windows.md +18 −1
1# Windows1# Windows
2 2
33The easiest way to use Codex on Windows is to [set up the IDE extension](https://developers.openai.com/codex/ide) or [install the CLI](https://developers.openai.com/codex/cli) and run it from PowerShell.The easiest way to use Codex on Windows is to use the [Codex app](https://developers.openai.com/codex/app/windows). You can also [set up the IDE extension](https://developers.openai.com/codex/ide) or [install the CLI](https://developers.openai.com/codex/cli) and run it from PowerShell.
4
5[
6
7Use the Codex app on Windows
8
9Work across projects, run parallel agent threads, and review results in one place with the native Windows app.](https://developers.openai.com/codex/app/windows)
4 10
5When you run Codex natively on Windows, agent mode uses a [Windows sandbox](#windows-sandbox) to block filesystem writes outside the working folder and prevent network access without your explicit approval. [Learn more below](#windows-sandbox).11When you run Codex natively on Windows, agent mode uses a [Windows sandbox](#windows-sandbox) to block filesystem writes outside the working folder and prevent network access without your explicit approval. [Learn more below](#windows-sandbox).
6 12
20- Uses a Restricted Token approach with filesystem ACLs to limit which files the sandbox can write to.26- Uses a Restricted Token approach with filesystem ACLs to limit which files the sandbox can write to.
21- Runs commands as a dedicated Windows Sandbox User.27- Runs commands as a dedicated Windows Sandbox User.
22- Limits network access by installing Windows Firewall rules.28- Limits network access by installing Windows Firewall rules.
29- Uses a private desktop by default for stronger UI isolation. Set `windows.sandbox_private_desktop = false` only if you need the older `Winsta0\\Default` behavior for compatibility.
30
31### Sandbox permissions
32
33Running Codex in full access mode means Codex is not limited to your project
34 directory and might perform unintentional destructive actions that can lead to
35 data loss. For safer automation, keep sandbox boundaries in place and use
36 [rules](https://developers.openai.com/codex/rules) for specific exceptions, or set your [approval policy to
37 never](https://developers.openai.com/codex/agent-approvals-security#run-without-approval-prompts) to have
38 Codex attempt to solve problems without asking for escalated permissions,
39 based on your [approval and security setup](https://developers.openai.com/codex/agent-approvals-security).
23 40
24### Grant sandbox read access41### Grant sandbox read access
25 42