`cli_auth_credentials_store`461 {

~~462~~ 462 key: "agents.job_max_runtime_seconds",

463Type / Values463 type: "number",

~~464~~ 464 description:

465`file | keyring | auto`465 "Default per-worker timeout for `spawn_agents_on_csv` jobs. When unset, the tool falls back to 1800 seconds per worker.",

~~466~~ 466 },

467Details467 {

~~468~~ 468 key: "agents.<name>.description",

469Control where the CLI stores cached credentials (file-based auth.json vs OS keychain).469 type: "string",

~~470~~ 470 description:

471Key471 "Role guidance shown to Codex when choosing and spawning that agent type.",

~~472~~ 472 },

473`compact_prompt`473 {

~~474~~ 474 key: "agents.<name>.config_file",

475Type / Values475 type: "string (path)",

~~476~~ 476 description:

477`string`477 "Path to a TOML config layer for that role; relative paths resolve from the config file that declares the role.",

~~478~~ 478 },

479Details479 {

~~480~~ 480 key: "agents.<name>.nickname_candidates",

481Inline override for the history compaction prompt.481 type: "array<string>",

~~482~~ 482 description:

483Key483 "Optional pool of display nicknames for spawned agents in that role.",

~~484~~ 484 },

485`developer_instructions`485 {

~~486~~ 486 key: "memories.generate_memories",

487Type / Values487 type: "boolean",

~~488~~ 488 description:

489`string`489 "When `false`, newly created threads are not stored as memory-generation inputs. Defaults to `true`.",

~~490~~ 490 },

491Details491 {

~~492~~ 492 key: "memories.use_memories",

493Additional developer instructions injected into the session (optional).493 type: "boolean",

~~494~~ 494 description:

495Key495 "When `false`, Codex skips injecting existing memories into future sessions. Defaults to `true`.",

~~496~~ 496 },

497`disable_paste_burst`497 {

~~498~~ 498 key: "memories.disable_on_external_context",

499Type / Values499 type: "boolean",

~~500~~ 500 description:

501`boolean`501 "When `true`, threads that use external context such as MCP tool calls, web search, or tool search are kept out of memory generation. Defaults to `false`. Legacy alias: `memories.no_memories_if_mcp_or_web_search`.",

~~502~~ 502 },

503Details503 {

~~504~~ 504 key: "memories.max_raw_memories_for_consolidation",

505Disable burst-paste detection in the TUI.505 type: "number",

~~506~~ 506 description:

507Key507 "Maximum recent raw memories retained for global consolidation. Defaults to `256` and is capped at `4096`.",

~~508~~ 508 },

509`experimental_compact_prompt_file`509 {

~~510~~ 510 key: "memories.max_unused_days",

511Type / Values511 type: "number",

~~512~~ 512 description:

513`string (path)`513 "Maximum days since a memory was last used before it becomes ineligible for consolidation. Defaults to `30` and is clamped to `0`-`365`.",

~~514~~ 514 },

515Details515 {

~~516~~ 516 key: "memories.max_rollout_age_days",

517Load the compaction prompt override from a file (experimental).517 type: "number",

~~518~~ 518 description:

519Key519 "Maximum age of threads considered for memory generation. Defaults to `30` and is clamped to `0`-`90`.",

~~520~~ 520 },

521`experimental_use_freeform_apply_patch`521 {

~~522~~ 522 key: "memories.max_rollouts_per_startup",

523Type / Values523 type: "number",

~~524~~ 524 description:

525`boolean`525 "Maximum rollout candidates processed per startup pass. Defaults to `16` and is capped at `128`.",

~~526~~ 526 },

527Details527 {

~~528~~ 528 key: "memories.min_rollout_idle_hours",

529Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform` or `codex --enable apply_patch_freeform`.529 type: "number",

~~530~~ 530 description:

531Key531 "Minimum idle time before a thread is considered for memory generation. Defaults to `6` and is clamped to `1`-`48`.",

~~532~~ 532 },

533`experimental_use_unified_exec_tool`533 {

~~534~~ 534 key: "memories.min_rate_limit_remaining_percent",

535Type / Values535 type: "number",

~~536~~ 536 description:

537`boolean`537 "Minimum remaining percentage required in Codex rate-limit windows before memory generation starts. Defaults to `25` and is clamped to `0`-`100`.",

~~538~~ 538 },

539Details539 {

~~540~~ 540 key: "memories.extract_model",

541Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`.541 type: "string",

~~542~~ 542 description: "Optional model override for per-thread memory extraction.",

543Key543 },

~~544~~ 544 {

545`features.apply_patch_freeform`545 key: "memories.consolidation_model",

~~546~~ 546 type: "string",

547Type / Values547 description: "Optional model override for global memory consolidation.",

~~548~~ 548 },

549`boolean`549 {

~~550~~ 550 key: "features.unified_exec",

551Details551 type: "boolean",

~~552~~ 552 description:

553Expose the freeform `apply_patch` tool (experimental).553 "Use the unified PTY-backed exec tool (stable; enabled by default except on Windows).",

~~554~~ 554 },

555Key555 {

~~556~~ 556 key: "features.shell_snapshot",

557`features.apps`557 type: "boolean",

~~558~~ 558 description:

559Type / Values559 "Snapshot shell environment to speed up repeated commands (stable; on by default).",

~~560~~ 560 },

561`boolean`561 {

~~562~~ 562 key: "features.undo",

563Details563 type: "boolean",

~~564~~ 564 description: "Enable undo support (stable; off by default).",

565Enable ChatGPT Apps/connectors support (experimental).565 },

~~566~~ 566 {

567Key567 key: "features.multi_agent",

~~568~~ 568 type: "boolean",

569`features.apps_mcp_gateway`569 description:

~~570~~ 570 "Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait_agent`, and `close_agent`) (stable; on by default).",

571Type / Values571 },

~~572~~ 572 {

573`boolean`573 key: "features.personality",

~~574~~ 574 type: "boolean",

575Details575 description:

~~576~~ 576 "Enable personality selection controls (stable; on by default).",

577Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental).577 },

~~578~~ 578 {

579Key579 key: "features.web_search",

~~580~~ 580 type: "boolean",

581`features.child_agents_md`581 description:

~~582~~ 582 "Deprecated legacy toggle; prefer the top-level `web_search` setting.",

583Type / Values583 },

~~584~~ 584 {

585`boolean`585 key: "features.web_search_cached",

~~586~~ 586 type: "boolean",

587Details587 description:

~~588~~ 588 'Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`.',

589Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental).589 },

~~590~~ 590 {

591Key591 key: "features.web_search_request",

~~592~~ 592 type: "boolean",

593`features.collaboration_modes`593 description:

~~594~~ 594 'Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "live"`.',

595Type / Values595 },

~~596~~ 596 {

597`boolean`597 key: "features.shell_tool",

~~598~~ 598 type: "boolean",

599Details599 description:

~~600~~ 600 "Enable the default `shell` tool for running commands (stable; on by default).",

601Enable collaboration modes such as plan mode (stable; on by default).601 },

~~602~~ 602 {

603Key603 key: "features.enable_request_compression",

~~604~~ 604 type: "boolean",

605`features.multi_agent`605 description:

~~606~~ 606 "Compress streaming request bodies with zstd when supported (stable; on by default).",

607Type / Values607 },

~~608~~ 608 {

609`boolean`609 key: "features.skill_mcp_dependency_install",

~~610~~ 610 type: "boolean",

611Details611 description:

~~612~~ 612 "Allow prompting and installing missing MCP dependencies for skills (stable; on by default).",

613Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait`, `close_agent`, and `spawn_agents_on_csv`) (experimental; off by default).613 },

~~614~~ 614 {

615Key615 key: "features.fast_mode",

~~616~~ 616 type: "boolean",

617`features.personality`617 description:

~~618~~ 618 'Enable Fast mode selection and the `service_tier = "fast"` path (stable; on by default).',

619Type / Values619 },

~~620~~ 620 {

621`boolean`621 key: "features.prevent_idle_sleep",

~~622~~ 622 type: "boolean",

623Details623 description:

~~624~~ 624 "Prevent the machine from sleeping while a turn is actively running (experimental; off by default).",

625Enable personality selection controls (stable; on by default).625 },

~~626~~ 626 {

627Key627 key: "suppress_unstable_features_warning",

~~628~~ 628 type: "boolean",

629`features.powershell_utf8`629 description:

~~630~~ 630 "Suppress the warning that appears when under-development feature flags are enabled.",

631Type / Values631 },

~~632~~ 632 {

633`boolean`633 key: "model_providers.<id>",

~~634~~ 634 type: "table",

635Details635 description:

~~636~~ 636 "Custom provider definition. Built-in provider IDs (`openai`, `ollama`, and `lmstudio`) are reserved and cannot be overridden.",

637Force PowerShell UTF-8 output (defaults to true).637 },

~~638~~ 638 {

639Key639 key: "model_providers.<id>.name",

~~640~~ 640 type: "string",

641`features.remote_models`641 description: "Display name for a custom model provider.",

~~642~~ 642 },

643Type / Values643 {

~~644~~ 644 key: "model_providers.<id>.base_url",

645`boolean`645 type: "string",

~~646~~ 646 description: "API base URL for the model provider.",

647Details647 },

~~648~~ 648 {

649Refresh remote model list before showing readiness (experimental).649 key: "model_providers.<id>.env_key",

~~650~~ 650 type: "string",

651Key651 description: "Environment variable supplying the provider API key.",

~~652~~ 652 },

653`features.request_rule`653 {

~~654~~ 654 key: "model_providers.<id>.env_key_instructions",

655Type / Values655 type: "string",

~~656~~ 656 description: "Optional setup guidance for the provider API key.",

657`boolean`657 },

~~658~~ 658 {

659Details659 key: "model_providers.<id>.experimental_bearer_token",

~~660~~ 660 type: "string",

661Enable Smart approvals (`prefix_rule` suggestions on escalation requests; stable; on by default).661 description:

~~662~~ 662 "Direct bearer token for the provider (discouraged; use `env_key`).",

663Key663 },

~~664~~ 664 {

665`features.runtime_metrics`665 key: "model_providers.<id>.requires_openai_auth",

~~666~~ 666 type: "boolean",

667Type / Values667 description:

~~668~~ 668 "The provider uses OpenAI authentication (defaults to false).",

669`boolean`669 },

~~670~~ 670 {

671Details671 key: "model_providers.<id>.wire_api",

~~672~~ 672 type: "responses",

673Show runtime metrics summary in TUI turn separators (experimental).673 description:

~~674~~ 674 "Protocol used by the provider. `responses` is the only supported value, and it is the default when omitted.",

675Key675 },

~~676~~ 676 {

677`features.search_tool`677 key: "model_providers.<id>.query_params",

~~678~~ 678 type: "map<string,string>",

679Type / Values679 description: "Extra query parameters appended to provider requests.",

~~680~~ 680 },

681`boolean`681 {

~~682~~ 682 key: "model_providers.<id>.http_headers",

683Details683 type: "map<string,string>",

~~684~~ 684 description: "Static HTTP headers added to provider requests.",

685Enable `search_tool_bm25` for Apps tool discovery before invoking app MCP tools (experimental).685 },

~~686~~ 686 {

687Key687 key: "model_providers.<id>.env_http_headers",

~~688~~ 688 type: "map<string,string>",

689`features.shell_snapshot`689 description:

~~690~~ 690 "HTTP headers populated from environment variables when present.",

691Type / Values691 },

~~692~~ 692 {

693`boolean`693 key: "model_providers.<id>.request_max_retries",

~~694~~ 694 type: "number",

695Details695 description:

~~696~~ 696 "Retry count for HTTP requests to the provider (default: 4).",

697Snapshot shell environment to speed up repeated commands (beta).697 },

~~698~~ 698 {

699Key699 key: "model_providers.<id>.stream_max_retries",

~~700~~ 700 type: "number",

701`features.shell_tool`701 description: "Retry count for SSE streaming interruptions (default: 5).",

~~702~~ 702 },

703Type / Values703 {

~~704~~ 704 key: "model_providers.<id>.stream_idle_timeout_ms",

705`boolean`705 type: "number",

~~706~~ 706 description:

707Details707 "Idle timeout for SSE streams in milliseconds (default: 300000).",

~~708~~ 708 },

709Enable the default `shell` tool for running commands (stable; on by default).709 {

~~710~~ 710 key: "model_providers.<id>.supports_websockets",

711Key711 type: "boolean",

~~712~~ 712 description:

713`features.unified_exec`713 "Whether that provider supports the Responses API WebSocket transport.",

~~714~~ 714 },

715Type / Values715 {

~~716~~ 716 key: "model_providers.<id>.auth",

717`boolean`717 type: "table",

~~718~~ 718 description:

719Details719 "Command-backed bearer token configuration for a custom provider. Do not combine with `env_key`, `experimental_bearer_token`, or `requires_openai_auth`.",

~~720~~ 720 },

721Use the unified PTY-backed exec tool (beta).721 {

~~722~~ 722 key: "model_providers.<id>.auth.command",

723Key723 type: "string",

~~724~~ 724 description:

725`features.use_linux_sandbox_bwrap`725 "Command to run when Codex needs a bearer token. The command must print the token to stdout.",

~~726~~ 726 },

727Type / Values727 {

~~728~~ 728 key: "model_providers.<id>.auth.args",

729`boolean`729 type: "array<string>",

~~730~~ 730 description: "Arguments passed to the token command.",

731Details731 },

~~732~~ 732 {

733Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default).733 key: "model_providers.<id>.auth.timeout_ms",

~~734~~ 734 type: "number",

735Key735 description:

~~736~~ 736 "Maximum token command runtime in milliseconds (default: 5000).",

737`features.web_search`737 },

~~738~~ 738 {

739Type / Values739 key: "model_providers.<id>.auth.refresh_interval_ms",

~~740~~ 740 type: "number",

741`boolean`741 description:

~~742~~ 742 "How often Codex proactively refreshes the token in milliseconds (default: 300000). Set to `0` to refresh only after an authentication retry.",

743Details743 },

~~744~~ 744 {

745Deprecated legacy toggle; prefer the top-level `web_search` setting.745 key: "model_providers.<id>.auth.cwd",

~~746~~ 746 type: "string (path)",

747Key747 description: "Working directory for the token command.",

~~748~~ 748 },

749`features.web_search_cached`749 {

~~750~~ 750 key: "model_providers.amazon-bedrock.aws.profile",

751Type / Values751 type: "string",

~~752~~ 752 description:

753`boolean`753 "AWS profile name used by the built-in `amazon-bedrock` provider.",

~~754~~ 754 },

755Details755 {

~~756~~ 756 key: "model_providers.amazon-bedrock.aws.region",

757Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "cached"`.757 type: "string",

~~758~~ 758 description: "AWS region used by the built-in `amazon-bedrock` provider.",

759Key759 },

~~760~~ 760 {

761`features.web_search_request`761 key: "model_reasoning_effort",

~~762~~ 762 type: "minimal | low | medium | high | xhigh",

763Type / Values763 description:

~~764~~ 764 "Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent).",

765`boolean`765 },

~~766~~ 766 {

767Details767 key: "plan_mode_reasoning_effort",

769Deprecated legacy toggle. When `web_search` is unset, true maps to `web_search = "live"`.769 description:

~~770~~ 770 "Plan-mode-specific reasoning override. When unset, Plan mode uses its built-in preset default.",

771Key771 },

~~772~~ 772 {

773`feedback.enabled`773 key: "model_reasoning_summary",

~~774~~ 774 type: "auto | concise | detailed | none",

775Type / Values775 description:

~~776~~ 776 "Select reasoning summary detail or disable summaries entirely.",

777`boolean`777 },

~~778~~ 778 {

779Details779 key: "model_verbosity",

~~780~~ 780 type: "low | medium | high",

781Enable feedback submission via `/feedback` across Codex surfaces (default: true).781 description:

~~782~~ 782 "Optional GPT-5 Responses API verbosity override; when unset, the selected model/preset default is used.",

783Key783 },

~~784~~ 784 {

785`file_opener`785 key: "model_supports_reasoning_summaries",

~~786~~ 786 type: "boolean",

787Type / Values787 description: "Force Codex to send or not send reasoning metadata.",

~~788~~ 788 },

789`vscode | vscode-insiders | windsurf | cursor | none`789 {

~~790~~ 790 key: "shell_environment_policy.inherit",

791Details791 type: "all | core | none",

~~792~~ 792 description:

793URI scheme used to open citations from Codex output (default: `vscode`).793 "Baseline environment inheritance when spawning subprocesses.",

~~794~~ 794 },

795Key795 {

~~796~~ 796 key: "shell_environment_policy.ignore_default_excludes",

797`forced_chatgpt_workspace_id`797 type: "boolean",

~~798~~ 798 description:

799Type / Values799 "Keep variables containing KEY/SECRET/TOKEN before other filters run.",

~~800~~ 800 },

801`string (uuid)`801 {

~~802~~ 802 key: "shell_environment_policy.exclude",

803Details803 type: "array<string>",

~~804~~ 804 description:

805Limit ChatGPT logins to a specific workspace identifier.805 "Glob patterns for removing environment variables after the defaults.",

~~806~~ 806 },

807Key807 {

~~808~~ 808 key: "shell_environment_policy.include_only",

809`forced_login_method`809 type: "array<string>",

~~810~~ 810 description:

811Type / Values811 "Whitelist of patterns; when set only matching variables are kept.",

~~812~~ 812 },

813`chatgpt | api`813 {

~~814~~ 814 key: "shell_environment_policy.set",

815Details815 type: "map<string,string>",

~~816~~ 816 description:

817Restrict Codex to a specific authentication method.817 "Explicit environment overrides injected into every subprocess.",

~~818~~ 818 },

819Key819 {

~~820~~ 820 key: "shell_environment_policy.experimental_use_profile",

821`hide_agent_reasoning`821 type: "boolean",

~~822~~ 822 description: "Use the user shell profile when spawning subprocesses.",

823Type / Values823 },

~~824~~ 824 {

825`boolean`825 key: "project_root_markers",

~~826~~ 826 type: "array<string>",

827Details827 description:

~~828~~ 828 "List of project root marker filenames; used when searching parent directories for the project root.",

829Suppress reasoning events in both the TUI and `codex exec` output.829 },

~~830~~ 830 {

831Key831 key: "project_doc_max_bytes",

~~832~~ 832 type: "number",

833`history.max_bytes`833 description:

~~834~~ 834 "Maximum bytes read from `AGENTS.md` when building project instructions.",

835Type / Values835 },

~~836~~ 836 {

837`number`837 key: "project_doc_fallback_filenames",

~~838~~ 838 type: "array<string>",

839Details839 description: "Additional filenames to try when `AGENTS.md` is missing.",

~~840~~ 840 },

841If set, caps the history file size in bytes by dropping oldest entries.841 {

~~842~~ 842 key: "profile",

843Key843 type: "string",

~~844~~ 844 description:

845`history.persistence`845 "Default profile applied at startup (equivalent to `--profile`).",

~~846~~ 846 },

847Type / Values847 {

~~848~~ 848 key: "profiles.<name>.*",

849`save-all | none`849 type: "various",

~~850~~ 850 description:

851Details851 "Profile-scoped overrides for any of the supported configuration keys.",

~~852~~ 852 },

853Control whether Codex saves session transcripts to history.jsonl.853 {

~~854~~ 854 key: "profiles.<name>.service_tier",

855Key855 type: "flex | fast",

~~856~~ 856 description: "Profile-scoped service tier preference for new turns.",

857`include_apply_patch_tool`857 },

~~858~~ 858 {

859Type / Values859 key: "profiles.<name>.plan_mode_reasoning_effort",

861`boolean`861 description: "Profile-scoped Plan-mode reasoning override.",

~~862~~ 862 },

863Details863 {

~~864~~ 864 key: "profiles.<name>.web_search",

865Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.865 type: "disabled | cached | live",

~~866~~ 866 description:

867Key867 'Profile-scoped web search mode override (default: `"cached"`).',

~~868~~ 868 },

869`instructions`869 {

~~870~~ 870 key: "profiles.<name>.personality",

871Type / Values871 type: "none | friendly | pragmatic",

~~872~~ 872 description:

873`string`873 "Profile-scoped communication style override for supported models.",

~~874~~ 874 },

875Details875 {

~~876~~ 876 key: "profiles.<name>.model_catalog_json",

877Reserved for future use; prefer `model_instructions_file` or `AGENTS.md`.877 type: "string (path)",

~~878~~ 878 description:

879Key879 "Profile-scoped model catalog JSON path override (applied on startup only; overrides the top-level `model_catalog_json` for that profile).",

~~880~~ 880 },

881`log_dir`881 {

~~882~~ 882 key: "profiles.<name>.model_instructions_file",

883Type / Values883 type: "string (path)",

~~884~~ 884 description:

885`string (path)`885 "Profile-scoped replacement for the built-in instruction file.",

~~886~~ 886 },

887Details887 {

~~888~~ 888 key: "profiles.<name>.experimental_use_unified_exec_tool",

889Directory where Codex writes log files (for example `codex-tui.log`); defaults to `$CODEX_HOME/log`.889 type: "boolean",

~~890~~ 890 description:

891Key891 "Legacy name for enabling unified exec; prefer `[features].unified_exec`.",

~~892~~ 892 },

893`mcp_oauth_callback_port`893 {

~~894~~ 894 key: "profiles.<name>.oss_provider",

895Type / Values895 type: "lmstudio | ollama",

~~896~~ 896 description: "Profile-scoped OSS provider for `--oss` sessions.",

897`integer`897 },

~~898~~ 898 {

899Details899 key: "profiles.<name>.tools_view_image",

~~900~~ 900 type: "boolean",

901Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS.901 description: "Enable or disable the `view_image` tool in that profile.",

~~902~~ 902 },

903Key903 {

~~904~~ 904 key: "profiles.<name>.analytics.enabled",

905`mcp_oauth_callback_url`905 type: "boolean",

~~906~~ 906 description: "Profile-scoped analytics enablement override.",

907Type / Values907 },

~~908~~ 908 {

909`string`909 key: "profiles.<name>.windows.sandbox",

~~910~~ 910 type: "unelevated | elevated",

911Details911 description: "Profile-scoped Windows sandbox mode override.",

~~912~~ 912 },

913Optional redirect URI override for MCP OAuth login (for example, a devbox ingress URL). `mcp_oauth_callback_port` still controls the callback listener port.913 {

~~914~~ 914 key: "history.persistence",

915Key915 type: "save-all | none",

~~916~~ 916 description:

917`mcp_oauth_credentials_store`917 "Control whether Codex saves session transcripts to history.jsonl.",

~~918~~ 918 },

919Type / Values919 {

~~920~~ 920 key: "tool_output_token_limit",

921`auto | file | keyring`921 type: "number",

~~922~~ 922 description:

923Details923 "Token budget for storing individual tool/function outputs in history.",

~~924~~ 924 },

925Preferred store for MCP OAuth credentials.925 {

~~926~~ 926 key: "background_terminal_max_timeout",

927Key927 type: "number",

~~928~~ 928 description:

929`mcp_servers.<id>.args`929 "Maximum poll window in milliseconds for empty `write_stdin` polls (background terminal polling). Default: `300000` (5 minutes). Replaces the older `background_terminal_timeout` key.",

~~930~~ 930 },

931Type / Values931 {

~~932~~ 932 key: "history.max_bytes",

933`array<string>`933 type: "number",

~~934~~ 934 description:

935Details935 "If set, caps the history file size in bytes by dropping oldest entries.",

~~936~~ 936 },

937Arguments passed to the MCP stdio server command.937 {

~~938~~ 938 key: "file_opener",

939Key939 type: "vscode | vscode-insiders | windsurf | cursor | none",

~~940~~ 940 description:

941`mcp_servers.<id>.bearer_token_env_var`941 "URI scheme used to open citations from Codex output (default: `vscode`).",

~~942~~ 942 },

943Type / Values943 {

~~944~~ 944 key: "otel.environment",

945`string`945 type: "string",

~~946~~ 946 description:

947Details947 "Environment tag applied to emitted OpenTelemetry events (default: `dev`).",

~~948~~ 948 },

949Environment variable sourcing the bearer token for an MCP HTTP server.949 {

~~950~~ 950 key: "otel.exporter",

951Key951 type: "none | otlp-http | otlp-grpc",

~~952~~ 952 description:

953`mcp_servers.<id>.command`953 "Select the OpenTelemetry exporter and provide any endpoint metadata.",

~~954~~ 954 },

955Type / Values955 {

~~956~~ 956 key: "otel.trace_exporter",

957`string`957 type: "none | otlp-http | otlp-grpc",

~~958~~ 958 description:

959Details959 "Select the OpenTelemetry trace exporter and provide any endpoint metadata.",

~~960~~ 960 },

961Launcher command for an MCP stdio server.961 {

~~962~~ 962 key: "otel.metrics_exporter",

963Key963 type: "none | statsig | otlp-http | otlp-grpc",

~~964~~ 964 description:

965`mcp_servers.<id>.cwd`965 "Select the OpenTelemetry metrics exporter (defaults to `statsig`).",

~~966~~ 966 },

967Type / Values967 {

~~968~~ 968 key: "otel.log_user_prompt",

969`string`969 type: "boolean",

~~970~~ 970 description:

971Details971 "Opt in to exporting raw user prompts with OpenTelemetry logs.",

~~972~~ 972 },

973Working directory for the MCP stdio server process.973 {

~~974~~ 974 key: "otel.exporter.<id>.endpoint",

975Key975 type: "string",

~~976~~ 976 description: "Exporter endpoint for OTEL logs.",

977`mcp_servers.<id>.disabled_tools`977 },

~~978~~ 978 {

979Type / Values979 key: "otel.exporter.<id>.protocol",

~~980~~ 980 type: "binary | json",

981`array<string>`981 description: "Protocol used by the OTLP/HTTP exporter.",

~~982~~ 982 },

983Details983 {

~~984~~ 984 key: "otel.exporter.<id>.headers",

985Deny list applied after `enabled_tools` for the MCP server.985 type: "map<string,string>",

~~986~~ 986 description: "Static headers included with OTEL exporter requests.",

987Key987 },

~~988~~ 988 {

989`mcp_servers.<id>.enabled`989 key: "otel.trace_exporter.<id>.endpoint",

~~990~~ 990 type: "string",

991Type / Values991 description: "Trace exporter endpoint for OTEL logs.",

~~992~~ 992 },

993`boolean`993 {

~~994~~ 994 key: "otel.trace_exporter.<id>.protocol",

995Details995 type: "binary | json",

~~996~~ 996 description: "Protocol used by the OTLP/HTTP trace exporter.",

997Disable an MCP server without removing its configuration.997 },

~~998~~ 998 {

999Key999 key: "otel.trace_exporter.<id>.headers",

~~1000~~ 1000 type: "map<string,string>",

1001`mcp_servers.<id>.enabled_tools`1001 description: "Static headers included with OTEL trace exporter requests.",

~~1002~~ 1002 },

1003Type / Values1003 {

~~1004~~ 1004 key: "otel.exporter.<id>.tls.ca-certificate",

1005`array<string>`1005 type: "string",

~~1006~~ 1006 description: "CA certificate path for OTEL exporter TLS.",

1007Details1007 },

~~1008~~ 1008 {

1009Allow list of tool names exposed by the MCP server.1009 key: "otel.exporter.<id>.tls.client-certificate",

~~1010~~ 1010 type: "string",

1011Key1011 description: "Client certificate path for OTEL exporter TLS.",

~~1012~~ 1012 },

1013`mcp_servers.<id>.env`1013 {

~~1014~~ 1014 key: "otel.exporter.<id>.tls.client-private-key",

1015Type / Values1015 type: "string",

~~1016~~ 1016 description: "Client private key path for OTEL exporter TLS.",

1017`map<string,string>`1017 },

~~1018~~ 1018 {

1019Details1019 key: "otel.trace_exporter.<id>.tls.ca-certificate",

~~1020~~ 1020 type: "string",

1021Environment variables forwarded to the MCP stdio server.1021 description: "CA certificate path for OTEL trace exporter TLS.",

~~1022~~ 1022 },

1023Key1023 {

~~1024~~ 1024 key: "otel.trace_exporter.<id>.tls.client-certificate",

1025`mcp_servers.<id>.env_http_headers`1025 type: "string",

~~1026~~ 1026 description: "Client certificate path for OTEL trace exporter TLS.",

1027Type / Values1027 },

~~1028~~ 1028 {

1029`map<string,string>`1029 key: "otel.trace_exporter.<id>.tls.client-private-key",

~~1030~~ 1030 type: "string",

1031Details1031 description: "Client private key path for OTEL trace exporter TLS.",

~~1032~~ 1032 },

1033HTTP headers populated from environment variables for an MCP HTTP server.1033 {

~~1034~~ 1034 key: "tui",

1035Key1035 type: "table",

~~1036~~ 1036 description:

1037`mcp_servers.<id>.env_vars`1037 "TUI-specific options such as enabling inline desktop notifications.",

~~1038~~ 1038 },

1039Type / Values1039 {

~~1040~~ 1040 key: "tui.notifications",

1041`array<string>`1041 type: "boolean | array<string>",

~~1042~~ 1042 description:

1043Details1043 "Enable TUI notifications; optionally restrict to specific event types.",

~~1044~~ 1044 },

1045Additional environment variables to whitelist for an MCP stdio server.1045 {

~~1046~~ 1046 key: "tui.notification_method",

1047Key1047 type: "auto | osc9 | bel",

~~1048~~ 1048 description:

1049`mcp_servers.<id>.http_headers`1049 "Notification method for terminal notifications (default: auto).",

~~1050~~ 1050 },

1051Type / Values1051 {

~~1052~~ 1052 key: "tui.notification_condition",

1053`map<string,string>`1053 type: "unfocused | always",

~~1054~~ 1054 description:

1055Details1055 "Control whether TUI notifications fire only when the terminal is unfocused or regardless of focus. Defaults to `unfocused`.",

~~1056~~ 1056 },

1057Static HTTP headers included with each MCP HTTP request.1057 {

~~1058~~ 1058 key: "tui.animations",

1059Key1059 type: "boolean",

~~1060~~ 1060 description:

1061`mcp_servers.<id>.required`1061 "Enable terminal animations (welcome screen, shimmer, spinner) (default: true).",

~~1062~~ 1062 },

1063Type / Values1063 {

~~1064~~ 1064 key: "tui.alternate_screen",

1065`boolean`1065 type: "auto | always | never",

~~1066~~ 1066 description:

1067Details1067 "Control alternate screen usage for the TUI (default: auto; auto skips it in Zellij to preserve scrollback).",

~~1068~~ 1068 },

1069When true, fail startup/resume if this enabled MCP server cannot initialize.1069 {

~~1070~~ 1070 key: "tui.show_tooltips",

1071Key1071 type: "boolean",

~~1072~~ 1072 description:

1073`mcp_servers.<id>.startup_timeout_ms`1073 "Show onboarding tooltips in the TUI welcome screen (default: true).",

~~1074~~ 1074 },

1075Type / Values1075 {

~~1076~~ 1076 key: "tui.status_line",

1077`number`1077 type: "array<string> | null",

~~1078~~ 1078 description:

1079Details1079 "Ordered list of TUI footer status-line item identifiers. `null` disables the status line.",

~~1080~~ 1080 },

1081Alias for `startup_timeout_sec` in milliseconds.1081 {

~~1082~~ 1082 key: "tui.terminal_title",

1083Key1083 type: "array<string> | null",

~~1084~~ 1084 description:

1085`mcp_servers.<id>.startup_timeout_sec`1085 'Ordered list of terminal window/tab title item identifiers. Defaults to `["spinner", "project"]`; `null` disables title updates.',

~~1086~~ 1086 },

1087Type / Values1087 {

~~1088~~ 1088 key: "tui.theme",

1089`number`1089 type: "string",

~~1090~~ 1090 description:

1091Details1091 "Syntax-highlighting theme override (kebab-case theme name).",

~~1092~~ 1092 },

1093Override the default 10s startup timeout for an MCP server.1093 {

~~1094~~ 1094 key: "tui.keymap.<context>.<action>",

1095Key1095 type: "string | array<string>",

~~1096~~ 1096 description:

1097`mcp_servers.<id>.tool_timeout_sec`1097 "Keyboard shortcut binding for a TUI action. Supported contexts include `global`, `chat`, `composer`, `editor`, `pager`, `list`, and `approval`; context-specific bindings override `tui.keymap.global`.",

~~1098~~ 1098 },

1099Type / Values1099 {

~~1100~~ 1100 key: "tui.keymap.<context>.<action> = []",

1101`number`1101 type: "empty array",

~~1102~~ 1102 description:

1103Details1103 "Unbind the action in that keymap context. Key names use normalized strings such as `ctrl-a`, `shift-enter`, or `page-down`.",

~~1104~~ 1104 },

1105Override the default 60s per-tool timeout for an MCP server.1105 {

~~1106~~ 1106 key: "tui.model_availability_nux.<model>",

1107Key1107 type: "integer",

~~1108~~ 1108 description: "Internal startup-tooltip state keyed by model slug.",

1109`mcp_servers.<id>.url`1109 },

~~1110~~ 1110 {

1111Type / Values1111 key: "hide_agent_reasoning",

~~1112~~ 1112 type: "boolean",

1113`string`1113 description:

~~1114~~ 1114 "Suppress reasoning events in both the TUI and `codex exec` output.",

1115Details1115 },

~~1116~~ 1116 {

1117Endpoint for an MCP streamable HTTP server.1117 key: "show_raw_agent_reasoning",

~~1118~~ 1118 type: "boolean",

1119Key1119 description:

~~1120~~ 1120 "Surface raw reasoning content when the active model emits it.",

1121`model`1121 },

~~1122~~ 1122 {

1123Type / Values1123 key: "disable_paste_burst",

~~1124~~ 1124 type: "boolean",

1125`string`1125 description: "Disable burst-paste detection in the TUI.",

~~1126~~ 1126 },

1127Details1127 {

~~1128~~ 1128 key: "windows_wsl_setup_acknowledged",

1129Model to use (e.g., `gpt-5-codex`).1129 type: "boolean",

~~1130~~ 1130 description: "Track Windows onboarding acknowledgement (Windows only).",

1131Key1131 },

~~1132~~ 1132 {

1133`model_auto_compact_token_limit`1133 key: "chatgpt_base_url",

~~1134~~ 1134 type: "string",

1135Type / Values1135 description: "Override the base URL used during the ChatGPT login flow.",

~~1136~~ 1136 },

1137`number`1137 {

~~1138~~ 1138 key: "cli_auth_credentials_store",

1139Details1139 type: "file | keyring | auto",

~~1140~~ 1140 description:

1141Token threshold that triggers automatic history compaction (unset uses model defaults).1141 "Control where the CLI stores cached credentials (file-based auth.json vs OS keychain).",

~~1142~~ 1142 },

1143Key1143 {

~~1144~~ 1144 key: "mcp_oauth_credentials_store",

1145`model_catalog_json`1145 type: "auto | file | keyring",

~~1146~~ 1146 description: "Preferred store for MCP OAuth credentials.",

1147Type / Values1147 },

~~1148~~ 1148 {

1149`string (path)`1149 key: "mcp_oauth_callback_port",

~~1150~~ 1150 type: "integer",

1151Details1151 description:

~~1152~~ 1152 "Optional fixed port for the local HTTP callback server used during MCP OAuth login. When unset, Codex binds to an ephemeral port chosen by the OS.",

1153Optional path to a JSON model catalog loaded on startup. Profile-level `profiles.<name>.model_catalog_json` can override this per profile.1153 },

~~1154~~ 1154 {

1155Key1155 key: "mcp_oauth_callback_url",

~~1156~~ 1156 type: "string",

1157`model_context_window`1157 description:

~~1158~~ 1158 "Optional redirect URI override for MCP OAuth login (for example, a devbox ingress URL). `mcp_oauth_callback_port` still controls the callback listener port.",

1159Type / Values1159 },

~~1160~~ 1160 {

1161`number`1161 key: "experimental_use_unified_exec_tool",

~~1162~~ 1162 type: "boolean",

1163Details1163 description:

~~1164~~ 1164 "Legacy name for enabling unified exec; prefer `[features].unified_exec` or `codex --enable unified_exec`.",

1165Context window tokens available to the active model.1165 },

~~1166~~ 1166 {

1167Key1167 key: "tools.web_search",

~~1168~~ 1168 type: 'boolean | { context_size = "low|medium|high", allowed_domains = [string], location = { country, region, city, timezone } }',

1169`model_instructions_file`1169 description:

~~1170~~ 1170 "Optional web search tool configuration. The legacy boolean form is still accepted, but the object form lets you set search context size, allowed domains, and approximate user location.",

1171Type / Values1171 },

~~1172~~ 1172 {

1173`string (path)`1173 key: "tools.view_image",

~~1174~~ 1174 type: "boolean",

1175Details1175 description: "Enable the local-image attachment tool `view_image`.",

~~1176~~ 1176 },

1177Replacement for built-in instructions instead of `AGENTS.md`.1177 {

~~1178~~ 1178 key: "web_search",

1179Key1179 type: "disabled | cached | live",

~~1180~~ 1180 description:

1181`model_provider`1181 'Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool.',

~~1182~~ 1182 },

1183Type / Values1183 {

~~1184~~ 1184 key: "default_permissions",

1185`string`1185 type: "string",

~~1186~~ 1186 description:

1187Details1187 "Name of the default permissions profile to apply to sandboxed tool calls. Built-ins are `:read-only`, `:workspace`, and `:danger-no-sandbox`; custom profile names require matching `[permissions.<name>]` tables.",

~~1188~~ 1188 },

1189Provider id from `model_providers` (default: `openai`).1189 {

~~1190~~ 1190 key: "permissions.<name>.filesystem",

1191Key1191 type: "table",

~~1192~~ 1192 description:

1193`model_providers.<id>.base_url`1193 "Named filesystem permission profile. Each key is an absolute path or special token such as `:minimal` or `:project_roots`.",

~~1194~~ 1194 },

1195Type / Values1195 {

~~1196~~ 1196 key: "permissions.<name>.filesystem.glob_scan_max_depth",

1197`string`1197 type: "number",

~~1198~~ 1198 description:

1199Details1199 "Maximum depth for expanding deny-read glob patterns on platforms that snapshot matches before sandbox startup. Must be at least `1` when set.",

~~1200~~ 1200 },

1201API base URL for the model provider.1201 {

~~1202~~ 1202 key: "permissions.<name>.filesystem.<path-or-glob>",

1203Key1203 type: '"read" | "write" | "none" | table',

~~1204~~ 1204 description:

1205`model_providers.<id>.env_http_headers`1205 'Grant direct access for a path, glob pattern, or special token, or scope nested entries under that root. Use `"none"` to deny reads for matching paths.',

~~1206~~ 1206 },

1207Type / Values1207 {

~~1208~~ 1208 key: 'permissions.<name>.filesystem.":project_roots".<subpath-or-glob>',

1209`map<string,string>`1209 type: '"read" | "write" | "none"',

~~1210~~ 1210 description:

1211Details1211 'Scoped filesystem access relative to the detected project roots. Use `"."` for the root itself; glob subpaths such as `"**/*.env"` can deny reads with `"none"`.',

~~1212~~ 1212 },

1213HTTP headers populated from environment variables when present.1213 {

~~1214~~ 1214 key: "permissions.<name>.network.enabled",

1215Key1215 type: "boolean",

~~1216~~ 1216 description: "Enable network access for this named permissions profile.",

1217`model_providers.<id>.env_key`1217 },

~~1218~~ 1218 {

1219Type / Values1219 key: "permissions.<name>.network.proxy_url",

~~1220~~ 1220 type: "string",

1221`string`1221 description:

~~1222~~ 1222 "HTTP proxy endpoint used when this permissions profile enables the managed network proxy.",

1223Details1223 },

~~1224~~ 1224 {

1225Environment variable supplying the provider API key.1225 key: "permissions.<name>.network.enable_socks5",

~~1226~~ 1226 type: "boolean",

1227Key1227 description:

~~1228~~ 1228 "Expose a SOCKS5 listener when this permissions profile enables the managed network proxy.",

1229`model_providers.<id>.env_key_instructions`1229 },

~~1230~~ 1230 {

1231Type / Values1231 key: "permissions.<name>.network.socks_url",

~~1232~~ 1232 type: "string",

1233`string`1233 description: "SOCKS5 proxy endpoint used by this permissions profile.",

~~1234~~ 1234 },

1235Details1235 {

~~1236~~ 1236 key: "permissions.<name>.network.enable_socks5_udp",

1237Optional setup guidance for the provider API key.1237 type: "boolean",

~~1238~~ 1238 description: "Allow UDP over the SOCKS5 listener when enabled.",

1239Key1239 },

~~1240~~ 1240 {

1241`model_providers.<id>.experimental_bearer_token`1241 key: "permissions.<name>.network.allow_upstream_proxy",

~~1242~~ 1242 type: "boolean",

1243Type / Values1243 description:

~~1244~~ 1244 "Allow the managed proxy to chain to another upstream proxy.",

1245`string`1245 },

~~1246~~ 1246 {

1247Details1247 key: "permissions.<name>.network.dangerously_allow_non_loopback_proxy",

~~1248~~ 1248 type: "boolean",

1249Direct bearer token for the provider (discouraged; use `env_key`).1249 description:

~~1250~~ 1250 "Permit non-loopback bind addresses for the managed proxy listener.",

1251Key1251 },

~~1252~~ 1252 {

1253`model_providers.<id>.http_headers`1253 key: "permissions.<name>.network.dangerously_allow_all_unix_sockets",

~~1254~~ 1254 type: "boolean",

1255Type / Values1255 description:

~~1256~~ 1256 "Allow the proxy to use arbitrary Unix sockets instead of the default restricted set.",

1257`map<string,string>`1257 },

~~1258~~ 1258 {

1259Details1259 key: "permissions.<name>.network.mode",

~~1260~~ 1260 type: "limited | full",

1261Static HTTP headers added to provider requests.1261 description: "Network proxy mode used for subprocess traffic.",

~~1262~~ 1262 },

1263Key1263 {

~~1264~~ 1264 key: "permissions.<name>.network.domains",

1265`model_providers.<id>.name`1265 type: "map<string, allow | deny>",

~~1266~~ 1266 description:

1267Type / Values1267 "Domain rules for the managed proxy. Use domain names or wildcard patterns as keys, with `allow` or `deny` values.",

~~1268~~ 1268 },

1269`string`1269 {

~~1270~~ 1270 key: "permissions.<name>.network.unix_sockets",

1271Details1271 type: "map<string, allow | none>",

~~1272~~ 1272 description:

1273Display name for a custom model provider.1273 "Unix socket rules for the managed proxy. Use socket paths as keys, with `allow` or `none` values.",

~~1274~~ 1274 },

1275Key1275 {

~~1276~~ 1276 key: "permissions.<name>.network.allow_local_binding",

1277`model_providers.<id>.query_params`1277 type: "boolean",

~~1278~~ 1278 description:

1279Type / Values1279 "Permit local bind/listen operations through the managed proxy.",

~~1280~~ 1280 },

1281`map<string,string>`1281 {

~~1282~~ 1282 key: "projects.<path>.trust_level",

1283Details1283 type: "string",

~~1284~~ 1284 description:

1285Extra query parameters appended to provider requests.1285 'Mark a project or worktree as trusted or untrusted (`"trusted"` | `"untrusted"`). Untrusted projects skip project-scoped `.codex/` layers, including project-local config, hooks, and rules.',

~~1286~~ 1286 },

1287Key1287 {

~~1288~~ 1288 key: "notice.hide_full_access_warning",

1289`model_providers.<id>.request_max_retries`1289 type: "boolean",

~~1290~~ 1290 description: "Track acknowledgement of the full access warning prompt.",

1291Type / Values1291 },

~~1292~~ 1292 {

1293`number`1293 key: "notice.hide_world_writable_warning",

~~1294~~ 1294 type: "boolean",

1295Details1295 description:

~~1296~~ 1296 "Track acknowledgement of the Windows world-writable directories warning.",

1297Retry count for HTTP requests to the provider (default: 4).1297 },

~~1298~~ 1298 {

1299Key1299 key: "notice.hide_rate_limit_model_nudge",

~~1300~~ 1300 type: "boolean",

1301`model_providers.<id>.requires_openai_auth`1301 description: "Track opt-out of the rate limit model switch reminder.",

~~1302~~ 1302 },

1303Type / Values1303 {

~~1304~~ 1304 key: "notice.hide_gpt5_1_migration_prompt",

1305`boolean`1305 type: "boolean",

~~1306~~ 1306 description: "Track acknowledgement of the GPT-5.1 migration prompt.",

1307Details1307 },

~~1308~~ 1308 {

1309The provider uses OpenAI authentication (defaults to false).1309 key: "notice.hide_gpt-5.1-codex-max_migration_prompt",

~~1310~~ 1310 type: "boolean",

1311Key1311 description:

~~1312~~ 1312 "Track acknowledgement of the gpt-5.1-codex-max migration prompt.",

1313`model_providers.<id>.stream_idle_timeout_ms`1313 },

~~1314~~ 1314 {

1315Type / Values1315 key: "notice.model_migrations",

~~1316~~ 1316 type: "map<string,string>",

1317`number`1317 description: "Track acknowledged model migrations as old->new mappings.",

~~1318~~ 1318 },

1319Details1319 {

~~1320~~ 1320 key: "forced_login_method",

1321Idle timeout for SSE streams in milliseconds (default: 300000).1321 type: "chatgpt | api",

~~1322~~ 1322 description: "Restrict Codex to a specific authentication method.",

1323Key1323 },

~~1324~~ 1324 {

1325`model_providers.<id>.stream_max_retries`1325 key: "forced_chatgpt_workspace_id",

~~1326~~ 1326 type: "string (uuid)",

1327Type / Values1327 description: "Limit ChatGPT logins to a specific workspace identifier.",

~~1328~~ 1328 },

1329`number`1329 ]}

~~1330~~ 1330 client:load

1331Details1331/>

~~1332~~

1333Retry count for SSE streaming interruptions (default: 5).

~~1334~~

1335Key

~~1336~~

1337`model_providers.<id>.wire_api`

~~1338~~

1339Type / Values

~~1340~~

1341`chat | responses`

~~1342~~

1343Details

~~1344~~

1345Protocol used by the provider (defaults to `chat` if omitted).

~~1346~~

1347Key

~~1348~~

1349`model_reasoning_effort`

~~1350~~

1351Type / Values

~~1352~~

1353`minimal | low | medium | high | xhigh`

~~1354~~

1355Details

~~1356~~

1357Adjust reasoning effort for supported models (Responses API only; `xhigh` is model-dependent).

~~1358~~

1359Key

~~1360~~

1361`model_reasoning_summary`

~~1362~~

1363Type / Values

~~1364~~

1365`auto | concise | detailed | none`

~~1366~~

1367Details

~~1368~~

1369Select reasoning summary detail or disable summaries entirely.

~~1370~~

1371Key

~~1372~~

1373`model_supports_reasoning_summaries`

~~1374~~

1375Type / Values

~~1376~~

1377`boolean`

~~1378~~

1379Details

~~1380~~

1381Force Codex to send or not send reasoning metadata.

~~1382~~

1383Key

~~1384~~

1385`model_verbosity`

~~1386~~

1387Type / Values

~~1388~~

1389`low | medium | high`

~~1390~~

1391Details

~~1392~~

1393Control GPT-5 Responses API verbosity (defaults to `medium`).

~~1394~~

1395Key

~~1396~~

1397`notice.hide_full_access_warning`

~~1398~~

1399Type / Values

~~1400~~

1401`boolean`

~~1402~~

1403Details

~~1404~~

1405Track acknowledgement of the full access warning prompt.

~~1406~~

1407Key

~~1408~~

1409`notice.hide_gpt-5.1-codex-max_migration_prompt`

~~1410~~

1411Type / Values

~~1412~~

1413`boolean`

~~1414~~

1415Details

~~1416~~

1417Track acknowledgement of the gpt-5.1-codex-max migration prompt.

~~1418~~

1419Key

~~1420~~

1421`notice.hide_gpt5_1_migration_prompt`

~~1422~~

1423Type / Values

~~1424~~

1425`boolean`

~~1426~~

1427Details

~~1428~~

1429Track acknowledgement of the GPT-5.1 migration prompt.

~~1430~~

1431Key

~~1432~~

1433`notice.hide_rate_limit_model_nudge`

~~1434~~

1435Type / Values

~~1436~~

1437`boolean`

~~1438~~

1439Details

~~1440~~

1441Track opt-out of the rate limit model switch reminder.

~~1442~~

1443Key

~~1444~~

1445`notice.hide_world_writable_warning`

~~1446~~

1447Type / Values

~~1448~~

1449`boolean`

~~1450~~

1451Details

~~1452~~

1453Track acknowledgement of the Windows world-writable directories warning.

~~1454~~

1455Key

~~1456~~

1457`notice.model_migrations`

~~1458~~

1459Type / Values

~~1460~~

1461`map<string,string>`

~~1462~~

1463Details

~~1464~~

1465Track acknowledged model migrations as old->new mappings.

~~1466~~

1467Key

~~1468~~

1469`notify`

~~1470~~

1471Type / Values

~~1472~~

1473`array<string>`

~~1474~~

1475Details

~~1476~~

1477Command invoked for notifications; receives a JSON payload from Codex.

~~1478~~

1479Key

~~1480~~

1481`oss_provider`

~~1482~~

1483Type / Values

~~1484~~

1485`lmstudio | ollama`

~~1486~~

1487Details

~~1488~~

1489Default local provider used when running with `--oss` (defaults to prompting if unset).

~~1490~~

1491Key

~~1492~~

1493`otel.environment`

~~1494~~

1495Type / Values

~~1496~~

1497`string`

~~1498~~

1499Details

~~1500~~

1501Environment tag applied to emitted OpenTelemetry events (default: `dev`).

~~1502~~

1503Key

~~1504~~

1505`otel.exporter`

~~1506~~

1507Type / Values

~~1508~~

1509`none | otlp-http | otlp-grpc`

~~1510~~

1511Details

~~1512~~

1513Select the OpenTelemetry exporter and provide any endpoint metadata.

~~1514~~

1515Key

~~1516~~

1517`otel.exporter.<id>.endpoint`

~~1518~~

1519Type / Values

~~1520~~

1521`string`

~~1522~~

1523Details

~~1524~~

1525Exporter endpoint for OTEL logs.

~~1526~~

1527Key

~~1528~~

1529`otel.exporter.<id>.headers`

~~1530~~

1531Type / Values

~~1532~~

1533`map<string,string>`

~~1534~~

1535Details

~~1536~~

1537Static headers included with OTEL exporter requests.

~~1538~~

1539Key

~~1540~~

1541`otel.exporter.<id>.protocol`

~~1542~~

1543Type / Values

~~1544~~

1545`binary | json`

~~1546~~

1547Details

~~1548~~

1549Protocol used by the OTLP/HTTP exporter.

~~1550~~

1551Key

~~1552~~

1553`otel.exporter.<id>.tls.ca-certificate`

~~1554~~

1555Type / Values

~~1556~~

1557`string`

~~1558~~

1559Details

~~1560~~

1561CA certificate path for OTEL exporter TLS.

~~1562~~

1563Key

~~1564~~

1565`otel.exporter.<id>.tls.client-certificate`

~~1566~~

1567Type / Values

~~1568~~

1569`string`

~~1570~~

1571Details

~~1572~~

1573Client certificate path for OTEL exporter TLS.

~~1574~~

1575Key

~~1576~~

1577`otel.exporter.<id>.tls.client-private-key`

~~1578~~

1579Type / Values

~~1580~~

1581`string`

~~1582~~

1583Details

~~1584~~

1585Client private key path for OTEL exporter TLS.

~~1586~~

1587Key

~~1588~~

1589`otel.log_user_prompt`

~~1590~~

1591Type / Values

~~1592~~

1593`boolean`

~~1594~~

1595Details

~~1596~~

1597Opt in to exporting raw user prompts with OpenTelemetry logs.

~~1598~~

1599Key

~~1600~~

1601`otel.trace_exporter`

~~1602~~

1603Type / Values

~~1604~~

1605`none | otlp-http | otlp-grpc`

~~1606~~

1607Details

~~1608~~

1609Select the OpenTelemetry trace exporter and provide any endpoint metadata.

~~1610~~

1611Key

~~1612~~

1613`otel.trace_exporter.<id>.endpoint`

~~1614~~

1615Type / Values

~~1616~~

1617`string`

~~1618~~

1619Details

~~1620~~

1621Trace exporter endpoint for OTEL logs.

~~1622~~

1623Key

~~1624~~

1625`otel.trace_exporter.<id>.headers`

~~1626~~

1627Type / Values

~~1628~~

1629`map<string,string>`

~~1630~~

1631Details

~~1632~~

1633Static headers included with OTEL trace exporter requests.

~~1634~~

1635Key

~~1636~~

1637`otel.trace_exporter.<id>.protocol`

~~1638~~

1639Type / Values

~~1640~~

1641`binary | json`

~~1642~~

1643Details

~~1644~~

1645Protocol used by the OTLP/HTTP trace exporter.

~~1646~~

1647Key

~~1648~~

1649`otel.trace_exporter.<id>.tls.ca-certificate`

~~1650~~

1651Type / Values

~~1652~~

1653`string`

~~1654~~

1655Details

~~1656~~

1657CA certificate path for OTEL trace exporter TLS.

~~1658~~

1659Key

~~1660~~

1661`otel.trace_exporter.<id>.tls.client-certificate`

~~1662~~

1663Type / Values

~~1664~~

1665`string`

~~1666~~

1667Details

~~1668~~

1669Client certificate path for OTEL trace exporter TLS.

~~1670~~

1671Key

~~1672~~

1673`otel.trace_exporter.<id>.tls.client-private-key`

~~1674~~

1675Type / Values

~~1676~~

1677`string`

~~1678~~

1679Details

~~1680~~

1681Client private key path for OTEL trace exporter TLS.

~~1682~~

1683Key

~~1684~~

1685`personality`

~~1686~~

1687Type / Values

~~1688~~

1689`none | friendly | pragmatic`

~~1690~~

1691Details

~~1692~~

1693Default communication style for models that advertise `supportsPersonality`; can be overridden per thread/turn or via `/personality`.

~~1694~~

1695Key

~~1696~~

1697`profile`

~~1698~~

1699Type / Values

~~1700~~

1701`string`

~~1702~~

1703Details

~~1704~~

1705Default profile applied at startup (equivalent to `--profile`).

~~1706~~

1707Key

~~1708~~

1709`profiles.<name>.*`

~~1710~~

1711Type / Values

~~1712~~

1713`various`

~~1714~~

1715Details

~~1716~~

1717Profile-scoped overrides for any of the supported configuration keys.

~~1718~~

1719Key

~~1720~~

1721`profiles.<name>.experimental_use_freeform_apply_patch`

~~1722~~

1723Type / Values

~~1724~~

1725`boolean`

~~1726~~

1727Details

~~1728~~

1729Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.

~~1730~~

1731Key

~~1732~~

1733`profiles.<name>.experimental_use_unified_exec_tool`

~~1734~~

1735Type / Values

~~1736~~

1737`boolean`

~~1738~~

1739Details

~~1740~~

1741Legacy name for enabling unified exec; prefer `[features].unified_exec`.

~~1742~~

1743Key

~~1744~~

1745`profiles.<name>.include_apply_patch_tool`

~~1746~~

1747Type / Values

~~1748~~

1749`boolean`

~~1750~~

1751Details

~~1752~~

1753Legacy name for enabling freeform apply\_patch; prefer `[features].apply_patch_freeform`.

~~1754~~

1755Key

~~1756~~

1757`profiles.<name>.model_catalog_json`

~~1758~~

1759Type / Values

~~1760~~

1761`string (path)`

~~1762~~

1763Details

~~1764~~

1765Profile-scoped model catalog JSON path override (applied on startup only; overrides the top-level `model_catalog_json` for that profile).

~~1766~~

1767Key

~~1768~~

1769`profiles.<name>.oss_provider`

~~1770~~

1771Type / Values

~~1772~~

1773`lmstudio | ollama`

~~1774~~

1775Details

~~1776~~

1777Profile-scoped OSS provider for `--oss` sessions.

~~1778~~

1779Key

~~1780~~

1781`profiles.<name>.personality`

~~1782~~

1783Type / Values

~~1784~~

1785`none | friendly | pragmatic`

~~1786~~

1787Details

~~1788~~

1789Profile-scoped communication style override for supported models.

~~1790~~

1791Key

~~1792~~

1793`profiles.<name>.web_search`

~~1794~~

1795Type / Values

~~1796~~

1797`disabled | cached | live`

~~1798~~

1799Details

~~1800~~

1801Profile-scoped web search mode override (default: `"cached"`).

~~1802~~

1803Key

~~1804~~

1805`project_doc_fallback_filenames`

~~1806~~

1807Type / Values

~~1808~~

1809`array<string>`

~~1810~~

1811Details

~~1812~~

1813Additional filenames to try when `AGENTS.md` is missing.

~~1814~~

1815Key

~~1816~~

1817`project_doc_max_bytes`

~~1818~~

1819Type / Values

~~1820~~

1821`number`

~~1822~~

1823Details

~~1824~~

1825Maximum bytes read from `AGENTS.md` when building project instructions.

~~1826~~

1827Key

~~1828~~

1829`project_root_markers`

~~1830~~

1831Type / Values

~~1832~~

1833`array<string>`

~~1834~~

1835Details

~~1836~~

1837List of project root marker filenames; used when searching parent directories for the project root.

~~1838~~

1839Key

~~1840~~

1841`projects.<path>.trust_level`

~~1842~~

1843Type / Values

~~1844~~

1845`string`

~~1846~~

1847Details

~~1848~~

1849Mark a project or worktree as trusted or untrusted (`"trusted"` | `"untrusted"`). Untrusted projects skip project-scoped `.codex/` layers.

~~1850~~

1851Key

~~1852~~

1853`review_model`

~~1854~~

1855Type / Values

~~1856~~

1857`string`

~~1858~~

1859Details

~~1860~~

1861Optional model override used by `/review` (defaults to the current session model).

~~1862~~

1863Key

~~1864~~

1865`sandbox_mode`

~~1866~~

1867Type / Values

~~1868~~

1869`read-only | workspace-write | danger-full-access`

~~1870~~

1871Details

~~1872~~

1873Sandbox policy for filesystem and network access during command execution.

~~1874~~

1875Key

~~1876~~

1877`sandbox_workspace_write.exclude_slash_tmp`

~~1878~~

1879Type / Values

~~1880~~

1881`boolean`

~~1882~~

1883Details

~~1884~~

1885Exclude `/tmp` from writable roots in workspace-write mode.

~~1886~~

1887Key

~~1888~~

1889`sandbox_workspace_write.exclude_tmpdir_env_var`

~~1890~~

1891Type / Values

~~1892~~

1893`boolean`

~~1894~~

1895Details

~~1896~~

1897Exclude `$TMPDIR` from writable roots in workspace-write mode.

~~1898~~

1899Key

~~1900~~

1901`sandbox_workspace_write.network_access`

~~1902~~

1903Type / Values

~~1904~~

1905`boolean`

~~1906~~

1907Details

~~1908~~

1909Allow outbound network access inside the workspace-write sandbox.

~~1910~~

1911Key

~~1912~~

1913`sandbox_workspace_write.writable_roots`

~~1914~~

1915Type / Values

~~1916~~

1917`array<string>`

~~1918~~

1919Details

~~1920~~

1921Additional writable roots when `sandbox_mode = "workspace-write"`.

~~1922~~

1923Key

~~1924~~

1925`shell_environment_policy.exclude`

~~1926~~

1927Type / Values

~~1928~~

1929`array<string>`

~~1930~~

1931Details

~~1932~~

1933Glob patterns for removing environment variables after the defaults.

~~1934~~

1935Key

~~1936~~

1937`shell_environment_policy.experimental_use_profile`

~~1938~~

1939Type / Values

~~1940~~

1941`boolean`

~~1942~~

1943Details

~~1944~~

1945Use the user shell profile when spawning subprocesses.

~~1946~~

1947Key

~~1948~~

1949`shell_environment_policy.ignore_default_excludes`

~~1950~~

1951Type / Values

~~1952~~

1953`boolean`

~~1954~~

1955Details

~~1956~~

1957Keep variables containing KEY/SECRET/TOKEN before other filters run.

~~1958~~

1959Key

~~1960~~

1961`shell_environment_policy.include_only`

~~1962~~

1963Type / Values

~~1964~~

1965`array<string>`

~~1966~~

1967Details

~~1968~~

1969Whitelist of patterns; when set only matching variables are kept.

~~1970~~

1971Key

~~1972~~

1973`shell_environment_policy.inherit`

~~1974~~

1975Type / Values

~~1976~~

1977`all | core | none`

~~1978~~

1979Details

~~1980~~

1981Baseline environment inheritance when spawning subprocesses.

~~1982~~

1983Key

~~1984~~

1985`shell_environment_policy.set`

~~1986~~

1987Type / Values

~~1988~~

1989`map<string,string>`

~~1990~~

1991Details

~~1992~~

1993Explicit environment overrides injected into every subprocess.

~~1994~~

1995Key

~~1996~~

1997`show_raw_agent_reasoning`

~~1998~~

1999Type / Values

~~2000~~

2001`boolean`

~~2002~~

2003Details

~~2004~~

2005Surface raw reasoning content when the active model emits it.

~~2006~~

2007Key

~~2008~~

2009`skills.config`

~~2010~~

2011Type / Values

~~2012~~

2013`array<object>`

~~2014~~

2015Details

~~2016~~

2017Per-skill enablement overrides stored in config.toml.

~~2018~~

2019Key

~~2020~~

2021`skills.config.<index>.enabled`

~~2022~~

2023Type / Values

~~2024~~

2025`boolean`

~~2026~~

2027Details

~~2028~~

2029Enable or disable the referenced skill.

~~2030~~

2031Key

~~2032~~

2033`skills.config.<index>.path`

~~2034~~

2035Type / Values

~~2036~~

2037`string (path)`

~~2038~~

2039Details

~~2040~~

2041Path to a skill folder containing `SKILL.md`.

~~2042~~

2043Key

~~2044~~

2045`sqlite_home`

~~2046~~

2047Type / Values

~~2048~~

2049`string (path)`

~~2050~~

2051Details

~~2052~~

2053Directory where Codex stores the SQLite-backed state DB used by agent jobs and other resumable runtime state.

~~2054~~

2055Key

~~2056~~

2057`suppress_unstable_features_warning`

~~2058~~

2059Type / Values

~~2060~~

2061`boolean`

~~2062~~

2063Details

~~2064~~

2065Suppress the warning that appears when under-development feature flags are enabled.

~~2066~~

2067Key

~~2068~~

2069`tool_output_token_limit`

~~2070~~

2071Type / Values

~~2072~~

2073`number`

~~2074~~

2075Details

~~2076~~

2077Token budget for storing individual tool/function outputs in history.

~~2078~~

2079Key

~~2080~~

2081`tools.web_search`

~~2082~~

2083Type / Values

~~2084~~

2085`boolean`

~~2086~~

2087Details

~~2088~~

2089Deprecated legacy toggle for web search; prefer the top-level `web_search` setting.

~~2090~~

2091Key

~~2092~~

2093`tui`

~~2094~~

2095Type / Values

~~2096~~

2097`table`

~~2098~~

2099Details

~~2100~~

2101TUI-specific options such as enabling inline desktop notifications.

~~2102~~

2103Key

~~2104~~

2105`tui.alternate_screen`

~~2106~~

2107Type / Values

~~2108~~

2109`auto | always | never`

~~2110~~

2111Details

~~2112~~

2113Control alternate screen usage for the TUI (default: auto; auto skips it in Zellij to preserve scrollback).

~~2114~~

2115Key

~~2116~~

2117`tui.animations`

~~2118~~

2119Type / Values

~~2120~~

2121`boolean`

~~2122~~

2123Details

~~2124~~

2125Enable terminal animations (welcome screen, shimmer, spinner) (default: true).

~~2126~~

2127Key

~~2128~~

2129`tui.notification_method`

~~2130~~

2131Type / Values

~~2132~~

2133`auto | osc9 | bel`

~~2134~~

2135Details

~~2136~~

2137Notification method for unfocused terminal notifications (default: auto).

~~2138~~

2139Key

~~2140~~

2141`tui.notifications`

~~2142~~

2143Type / Values

~~2144~~

2145`boolean | array<string>`

~~2146~~

2147Details

~~2148~~

2149Enable TUI notifications; optionally restrict to specific event types.

~~2150~~

2151Key

~~2152~~

2153`tui.show_tooltips`

~~2154~~

2155Type / Values

~~2156~~

2157`boolean`

~~2158~~

2159Details

~~2160~~

2161Show onboarding tooltips in the TUI welcome screen (default: true).

~~2162~~

2163Key

~~2164~~

2165`tui.status_line`

~~2166~~

2167Type / Values

~~2168~~

2169`array<string> | null`

~~2170~~

2171Details

~~2172~~

2173Ordered list of TUI footer status-line item identifiers. `null` disables the status line.

~~2174~~

2175Key

~~2176~~

2177`web_search`

~~2178~~

2179Type / Values

~~2180~~

2181`disabled | cached | live`

~~2182~~

2183Details

~~2184~~

2185Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool.

~~2186~~

2187Key

~~2188~~

2189`windows_wsl_setup_acknowledged`

~~2190~~

2191Type / Values

~~2192~~

2193`boolean`

~~2194~~

2195Details

~~2196~~

2197Track Windows onboarding acknowledgement (Windows only).

~~2198~~

2199Key

~~2200~~

2201`windows.sandbox`

~~2202~~

2203Type / Values

~~2204~~

2205`unelevated | elevated`

~~2206~~

2207Details

~~2208~~

2209Windows-only native sandbox mode when running Codex natively on Windows.

~~2210~~

2211Expand to view all

2212 1332

2213You can find the latest JSON schema for `config.toml` [here](https://developers.openai.com/codex/config-schema.json).1333You can find the latest JSON schema for `config.toml` [here](https://developers.openai.com/codex/config-schema.json).

2214 1334

2227For ChatGPT Business and Enterprise users, Codex can also apply cloud-fetched1347For ChatGPT Business and Enterprise users, Codex can also apply cloud-fetched

2228requirements. See the security page for precedence details.1348requirements. See the security page for precedence details.

2229 1349

2230| Key | Type / Values | Details |1350Use `[features]` in `requirements.toml` to pin feature flags by the same

2231| --- | --- | --- |1351canonical keys that `config.toml` uses. Omitted keys remain unconstrained.

2232| `allowed_approval_policies` | `array<string>` | Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `reject`). |1352

2233| `allowed_sandbox_modes` | `array<string>` | Allowed values for `sandbox_mode`. |1353<ConfigTable

2234| `allowed_web_search_modes` | `array<string>` | Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`. |1354 options={[

2235| `mcp_servers` | `table` | Allowlist of MCP servers that may be enabled. Both the server name (`<id>`) and its identity must match for the MCP server to be enabled. Any configured MCP server not in the allowlist (or with a mismatched identity) is disabled. |1355 {

2236| `mcp_servers.<id>.identity` | `table` | Identity rule for a single MCP server. Set either `command` (stdio) or `url` (streamable HTTP). |1356 key: "allowed_approval_policies",

2237| `mcp_servers.<id>.identity.command` | `string` | Allow an MCP stdio server when its `mcp_servers.<id>.command` matches this command. |1357 type: "array<string>",

2238| `mcp_servers.<id>.identity.url` | `string` | Allow an MCP streamable HTTP server when its `mcp_servers.<id>.url` matches this URL. |1358 description:

2239| `rules` | `table` | Admin-enforced command rules merged with `.rules` files. Requirements rules must be restrictive. |1359 "Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `granular`).",

2240| `rules.prefix_rules` | `array<table>` | List of enforced prefix rules. Each rule must include `pattern` and `decision`. |1360 },

2241| `rules.prefix_rules[].decision` | `prompt | forbidden` | Required. Requirements rules can only prompt or forbid (not allow). |1361 {

2242| `rules.prefix_rules[].justification` | `string` | Optional non-empty rationale surfaced in approval prompts or rejection messages. |1362 key: "allowed_approvals_reviewers",

2243| `rules.prefix_rules[].pattern` | `array<table>` | Command prefix expressed as pattern tokens. Each token sets either `token` or `any_of`. |1363 type: "array<string>",

2244| `rules.prefix_rules[].pattern[].any_of` | `array<string>` | A list of allowed alternative tokens at this position. |1364 description:

2245| `rules.prefix_rules[].pattern[].token` | `string` | A single literal token at this position. |1365 "Allowed values for `approvals_reviewer`, such as `user` and `auto_review`.",

~~2246~~ 1366 },

2247Key1367 {

~~2248~~ 1368 key: "guardian_policy_config",

2249`allowed_approval_policies`1369 type: "string",

~~2250~~ 1370 description:

2251Type / Values1371 "Managed Markdown policy instructions for automatic review. This takes precedence over local `[auto_review].policy`. Blank values are ignored.",

~~2252~~ 1372 },

2253`array<string>`1373 {

~~2254~~ 1374 key: "allowed_sandbox_modes",

2255Details1375 type: "array<string>",

~~2256~~ 1376 description: "Allowed values for `sandbox_mode`.",

2257Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `reject`).1377 },

~~2258~~ 1378 {

2259Key1379 key: "remote_sandbox_config",

~~2260~~ 1380 type: "array<table>",

2261`allowed_sandbox_modes`1381 description:

~~2262~~ 1382 "Host-specific sandbox requirements. The first entry whose `hostname_patterns` match the resolved host name overrides top-level `allowed_sandbox_modes` for that requirements source. Host-specific entries currently override sandbox modes only.",

2263Type / Values1383 },

~~2264~~ 1384 {

2265`array<string>`1385 key: "remote_sandbox_config[].hostname_patterns",

~~2266~~ 1386 type: "array<string>",

2267Details1387 description:

~~2268~~ 1388 "Case-insensitive host name patterns. Supports `*` for any sequence of characters and `?` for one character.",

2269Allowed values for `sandbox_mode`.1389 },

~~2270~~ 1390 {

2271Key1391 key: "remote_sandbox_config[].allowed_sandbox_modes",

~~2272~~ 1392 type: "array<string>",

2273`allowed_web_search_modes`1393 description:

~~2274~~ 1394 "Allowed sandbox modes to apply when this host-specific entry matches.",

2275Type / Values1395 },

~~2276~~ 1396 {

2277`array<string>`1397 key: "allowed_web_search_modes",

~~2278~~ 1398 type: "array<string>",

2279Details1399 description:

~~2280~~ 1400 "Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`.",

2281Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`.1401 },

~~2282~~ 1402 {

2283Key1403 key: "features",

~~2284~~ 1404 type: "table",

2285`mcp_servers`1405 description:

~~2286~~ 1406 "Pinned feature values keyed by the canonical names from `config.toml`'s `[features]` table.",

2287Type / Values1407 },

~~2288~~ 1408 {

2289`table`1409 key: "features.<name>",

~~2290~~ 1410 type: "boolean",

2291Details1411 description:

~~2292~~ 1412 "Require a specific canonical feature key to stay enabled or disabled.",

2293Allowlist of MCP servers that may be enabled. Both the server name (`<id>`) and its identity must match for the MCP server to be enabled. Any configured MCP server not in the allowlist (or with a mismatched identity) is disabled.1413 },

~~2294~~ 1414 {

2295Key1415 key: "features.in_app_browser",

~~2296~~ 1416 type: "boolean",

2297`mcp_servers.<id>.identity`1417 description:

~~2298~~ 1418 "Set to `false` in `requirements.toml` to disable the in-app browser pane.",

2299Type / Values1419 },

~~2300~~ 1420 {

2301`table`1421 key: "features.browser_use",

~~2302~~ 1422 type: "boolean",

2303Details1423 description:

~~2304~~ 1424 "Set to `false` in `requirements.toml` to disable Browser Use and Browser Agent availability.",

2305Identity rule for a single MCP server. Set either `command` (stdio) or `url` (streamable HTTP).1425 },

~~2306~~ 1426 {

2307Key1427 key: "features.computer_use",

~~2308~~ 1428 type: "boolean",

2309`mcp_servers.<id>.identity.command`1429 description:

~~2310~~ 1430 "Set to `false` in `requirements.toml` to disable Computer Use availability and related install or enablement flows.",

2311Type / Values1431 },

~~2312~~ 1432 {

2313`string`1433 key: "hooks",

~~2314~~ 1434 type: "table",

2315Details1435 description:

~~2316~~ 1436 "Admin-enforced managed lifecycle hooks. Requires a managed hook directory and uses the same event schema as inline `[hooks]` in `config.toml`.",

2317Allow an MCP stdio server when its `mcp_servers.<id>.command` matches this command.1437 },

~~2318~~ 1438 {

2319Key1439 key: "hooks.managed_dir",

~~2320~~ 1440 type: "string (absolute path)",

2321`mcp_servers.<id>.identity.url`1441 description:

~~2322~~ 1442 "Directory containing managed hook scripts on macOS and Linux. Codex validates that it is absolute and exists before loading managed hooks.",

2323Type / Values1443 },

~~2324~~ 1444 {

2325`string`1445 key: "hooks.windows_managed_dir",

~~2326~~ 1446 type: "string (absolute path)",

2327Details1447 description:

~~2328~~ 1448 "Directory containing managed hook scripts on Windows. Codex validates that it is absolute and exists before loading managed hooks.",

2329Allow an MCP streamable HTTP server when its `mcp_servers.<id>.url` matches this URL.1449 },

~~2330~~ 1450 {

2331Key1451 key: "hooks.<Event>",

~~2332~~ 1452 type: "array<table>",

2333`rules`1453 description:

~~2334~~ 1454 "Matcher groups for a hook event such as `PreToolUse`, `PostToolUse`, `PermissionRequest`, `SessionStart`, `UserPromptSubmit`, or `Stop`.",

2335Type / Values1455 },

~~2336~~ 1456 {

2337`table`1457 key: "hooks.<Event>[].hooks",

~~2338~~ 1458 type: "array<table>",

2339Details1459 description:

~~2340~~ 1460 "Hook handlers for a matcher group. Command hooks are currently supported; prompt and agent hook handlers are parsed but skipped.",

2341Admin-enforced command rules merged with `.rules` files. Requirements rules must be restrictive.1461 },

~~2342~~ 1462 {

2343Key1463 key: "permissions.filesystem.deny_read",

~~2344~~ 1464 type: "array<string>",

2345`rules.prefix_rules`1465 description:

~~2346~~ 1466 "Admin-enforced filesystem read denials. Entries can be paths or glob patterns, and users cannot weaken them with local config.",

2347Type / Values1467 },

~~2348~~ 1468 {

2349`array<table>`1469 key: "mcp_servers",

~~2350~~ 1470 type: "table",

2351Details1471 description:

~~2352~~ 1472 "Allowlist of MCP servers that may be enabled. Both the server name (`<id>`) and its identity must match for the MCP server to be enabled. Any configured MCP server not in the allowlist (or with a mismatched identity) is disabled.",

2353List of enforced prefix rules. Each rule must include `pattern` and `decision`.1473 },

~~2354~~ 1474 {

2355Key1475 key: "mcp_servers.<id>.identity",

~~2356~~ 1476 type: "table",

2357`rules.prefix_rules[].decision`1477 description:

~~2358~~ 1478 "Identity rule for a single MCP server. Set either `command` (stdio) or `url` (streamable HTTP).",

2359Type / Values1479 },

~~2360~~ 1480 {

2361`prompt | forbidden`1481 key: "mcp_servers.<id>.identity.command",

~~2362~~ 1482 type: "string",

2363Details1483 description:

~~2364~~ 1484 "Allow an MCP stdio server when its `mcp_servers.<id>.command` matches this command.",

2365Required. Requirements rules can only prompt or forbid (not allow).1485 },

~~2366~~ 1486 {

2367Key1487 key: "mcp_servers.<id>.identity.url",

~~2368~~ 1488 type: "string",

2369`rules.prefix_rules[].justification`1489 description:

~~2370~~ 1490 "Allow an MCP streamable HTTP server when its `mcp_servers.<id>.url` matches this URL.",

2371Type / Values1491 },

~~2372~~ 1492 {

2373`string`1493 key: "rules",

~~2374~~ 1494 type: "table",

2375Details1495 description:

~~2376~~ 1496 "Admin-enforced command rules merged with `.rules` files. Requirements rules must be restrictive.",

2377Optional non-empty rationale surfaced in approval prompts or rejection messages.1497 },

~~2378~~ 1498 {

2379Key1499 key: "rules.prefix_rules",

~~2380~~ 1500 type: "array<table>",

2381`rules.prefix_rules[].pattern`1501 description:

~~2382~~ 1502 "List of enforced prefix rules. Each rule must include `pattern` and `decision`.",

2383Type / Values1503 },

~~2384~~ 1504 {

2385`array<table>`1505 key: "rules.prefix_rules[].pattern",

~~2386~~ 1506 type: "array<table>",

2387Details1507 description:

~~2388~~ 1508 "Command prefix expressed as pattern tokens. Each token sets either `token` or `any_of`.",

2389Command prefix expressed as pattern tokens. Each token sets either `token` or `any_of`.1509 },

~~2390~~ 1510 {

2391Key1511 key: "rules.prefix_rules[].pattern[].token",

~~2392~~ 1512 type: "string",

2393`rules.prefix_rules[].pattern[].any_of`1513 description: "A single literal token at this position.",

~~2394~~ 1514 },

2395Type / Values1515 {

~~2396~~ 1516 key: "rules.prefix_rules[].pattern[].any_of",

2397`array<string>`1517 type: "array<string>",

~~2398~~ 1518 description: "A list of allowed alternative tokens at this position.",

2399Details1519 },

~~2400~~ 1520 {

2401A list of allowed alternative tokens at this position.1521 key: "rules.prefix_rules[].decision",

~~2402~~ 1522 type: "prompt | forbidden",

2403Key1523 description:

~~2404~~ 1524 "Required. Requirements rules can only prompt or forbid (not allow).",

2405`rules.prefix_rules[].pattern[].token`1525 },

~~2406~~ 1526 {

2407Type / Values1527 key: "rules.prefix_rules[].justification",

~~2408~~ 1528 type: "string",

2409`string`1529 description:

~~2410~~ 1530 "Optional non-empty rationale surfaced in approval prompts or rejection messages.",

2411Details1531 },

~~2412~~ 1532 ]}

2413A single literal token at this position.1533 client:load

~~2414~~ 1534/>

2415Expand to view all

config-reference.md Codex Docs, 2026-03-05 06:22 UTC → 2026-05-07 20:02 UTC