config-sample.md +82 −18
7- [Config basics](https://developers.openai.com/codex/config-basic)7- [Config basics](https://developers.openai.com/codex/config-basic)
8- [Advanced Config](https://developers.openai.com/codex/config-advanced)8- [Advanced Config](https://developers.openai.com/codex/config-advanced)
9- [Config Reference](https://developers.openai.com/codex/config-reference)9- [Config Reference](https://developers.openai.com/codex/config-reference)
10- [Sandbox and approvals](https://developers.openai.com/codex/security#sandbox-and-approvals)
11- [Managed configuration](https://developers.openai.com/codex/security#managed-configuration)
10 12
11Use the snippet below as a reference. Copy only the keys and sections you need into `~/.codex/config.toml` (or into a project-scoped `.codex/config.toml`), then adjust values for your setup.13Use the snippet below as a reference. Copy only the keys and sections you need into `~/.codex/config.toml` (or into a project-scoped `.codex/config.toml`), then adjust values for your setup.
12 14
47# model_context_window = 128000 # tokens; default: auto for model49# model_context_window = 128000 # tokens; default: auto for model
48# model_auto_compact_token_limit = 0 # tokens; unset uses model defaults50# model_auto_compact_token_limit = 0 # tokens; unset uses model defaults
49# tool_output_token_limit = 10000 # tokens stored per tool output; default: 10000 for gpt-5.2-codex51# tool_output_token_limit = 10000 # tokens stored per tool output; default: 10000 for gpt-5.2-codex
52# model_catalog_json = "/absolute/path/to/models.json" # optional startup-only model catalog override
53# background_terminal_max_timeout = 300000 # ms; max empty write_stdin poll window (default 5m)
50# log_dir = "/absolute/path/to/codex-logs" # directory for Codex logs; default: "$CODEX_HOME/log"54# log_dir = "/absolute/path/to/codex-logs" # directory for Codex logs; default: "$CODEX_HOME/log"
55# sqlite_home = "/absolute/path/to/codex-state" # optional SQLite-backed runtime state directory
51 56
52################################################################################57################################################################################
53# Reasoning & Verbosity (Responses API capable models)58# Reasoning & Verbosity (Responses API capable models)
105# - untrusted: only known-safe read-only commands auto-run; others prompt110# - untrusted: only known-safe read-only commands auto-run; others prompt
106# - on-request: model decides when to ask (default)111# - on-request: model decides when to ask (default)
107# - never: never prompt (risky)112# - never: never prompt (risky)
113# - { reject = { ... } }: auto-reject selected prompt categories
108approval_policy = "on-request"114approval_policy = "on-request"
115# Example granular auto-reject policy:
116# approval_policy = { reject = { sandbox_approval = true, rules = false, mcp_elicitations = false } }
117
118# Allow login-shell semantics for shell-based tools when they request `login = true`.
119# Default: true. Set false to force non-login shells and reject explicit login-shell requests.
120allow_login_shell = true
109 121
110# Filesystem/network sandbox policy for tool calls:122# Filesystem/network sandbox policy for tool calls:
111# - read-only (default)123# - read-only (default)
113# - danger-full-access (no sandbox; extremely risky)125# - danger-full-access (no sandbox; extremely risky)
114sandbox_mode = "read-only"126sandbox_mode = "read-only"
115 127
128[windows]
129# Native Windows sandbox mode (Windows only): unelevated | elevated
130sandbox = "unelevated"
131
116################################################################################132################################################################################
117# Authentication & Login133# Authentication & Login
118################################################################################134################################################################################
136# Optional fixed port for MCP OAuth callback: 1-65535. Default: unset.152# Optional fixed port for MCP OAuth callback: 1-65535. Default: unset.
137# mcp_oauth_callback_port = 4321153# mcp_oauth_callback_port = 4321
138 154
155# Optional redirect URI override for MCP OAuth login (for example, remote devbox ingress).
156# Custom callback paths are supported. `mcp_oauth_callback_port` still controls the listener port.
157# mcp_oauth_callback_url = "https://devbox.example.internal/callback"
158
139################################################################################159################################################################################
140# Project Documentation Controls160# Project Documentation Controls
141################################################################################161################################################################################
192# Active profile name. When unset, no profile is applied.212# Active profile name. When unset, no profile is applied.
193# profile = "default"213# profile = "default"
194 214
215################################################################################
216# Agents (multi-agent roles and limits)
217################################################################################
218
219# [agents]
220# Maximum concurrently open agent threads. Default: 6
221# max_threads = 6
222# Maximum nested spawn depth. Root session starts at depth 0. Default: 1
223# max_depth = 1
224# Default timeout per worker for spawn_agents_on_csv jobs. When unset, the tool defaults to 1800 seconds.
225# job_max_runtime_seconds = 1800
226
227# [agents.reviewer]
228# description = "Find security, correctness, and test risks in code."
229# config_file = "./agents/reviewer.toml" # relative to the config.toml that defines it
230
195################################################################################231################################################################################
196# Skills (per-skill overrides)232# Skills (per-skill overrides)
197################################################################################233################################################################################
198 234
199# Disable or re-enable a specific skill without deleting it.235# Disable or re-enable a specific skill without deleting it.
200[[skills.config]]236[[skills.config]]
201237# path = "/path/to/skill"# path = "/path/to/skill/SKILL.md"
202# enabled = false238# enabled = false
203 239
204################################################################################240################################################################################
274# Control alternate screen usage (auto skips it in Zellij to preserve scrollback).310# Control alternate screen usage (auto skips it in Zellij to preserve scrollback).
275# alternate_screen = "auto"311# alternate_screen = "auto"
276 312
277313# Ordered list of footer status-line item IDs. Default: null (disabled).# Ordered list of footer status-line item IDs. When unset, Codex uses:
314# ["model-with-reasoning", "context-remaining", "current-dir"].
315# Set to [] to hide the footer.
278# status_line = ["model", "context-remaining", "git-branch"]316# status_line = ["model", "context-remaining", "git-branch"]
279 317
318# Syntax-highlighting theme (kebab-case). Use /theme in the TUI to preview and save.
319# You can also add custom .tmTheme files under $CODEX_HOME/themes.
320# theme = "catppuccin-mocha"
321
280# Control whether users can submit feedback from `/feedback`. Default: true322# Control whether users can submit feedback from `/feedback`. Default: true
281[feedback]323[feedback]
282enabled = true324enabled = true
299 341
300[features]342[features]
301# Leave this table empty to accept defaults. Set explicit booleans to opt in/out.343# Leave this table empty to accept defaults. Set explicit booleans to opt in/out.
302344shell_tool = true# shell_tool = true
303# apps = false345# apps = false
304# apps_mcp_gateway = false346# apps_mcp_gateway = false
305# Deprecated legacy toggles; prefer the top-level `web_search` setting.
306# web_search = false
307# web_search_cached = false347# web_search_cached = false
308# web_search_request = false348# web_search_request = false
309349unified_exec = false# unified_exec = false
310350shell_snapshot = false# shell_snapshot = false
311351apply_patch_freeform = false# apply_patch_freeform = false
352# multi_agent = false
312# search_tool = false353# search_tool = false
313# personality = true354# personality = true
314355request_rule = true# request_rule = true
315356collaboration_modes = true# collaboration_modes = true
316357use_linux_sandbox_bwrap = false# use_linux_sandbox_bwrap = false
317358experimental_windows_sandbox = false# remote_models = false
318359elevated_windows_sandbox = false# runtime_metrics = false
319360remote_models = false# powershell_utf8 = true
320361runtime_metrics = false# child_agents_md = false
321powershell_utf8 = true
322child_agents_md = false
323 362
324################################################################################363################################################################################
325# Define MCP servers under this table. Leave empty to disable.364# Define MCP servers under this table. Leave empty to disable.
409# model_verbosity = "medium"448# model_verbosity = "medium"
410# personality = "friendly" # or "pragmatic" or "none"449# personality = "friendly" # or "pragmatic" or "none"
411# chatgpt_base_url = "https://chatgpt.com/backend-api/"450# chatgpt_base_url = "https://chatgpt.com/backend-api/"
451# model_catalog_json = "./models.json"
412# experimental_compact_prompt_file = "./compact_prompt.txt"452# experimental_compact_prompt_file = "./compact_prompt.txt"
413# include_apply_patch_tool = false453# include_apply_patch_tool = false
414# experimental_use_unified_exec_tool = false454# experimental_use_unified_exec_tool = false
422 462
423# Optional per-app controls.463# Optional per-app controls.
424[apps]464[apps]
465# [_default] applies to all apps unless overridden per app.
466# [apps._default]
467# enabled = true
468# destructive_enabled = true
469# open_world_enabled = true
470#
425# [apps.google_drive]471# [apps.google_drive]
426# enabled = false472# enabled = false
427473# disabled_reason = "user" # or "unknown"# destructive_enabled = false # block destructive-hint tools for this app
474# default_tools_enabled = true
475# default_tools_approval_mode = "prompt" # auto | prompt | approve
476#
477# [apps.google_drive.tools."files/delete"]
478# enabled = false
479# approval_mode = "approve"
428 480
429################################################################################481################################################################################
430# Projects (trust levels)482# Projects (trust levels)
475# client-certificate = "/etc/codex/certs/client.pem"527# client-certificate = "/etc/codex/certs/client.pem"
476# client-private-key = "/etc/codex/certs/client-key.pem"528# client-private-key = "/etc/codex/certs/client-key.pem"
477```529```
530
531################################################################################
532
533# Windows
534
535################################################################################
536
537[windows]
538
539# Native Windows sandbox mode (Windows only): unelevated | elevated
540
541sandbox = "unelevated"