config-sample.md +74 −17
7- [Config basics](https://developers.openai.com/codex/config-basic)7- [Config basics](https://developers.openai.com/codex/config-basic)
8- [Advanced Config](https://developers.openai.com/codex/config-advanced)8- [Advanced Config](https://developers.openai.com/codex/config-advanced)
9- [Config Reference](https://developers.openai.com/codex/config-reference)9- [Config Reference](https://developers.openai.com/codex/config-reference)
10- [Sandbox and approvals](https://developers.openai.com/codex/security#sandbox-and-approvals)
11- [Managed configuration](https://developers.openai.com/codex/security#managed-configuration)
10 12
11Use the snippet below as a reference. Copy only the keys and sections you need into `~/.codex/config.toml` (or into a project-scoped `.codex/config.toml`), then adjust values for your setup.13Use the snippet below as a reference. Copy only the keys and sections you need into `~/.codex/config.toml` (or into a project-scoped `.codex/config.toml`), then adjust values for your setup.
12 14
47# model_context_window = 128000 # tokens; default: auto for model49# model_context_window = 128000 # tokens; default: auto for model
48# model_auto_compact_token_limit = 0 # tokens; unset uses model defaults50# model_auto_compact_token_limit = 0 # tokens; unset uses model defaults
49# tool_output_token_limit = 10000 # tokens stored per tool output; default: 10000 for gpt-5.2-codex51# tool_output_token_limit = 10000 # tokens stored per tool output; default: 10000 for gpt-5.2-codex
52# model_catalog_json = "/absolute/path/to/models.json" # optional startup-only model catalog override
53# background_terminal_max_timeout = 300000 # ms; max empty write_stdin poll window (default 5m)
50# log_dir = "/absolute/path/to/codex-logs" # directory for Codex logs; default: "$CODEX_HOME/log"54# log_dir = "/absolute/path/to/codex-logs" # directory for Codex logs; default: "$CODEX_HOME/log"
51 55
52################################################################################56################################################################################
105# - untrusted: only known-safe read-only commands auto-run; others prompt109# - untrusted: only known-safe read-only commands auto-run; others prompt
106# - on-request: model decides when to ask (default)110# - on-request: model decides when to ask (default)
107# - never: never prompt (risky)111# - never: never prompt (risky)
112# - { reject = { ... } }: auto-reject selected prompt categories
108approval_policy = "on-request"113approval_policy = "on-request"
114# Example granular auto-reject policy:
115# approval_policy = { reject = { sandbox_approval = true, rules = false, mcp_elicitations = false } }
116
117# Allow login-shell semantics for shell-based tools when they request `login = true`.
118# Default: true. Set false to force non-login shells and reject explicit login-shell requests.
119allow_login_shell = true
109 120
110# Filesystem/network sandbox policy for tool calls:121# Filesystem/network sandbox policy for tool calls:
111# - read-only (default)122# - read-only (default)
136# Optional fixed port for MCP OAuth callback: 1-65535. Default: unset.147# Optional fixed port for MCP OAuth callback: 1-65535. Default: unset.
137# mcp_oauth_callback_port = 4321148# mcp_oauth_callback_port = 4321
138 149
150# Optional redirect URI override for MCP OAuth login (for example, remote devbox ingress).
151# Custom callback paths are supported. `mcp_oauth_callback_port` still controls the listener port.
152# mcp_oauth_callback_url = "https://devbox.example.internal/callback"
153
139################################################################################154################################################################################
140# Project Documentation Controls155# Project Documentation Controls
141################################################################################156################################################################################
192# Active profile name. When unset, no profile is applied.207# Active profile name. When unset, no profile is applied.
193# profile = "default"208# profile = "default"
194 209
210################################################################################
211# Agents (multi-agent roles and limits)
212################################################################################
213
214# [agents]
215# Maximum concurrently open agent threads. Default: 6
216# max_threads = 6
217# Maximum nested spawn depth. Root session starts at depth 0. Default: 1
218# max_depth = 1
219
220# [agents.reviewer]
221# description = "Find security, correctness, and test risks in code."
222# config_file = "./agents/reviewer.toml" # relative to the config.toml that defines it
223
195################################################################################224################################################################################
196# Skills (per-skill overrides)225# Skills (per-skill overrides)
197################################################################################226################################################################################
274# Control alternate screen usage (auto skips it in Zellij to preserve scrollback).303# Control alternate screen usage (auto skips it in Zellij to preserve scrollback).
275# alternate_screen = "auto"304# alternate_screen = "auto"
276 305
277306# Ordered list of footer status-line item IDs. Default: null (disabled).# Ordered list of footer status-line item IDs. When unset, Codex uses:
307# ["model-with-reasoning", "context-remaining", "current-dir"].
308# Set to [] to hide the footer.
278# status_line = ["model", "context-remaining", "git-branch"]309# status_line = ["model", "context-remaining", "git-branch"]
279 310
311# Syntax-highlighting theme (kebab-case). Use /theme in the TUI to preview and save.
312# You can also add custom .tmTheme files under $CODEX_HOME/themes.
313# theme = "catppuccin-mocha"
314
280# Control whether users can submit feedback from `/feedback`. Default: true315# Control whether users can submit feedback from `/feedback`. Default: true
281[feedback]316[feedback]
282enabled = true317enabled = true
299 334
300[features]335[features]
301# Leave this table empty to accept defaults. Set explicit booleans to opt in/out.336# Leave this table empty to accept defaults. Set explicit booleans to opt in/out.
302337shell_tool = true# shell_tool = true
303# apps = false338# apps = false
304# apps_mcp_gateway = false339# apps_mcp_gateway = false
305# Deprecated legacy toggles; prefer the top-level `web_search` setting.
306# web_search = false
307# web_search_cached = false340# web_search_cached = false
308# web_search_request = false341# web_search_request = false
309342unified_exec = false# unified_exec = false
310343shell_snapshot = false# shell_snapshot = false
311344apply_patch_freeform = false# apply_patch_freeform = false
345# multi_agent = false
312# search_tool = false346# search_tool = false
313# personality = true347# personality = true
314348request_rule = true# request_rule = true
315349collaboration_modes = true# collaboration_modes = true
316350use_linux_sandbox_bwrap = false# use_linux_sandbox_bwrap = false
317351experimental_windows_sandbox = false# remote_models = false
318352elevated_windows_sandbox = false# runtime_metrics = false
319353remote_models = false# powershell_utf8 = true
320354runtime_metrics = false# child_agents_md = false
321powershell_utf8 = true
322child_agents_md = false
323 355
324################################################################################356################################################################################
325# Define MCP servers under this table. Leave empty to disable.357# Define MCP servers under this table. Leave empty to disable.
409# model_verbosity = "medium"441# model_verbosity = "medium"
410# personality = "friendly" # or "pragmatic" or "none"442# personality = "friendly" # or "pragmatic" or "none"
411# chatgpt_base_url = "https://chatgpt.com/backend-api/"443# chatgpt_base_url = "https://chatgpt.com/backend-api/"
444# model_catalog_json = "./models.json"
412# experimental_compact_prompt_file = "./compact_prompt.txt"445# experimental_compact_prompt_file = "./compact_prompt.txt"
413# include_apply_patch_tool = false446# include_apply_patch_tool = false
414# experimental_use_unified_exec_tool = false447# experimental_use_unified_exec_tool = false
422 455
423# Optional per-app controls.456# Optional per-app controls.
424[apps]457[apps]
458# [_default] applies to all apps unless overridden per app.
459# [apps._default]
460# enabled = true
461# destructive_enabled = true
462# open_world_enabled = true
463#
425# [apps.google_drive]464# [apps.google_drive]
426# enabled = false465# enabled = false
427466# disabled_reason = "user" # or "unknown"# destructive_enabled = false # block destructive-hint tools for this app
467# default_tools_enabled = true
468# default_tools_approval_mode = "prompt" # auto | prompt | approve
469#
470# [apps.google_drive.tools."files/delete"]
471# enabled = false
472# approval_mode = "approve"
428 473
429################################################################################474################################################################################
430# Projects (trust levels)475# Projects (trust levels)
475# client-certificate = "/etc/codex/certs/client.pem"520# client-certificate = "/etc/codex/certs/client.pem"
476# client-private-key = "/etc/codex/certs/client-key.pem"521# client-private-key = "/etc/codex/certs/client-key.pem"
477```522```
523
524################################################################################
525
526# Windows
527
528################################################################################
529
530[windows]
531
532# Native Windows sandbox mode (Windows only): unelevated | elevated
533
534sandbox = "unelevated"