How to read this reference
This page catalogs every documented Codex CLI command and flag. Use the interactive tables to search by key or description. Each section indicates whether the option is stable or experimental and calls out risky combinations.
The CLI inherits most defaults from ~/.codex/config.toml. Any
-c key=value overrides you pass at the command line take precedence
for that invocation. Check out the Codex configuration
page for more information.
Global flags
| Key | Type / Values | Details |
|---|---|---|
PROMPT | string | Optional text instruction to start the session. Omit to launch the TUI without a pre-filled message. |
--image, -i | path[,path...] | Attach one or more image files to the initial prompt. Separate multiple paths with commas or repeat the flag. |
--model, -m | string | Override the model set in configuration (for example `gpt-5-codex`). |
--oss | boolean | Use the local open source model provider (equivalent to `-c model_provider="oss"`). Validates that Ollama is running. |
--profile, -p | string | Configuration profile name to load from `~/.codex/config.toml`. |
--sandbox, -s | read-only | workspace-write | danger-full-access | Select the sandbox policy for model-generated shell commands. |
--ask-for-approval, -a | untrusted | on-failure | on-request | never | Control when Codex pauses for human approval before running a command. |
--full-auto | boolean | Shortcut for unattended local work: sets `--ask-for-approval on-failure` and `--sandbox workspace-write`. |
--dangerously-bypass-approvals-and-sandbox, --yolo | boolean | Run every command without approvals or sandboxing. Only use inside an externally hardened environment. |
--cd, -C | path | Set the working directory for the agent before it starts processing your request. |
--search | boolean | Enable web search. When true, the agent can call the `web_search` tool without asking every time. |
--add-dir | path | Grant additional directories write access alongside the main workspace. Repeat for multiple paths. |
--enable | feature | Force-enable a feature flag (translates to `-c features.<name>=true`). Repeatable. |
--disable | feature | Force-disable a feature flag (translates to `-c features.<name>=false`). Repeatable. |
--config, -c | key=value | Override configuration values. Values parse as JSON if possible; otherwise the literal string is used. |
PROMPTstringOptional text instruction to start the session. Omit to launch the TUI without a pre-filled message.
--image, -ipath[,path...]Attach one or more image files to the initial prompt. Separate multiple paths with commas or repeat the flag.
--model, -mstringOverride the model set in configuration (for example `gpt-5-codex`).
--ossbooleanUse the local open source model provider (equivalent to `-c model_provider="oss"`). Validates that Ollama is running.
--profile, -pstringConfiguration profile name to load from `~/.codex/config.toml`.
--sandbox, -sread-only | workspace-write | danger-full-accessSelect the sandbox policy for model-generated shell commands.
--ask-for-approval, -auntrusted | on-failure | on-request | neverControl when Codex pauses for human approval before running a command.
--full-autobooleanShortcut for unattended local work: sets `--ask-for-approval on-failure` and `--sandbox workspace-write`.
--dangerously-bypass-approvals-and-sandbox, --yolobooleanRun every command without approvals or sandboxing. Only use inside an externally hardened environment.
--cd, -CpathSet the working directory for the agent before it starts processing your request.
--searchbooleanEnable web search. When true, the agent can call the `web_search` tool without asking every time.
--add-dirpathGrant additional directories write access alongside the main workspace. Repeat for multiple paths.
--enablefeatureForce-enable a feature flag (translates to `-c features.<name>=true`). Repeatable.
--disablefeatureForce-disable a feature flag (translates to `-c features.<name>=false`). Repeatable.
--config, -ckey=valueOverride configuration values. Values parse as JSON if possible; otherwise the literal string is used.
These options apply to the base codex command and propagate to subcommands unless a section below specifies otherwise.
Command overview
| Key | Type / Values | Details |
|---|---|---|
codex | stable | Launch the terminal UI. Accepts the global flags above plus an optional prompt or image attachments. |
codex exec | stable | Run Codex non-interactively. Alias: `codex e`. Stream results to stdout or JSONL and optionally resume previous sessions. |
codex login | stable | Authenticate Codex using ChatGPT OAuth, device auth, or an API key piped over stdin. |
codex logout | stable | Remove stored authentication credentials. |
codex resume | stable | Continue a previous interactive session by ID or resume the most recent conversation. |
codex apply | stable | Apply the latest diff generated by a Codex Cloud task to your local working tree. Alias: `codex a`. |
codex sandbox | platform-specific | Run arbitrary commands inside Codex-provided macOS seatbelt or Linux landlock sandboxes. |
codex completion | stable | Generate shell completion scripts for Bash, Zsh, Fish, or PowerShell. |
codex mcp | experimental | Manage Model Context Protocol servers (list, add, remove, authenticate). |
codex mcp-server | experimental | Run Codex itself as an MCP server over stdio. Useful when another agent consumes Codex. |
codex app-server | experimental | Launch the Codex app server for local development or debugging. |
codex cloud | experimental | Browse or execute Codex Cloud tasks from the terminal without opening the TUI. Alias: `codex cloud-tasks`. |
codexstableLaunch the terminal UI. Accepts the global flags above plus an optional prompt or image attachments.
codex execstableRun Codex non-interactively. Alias: `codex e`. Stream results to stdout or JSONL and optionally resume previous sessions.
codex loginstableAuthenticate Codex using ChatGPT OAuth, device auth, or an API key piped over stdin.
codex logoutstableRemove stored authentication credentials.
codex resumestableContinue a previous interactive session by ID or resume the most recent conversation.
codex applystableApply the latest diff generated by a Codex Cloud task to your local working tree. Alias: `codex a`.
codex sandboxplatform-specificRun arbitrary commands inside Codex-provided macOS seatbelt or Linux landlock sandboxes.
codex completionstableGenerate shell completion scripts for Bash, Zsh, Fish, or PowerShell.
codex mcpexperimentalManage Model Context Protocol servers (list, add, remove, authenticate).
codex mcp-serverexperimentalRun Codex itself as an MCP server over stdio. Useful when another agent consumes Codex.
codex app-serverexperimentalLaunch the Codex app server for local development or debugging.
codex cloudexperimentalBrowse or execute Codex Cloud tasks from the terminal without opening the TUI. Alias: `codex cloud-tasks`.
Command details
codex (interactive)
Running codex with no subcommand launches the interactive terminal UI (TUI). The agent accepts the global flags above plus image attachments. Use --search to enable web browsing and --full-auto to let Codex run most commands without prompts.
codex exec
Use codex exec (or the short form codex e) for scripted or CI-style runs that should finish without human interaction.
| Key | Type / Values | Details |
|---|---|---|
PROMPT | string | - (read stdin) | Initial instruction for the task. Use `-` to pipe the prompt from stdin. |
--image, -i | path[,path...] | Attach images to the first message. Repeatable; supports comma-separated lists. |
--model, -m | string | Override the configured model for this run. |
--oss | boolean | Use the local open source provider (requires a running Ollama instance). |
--sandbox, -s | read-only | workspace-write | danger-full-access | Sandbox policy for model-generated commands. Defaults to configuration. |
--profile, -p | string | Select a configuration profile defined in config.toml. |
--full-auto | boolean | Apply the low-friction automation preset (`workspace-write` sandbox and approvals on failure). |
--dangerously-bypass-approvals-and-sandbox, --yolo | boolean | Bypass approval prompts and sandboxing. Dangerous—only use inside an isolated runner. |
--cd, -C | path | Set the workspace root before executing the task. |
--skip-git-repo-check | boolean | Allow running outside a Git repository (useful for one-off directories). |
--output-schema | path | JSON Schema file describing the expected final response shape. Codex validates tool output against it. |
--color | always | never | auto | Control ANSI color in stdout. |
--json, --experimental-json | boolean | Print newline-delimited JSON events instead of formatted text. |
--output-last-message, -o | path | Write the assistant’s final message to a file. Useful for downstream scripting. |
Resume subcommand | codex exec resume [SESSION_ID] | Resume an exec session by ID or add `--last` to continue the most recent session. Accepts an optional follow-up prompt. |
-c, --config | key=value | Inline configuration override for the non-interactive run (repeatable). |
PROMPTstring | - (read stdin)Initial instruction for the task. Use `-` to pipe the prompt from stdin.
--image, -ipath[,path...]Attach images to the first message. Repeatable; supports comma-separated lists.
--model, -mstringOverride the configured model for this run.
--ossbooleanUse the local open source provider (requires a running Ollama instance).
--sandbox, -sread-only | workspace-write | danger-full-accessSandbox policy for model-generated commands. Defaults to configuration.
--profile, -pstringSelect a configuration profile defined in config.toml.
--full-autobooleanApply the low-friction automation preset (`workspace-write` sandbox and approvals on failure).
--dangerously-bypass-approvals-and-sandbox, --yolobooleanBypass approval prompts and sandboxing. Dangerous—only use inside an isolated runner.
--cd, -CpathSet the workspace root before executing the task.
--skip-git-repo-checkbooleanAllow running outside a Git repository (useful for one-off directories).
--output-schemapathJSON Schema file describing the expected final response shape. Codex validates tool output against it.
--coloralways | never | autoControl ANSI color in stdout.
--json, --experimental-jsonbooleanPrint newline-delimited JSON events instead of formatted text.
--output-last-message, -opathWrite the assistant’s final message to a file. Useful for downstream scripting.
Resume subcommandcodex exec resume [SESSION_ID]Resume an exec session by ID or add `--last` to continue the most recent session. Accepts an optional follow-up prompt.
-c, --configkey=valueInline configuration override for the non-interactive run (repeatable).
Codex writes formatted output by default. Add --json to receive newline-delimited JSON events (one per state change). The optional resume subcommand makes it easy to continue non-interactive tasks:
| Key | Type / Values | Details |
|---|---|---|
SESSION_ID | uuid | Resume the specified session. Omit and use `--last` to continue the most recent session. |
--last | boolean | Skip the picker and resume the most recent conversation automatically. |
PROMPT | string | - (read stdin) | Optional follow-up instruction sent immediately after resuming. |
SESSION_IDuuidResume the specified session. Omit and use `--last` to continue the most recent session.
--lastbooleanSkip the picker and resume the most recent conversation automatically.
PROMPTstring | - (read stdin)Optional follow-up instruction sent immediately after resuming.
codex login
Authenticate the CLI with a ChatGPT account or API key. Without flags, Codex opens a browser for ChatGPT OAuth.
| Key | Type / Values | Details |
|---|---|---|
--with-api-key | boolean | Read an API key from stdin (for example `printenv OPENAI_API_KEY | codex login --with-api-key`). |
--device-auth | boolean | Use OAuth device code flow instead of launching a browser window. |
status subcommand | codex login status | Print the active authentication mode and exit with 0 when logged in. |
--with-api-keybooleanRead an API key from stdin (for example `printenv OPENAI_API_KEY | codex login --with-api-key`).
--device-authbooleanUse OAuth device code flow instead of launching a browser window.
status subcommandcodex login statusPrint the active authentication mode and exit with 0 when logged in.
codex login status exits with 0 when credentials are present, which is helpful in automation scripts.
codex logout
Removes saved credentials for both API key and ChatGPT authentication. No additional flags are required.
codex resume
Continue an interactive session by ID or resume the most recent conversation. codex resume accepts the same global flags as codex, including model and sandbox overrides.
| Key | Type / Values | Details |
|---|---|---|
SESSION_ID | uuid | Resume the specified session. Omit and use `--last` to continue the most recent session. |
--last | boolean | Skip the picker and resume the most recent conversation automatically. |
PROMPT | string | - (read stdin) | Optional follow-up instruction sent immediately after resuming. |
SESSION_IDuuidResume the specified session. Omit and use `--last` to continue the most recent session.
--lastbooleanSkip the picker and resume the most recent conversation automatically.
PROMPTstring | - (read stdin)Optional follow-up instruction sent immediately after resuming.
codex apply
Apply the most recent diff from a Codex Cloud task to your local repository. You must be authenticated and have access to the task.
| Key | Type / Values | Details |
|---|---|---|
TASK_ID | string | Identifier of the Codex Cloud task whose diff should be applied. |
TASK_IDstringIdentifier of the Codex Cloud task whose diff should be applied.
Codex prints the patched files and exits non-zero if git apply fails (for example, due to conflicts).
codex sandbox
Use the sandbox helper to run a command under the same policies Codex uses internally.
macOS seatbelt
| Key | Type / Values | Details |
|---|---|---|
--full-auto | boolean | Grant write access to the current workspace and `/tmp` without approvals. |
--config, -c | key=value | Pass configuration overrides into the sandboxed run (repeatable). |
COMMAND... | var-args | Shell command to execute under macOS Seatbelt. Everything after `--` is forwarded. |
--full-autobooleanGrant write access to the current workspace and `/tmp` without approvals.
--config, -ckey=valuePass configuration overrides into the sandboxed run (repeatable).
COMMAND...var-argsShell command to execute under macOS Seatbelt. Everything after `--` is forwarded.
Linux landlock
| Key | Type / Values | Details |
|---|---|---|
--full-auto | boolean | Grant write access to the current workspace and `/tmp` inside the Landlock sandbox. |
--config, -c | key=value | Configuration overrides applied before launching the sandbox (repeatable). |
COMMAND... | var-args | Command to execute under Landlock + seccomp. Provide the executable after `--`. |
--full-autobooleanGrant write access to the current workspace and `/tmp` inside the Landlock sandbox.
--config, -ckey=valueConfiguration overrides applied before launching the sandbox (repeatable).
COMMAND...var-argsCommand to execute under Landlock + seccomp. Provide the executable after `--`.
codex completion
Generate shell completion scripts and redirect the output to the appropriate location, for example codex completion zsh > "${fpath[1]}/_codex".
| Key | Type / Values | Details |
|---|---|---|
SHELL | bash | zsh | fish | power-shell | elvish | Shell to generate completions for. Output prints to stdout. |
SHELLbash | zsh | fish | power-shell | elvishShell to generate completions for. Output prints to stdout.
codex mcp
Manage Model Context Protocol server entries stored in ~/.codex/config.toml.
| Key | Type / Values | Details |
|---|---|---|
list | --json | List configured MCP servers. Add `--json` for machine-readable output. |
get <name> | --json | Show a specific server configuration. `--json` prints the raw config entry. |
add <name> | -- <command...> | --url <value> | Register a server using a stdio launcher command or a streamable HTTP URL. Supports `--env KEY=VALUE` for stdio transports. |
remove <name> | Delete a stored MCP server definition. | |
login <name> | --scopes scope1,scope2 | Start an OAuth login for a streamable HTTP server. Requires `experimental_use_rmcp_client = true`. |
logout <name> | Remove stored OAuth credentials for a streamable HTTP server. |
list--jsonList configured MCP servers. Add `--json` for machine-readable output.
get <name>--jsonShow a specific server configuration. `--json` prints the raw config entry.
add <name>-- <command...> | --url <value>Register a server using a stdio launcher command or a streamable HTTP URL. Supports `--env KEY=VALUE` for stdio transports.
remove <name>Delete a stored MCP server definition.
login <name>--scopes scope1,scope2Start an OAuth login for a streamable HTTP server. Requires `experimental_use_rmcp_client = true`.
logout <name>Remove stored OAuth credentials for a streamable HTTP server.
The add subcommand supports both stdio and streamable HTTP transports:
| Key | Type / Values | Details |
|---|---|---|
COMMAND... | stdio transport | Executable plus arguments to launch the MCP server. Provide after `--`. |
--env KEY=VALUE | repeatable | Environment variable assignments applied when launching a stdio server. |
--url | https://… | Register a streamable HTTP server instead of stdio. Mutually exclusive with `COMMAND...`. |
--bearer-token-env-var | ENV_VAR | Environment variable whose value is sent as a bearer token when connecting to a streamable HTTP server. |
COMMAND...stdio transportExecutable plus arguments to launch the MCP server. Provide after `--`.
--env KEY=VALUErepeatableEnvironment variable assignments applied when launching a stdio server.
--urlhttps://…Register a streamable HTTP server instead of stdio. Mutually exclusive with `COMMAND...`.
--bearer-token-env-varENV_VAREnvironment variable whose value is sent as a bearer token when connecting to a streamable HTTP server.
OAuth actions (login, logout) require experimental_use_rmcp_client = true and only work with streamable HTTP servers.
codex mcp-server
Run Codex as an MCP server over stdio so that other tools can connect. This command inherits global configuration overrides and exits when the downstream client closes the connection.
codex app-server
Launch the Codex app server locally. This is primarily for development and debugging and may change without notice.
codex cloud
Interact with Codex Cloud tasks from the terminal. The default command opens an interactive picker; codex cloud exec submits a task directly.
| Key | Type / Values | Details |
|---|---|---|
QUERY | string | Task prompt. If omitted, Codex prompts interactively for details. |
--env | ENV_ID | Target Codex Cloud environment identifier (required). Use `codex cloud` to list options. |
--attempts | 1-4 | Number of assistant attempts (best-of-N) Codex Cloud should run. |
QUERYstringTask prompt. If omitted, Codex prompts interactively for details.
--envENV_IDTarget Codex Cloud environment identifier (required). Use `codex cloud` to list options.
--attempts1-4Number of assistant attempts (best-of-N) Codex Cloud should run.
Authentication follows the same credentials as the main CLI. Codex exits non-zero if the task submission fails.
Flag combinations and safety tips
- Set
--full-autofor unattended local work, but avoid combining it with--dangerously-bypass-approvals-and-sandboxunless you are inside a dedicated sandbox VM. - When you need to grant Codex write access to additional directories, prefer
--add-dirrather than forcing--sandbox danger-full-access. - Pair
--jsonwith--output-last-messagein CI to capture machine-readable progress and a final natural-language summary. codex mcp loginrequires theexperimental_use_rmcp_clientfeature flag. Use--enable experimental_use_rmcp_clientor update your config before running the command.
Related resources
- Codex CLI overview — installation, upgrades, and quick tips.
- Codex configuration — persist defaults and advanced policies.
- AGENTS.md — conceptual deep dive on Codex agent capabilities and best practices.