Codex API Adapter Docs

Auth Model

For client API calls, use the user's Codex API username as the bearer token. The dashboard shows this username in the wallet and command sections.
Example header: Authorization: Bearer g2g-codex-example. The username resolves to the user's active wallet key internally, so wallet balance, token usage, Stripe top-ups, and FUP checks stay attached to the correct account.
Existing generated API keys still work for /api/v1, threads, turns, files, models, and read-only release endpoints for backward compatibility.
Use an admin bearer key for /api/codex/rpc, auth endpoints, raw event streams, system control, and other protected admin routes.
Bearer tokens can come from static environment variables, managed keys created in the admin dashboard, or customer usernames for standard API routes.
Admins can generate a managed token or manually enter a bearer token under /admin → Access & Tokens.
New managed keys are stored with a plaintext admin-visible token as well as a lookup hash, so admins can recover customer and G2G tokens without issuing replacements.

API Test Zone

These examples automatically use the bearer value in the field above. When a client opens this page from the dashboard, that value is their Codex API username. Replace the prompt text and project names as needed.

1. Verify your wallet account

2. Verify stock Codex model discovery

3. Start a browser-agent project

Official OpenAI Codex CLI

Use the customer's Codex API username with the official OpenAI package installed by npm install -g @openai/codex@latest. The API compatibility target is Codex CLI 0.134.0. Do not run codex login for CodexAPI.pro; configure CodexAPI.pro as a custom Responses provider and save the username in ~/.codex/config.toml using the dashboard's one-time setup command.

After the one-time setup has written CodexAPI.pro into the normal Codex config, users can return with codex, codex --search, codex resume --search, or any other normal Codex opening command without repeating API setup.

For non-interactive live-search runs, use codex --search exec .... The current official CLI rejects codex exec --search ....

The dashboard returns a token-specific command after creation; the generic provider shape is:

{
  "providerId": "codexapi",
  "providerName": "CodexAPI.pro",
  "officialCliVersion": "0.134.0",
  "officialInstallTag": "latest",
  "officialInstallCommand": "npm install -g @openai/codex@latest",
  "baseUrl": "https://api-canada.codexapi.pro/v1",
  "envKey": "CODEXAPI_CODEX_API_KEY",
  "wireApi": "responses",
  "model": "gpt-5.5",
  "reasoningEffort": "medium",
  "modelsUrl": "https://api-canada.codexapi.pro/v1/models",
  "responsesUrl": "https://api-canada.codexapi.pro/v1/responses",
  "codexHome": "$HOME/.codex",
  "configArgs": [
    "-c 'preferred_auth_method=\"apikey\"'",
    "-c 'model_provider=\"codexapi\"'",
    "-c 'model_providers.codexapi.name=\"CodexAPI.pro\"'",
    "-c 'model_providers.codexapi.base_url=\"https://api-canada.codexapi.pro/v1\"'",
    "-c 'model_providers.codexapi.env_key=\"CODEXAPI_CODEX_API_KEY\"'",
    "-c 'model_providers.codexapi.wire_api=\"responses\"'",
    "-c 'model_providers.codexapi.supports_websockets=false'",
    "-c 'model_reasoning_effort=\"medium\"'",
    "-c 'approval_policy=\"never\"'",
    "-c 'sandbox_mode=\"danger-full-access\"'"
  ],
  "persistentConfigToml": "model = \"gpt-5.5\"\npreferred_auth_method = \"apikey\"\nmodel_provider = \"codexapi\"\nmodel_reasoning_effort = \"medium\"\napproval_policy = \"never\"\nsandbox_mode = \"danger-full-access\"\n\n[model_providers.codexapi]\nname = \"CodexAPI.pro\"\nbase_url = \"https://api-canada.codexapi.pro/v1\"\nexperimental_bearer_token = \"<CODEXAPI_API_KEY>\"\nwire_api = \"responses\"\nsupports_websockets = false\n",
  "linuxSetupAndStartCommand": "set -e\nif ! command -v npm >/dev/null 2>&1; then\n  if command -v apt-get >/dev/null 2>&1; then\n    sudo apt-get update\n    sudo apt-get install -y ca-certificates curl gnupg\n    curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -\n    sudo apt-get install -y nodejs git\n  else\n    echo \"Install Node.js LTS and npm first, then rerun this block.\" >&2\n    exit 1\n  fi\nfi\nnpm install -g @openai/codex@latest\nCODEX_HOME_DIR=\"$HOME/.codex\"\nCONFIG_PATH=\"$CODEX_HOME_DIR/config.toml\"\nmkdir -p \"$CODEX_HOME_DIR\" 2>/dev/null || true\nif [ -e \"$CODEX_HOME_DIR\" ] && [ ! -w \"$CODEX_HOME_DIR\" ]; then\n  echo \"Fixing ownership of $CODEX_HOME_DIR for this user...\"\n  if command -v sudo >/dev/null 2>&1; then sudo chown -R \"$(id -u):$(id -g)\" \"$CODEX_HOME_DIR\"; fi\nfi\nif [ -e \"$CONFIG_PATH\" ] && [ ! -w \"$CONFIG_PATH\" ]; then\n  echo \"Fixing ownership of $CONFIG_PATH for this user...\"\n  if command -v sudo >/dev/null 2>&1; then sudo chown \"$(id -u):$(id -g)\" \"$CONFIG_PATH\"; fi\nfi\nmkdir -p \"$CODEX_HOME_DIR\"\nif [ ! -w \"$CODEX_HOME_DIR\" ] || { [ -e \"$CONFIG_PATH\" ] && [ ! -w \"$CONFIG_PATH\" ]; }; then\n  echo \"Cannot write Codex config at $CONFIG_PATH. Run: sudo chown -R \\\"$(id -u):$(id -g)\\\" \\\"$CODEX_HOME_DIR\\\"\" >&2\n  exit 1\nfi\nif [ -f \"$CONFIG_PATH\" ]; then cp \"$CONFIG_PATH\" \"$CONFIG_PATH.backup.$(date +%Y%m%d%H%M%S)\"; fi\ncat > \"$CONFIG_PATH\" <<'TOML'\nmodel = \"gpt-5.5\"\npreferred_auth_method = \"apikey\"\nmodel_provider = \"codexapi\"\nmodel_reasoning_effort = \"medium\"\napproval_policy = \"never\"\nsandbox_mode = \"danger-full-access\"\n\n[model_providers.codexapi]\nname = \"CodexAPI.pro\"\nbase_url = \"https://api-canada.codexapi.pro/v1\"\nexperimental_bearer_token = \"<CODEXAPI_API_KEY>\"\nwire_api = \"responses\"\nsupports_websockets = false\nTOML\necho \"CodexAPI.pro is configured. Future sessions can start with codex or codex resume --search.\"\ncodex --search",
  "macosSetupAndStartCommand": "set -e\nif ! command -v brew >/dev/null 2>&1; then\n  /bin/bash -c \"$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)\"\n  if [ -x /opt/homebrew/bin/brew ]; then eval \"$(/opt/homebrew/bin/brew shellenv)\"; fi\n  if [ -x /usr/local/bin/brew ]; then eval \"$(/usr/local/bin/brew shellenv)\"; fi\nfi\nbrew install node git\nnpm install -g @openai/codex@latest\nCODEX_HOME_DIR=\"$HOME/.codex\"\nCONFIG_PATH=\"$CODEX_HOME_DIR/config.toml\"\nmkdir -p \"$CODEX_HOME_DIR\" 2>/dev/null || true\nif [ -e \"$CODEX_HOME_DIR\" ] && [ ! -w \"$CODEX_HOME_DIR\" ]; then\n  echo \"Fixing ownership of $CODEX_HOME_DIR for this user...\"\n  if command -v sudo >/dev/null 2>&1; then sudo chown -R \"$(id -u):$(id -g)\" \"$CODEX_HOME_DIR\"; fi\nfi\nif [ -e \"$CONFIG_PATH\" ] && [ ! -w \"$CONFIG_PATH\" ]; then\n  echo \"Fixing ownership of $CONFIG_PATH for this user...\"\n  if command -v sudo >/dev/null 2>&1; then sudo chown \"$(id -u):$(id -g)\" \"$CONFIG_PATH\"; fi\nfi\nmkdir -p \"$CODEX_HOME_DIR\"\nif [ ! -w \"$CODEX_HOME_DIR\" ] || { [ -e \"$CONFIG_PATH\" ] && [ ! -w \"$CONFIG_PATH\" ]; }; then\n  echo \"Cannot write Codex config at $CONFIG_PATH. Run: sudo chown -R \\\"$(id -u):$(id -g)\\\" \\\"$CODEX_HOME_DIR\\\"\" >&2\n  exit 1\nfi\nif [ -f \"$CONFIG_PATH\" ]; then cp \"$CONFIG_PATH\" \"$CONFIG_PATH.backup.$(date +%Y%m%d%H%M%S)\"; fi\ncat > \"$CONFIG_PATH\" <<'TOML'\nmodel = \"gpt-5.5\"\npreferred_auth_method = \"apikey\"\nmodel_provider = \"codexapi\"\nmodel_reasoning_effort = \"medium\"\napproval_policy = \"never\"\nsandbox_mode = \"danger-full-access\"\n\n[model_providers.codexapi]\nname = \"CodexAPI.pro\"\nbase_url = \"https://api-canada.codexapi.pro/v1\"\nexperimental_bearer_token = \"<CODEXAPI_API_KEY>\"\nwire_api = \"responses\"\nsupports_websockets = false\nTOML\necho \"CodexAPI.pro is configured. Future sessions can start with codex or codex resume --search.\"\ncodex --search",
  "futureStartCommand": "codex\ncodex --search",
  "startCommand": "set -e\nif ! command -v npm >/dev/null 2>&1; then\n  if command -v apt-get >/dev/null 2>&1; then\n    sudo apt-get update\n    sudo apt-get install -y ca-certificates curl gnupg\n    curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -\n    sudo apt-get install -y nodejs git\n  else\n    echo \"Install Node.js LTS and npm first, then rerun this block.\" >&2\n    exit 1\n  fi\nfi\nnpm install -g @openai/codex@latest\nCODEX_HOME_DIR=\"$HOME/.codex\"\nCONFIG_PATH=\"$CODEX_HOME_DIR/config.toml\"\nmkdir -p \"$CODEX_HOME_DIR\" 2>/dev/null || true\nif [ -e \"$CODEX_HOME_DIR\" ] && [ ! -w \"$CODEX_HOME_DIR\" ]; then\n  echo \"Fixing ownership of $CODEX_HOME_DIR for this user...\"\n  if command -v sudo >/dev/null 2>&1; then sudo chown -R \"$(id -u):$(id -g)\" \"$CODEX_HOME_DIR\"; fi\nfi\nif [ -e \"$CONFIG_PATH\" ] && [ ! -w \"$CONFIG_PATH\" ]; then\n  echo \"Fixing ownership of $CONFIG_PATH for this user...\"\n  if command -v sudo >/dev/null 2>&1; then sudo chown \"$(id -u):$(id -g)\" \"$CONFIG_PATH\"; fi\nfi\nmkdir -p \"$CODEX_HOME_DIR\"\nif [ ! -w \"$CODEX_HOME_DIR\" ] || { [ -e \"$CONFIG_PATH\" ] && [ ! -w \"$CONFIG_PATH\" ]; }; then\n  echo \"Cannot write Codex config at $CONFIG_PATH. Run: sudo chown -R \\\"$(id -u):$(id -g)\\\" \\\"$CODEX_HOME_DIR\\\"\" >&2\n  exit 1\nfi\nif [ -f \"$CONFIG_PATH\" ]; then cp \"$CONFIG_PATH\" \"$CONFIG_PATH.backup.$(date +%Y%m%d%H%M%S)\"; fi\ncat > \"$CONFIG_PATH\" <<'TOML'\nmodel = \"gpt-5.5\"\npreferred_auth_method = \"apikey\"\nmodel_provider = \"codexapi\"\nmodel_reasoning_effort = \"medium\"\napproval_policy = \"never\"\nsandbox_mode = \"danger-full-access\"\n\n[model_providers.codexapi]\nname = \"CodexAPI.pro\"\nbase_url = \"https://api-canada.codexapi.pro/v1\"\nexperimental_bearer_token = \"<CODEXAPI_API_KEY>\"\nwire_api = \"responses\"\nsupports_websockets = false\nTOML\necho \"CodexAPI.pro is configured. Future sessions can start with codex or codex resume --search.\"\ncodex --search",
  "execSmokeTestCommand": "codex --search exec --skip-git-repo-check \"Say hello from CodexAPI.pro.\"",
  "loggedInOverrideCommand": "set -e\nif ! command -v npm >/dev/null 2>&1; then\n  if command -v apt-get >/dev/null 2>&1; then\n    sudo apt-get update\n    sudo apt-get install -y ca-certificates curl gnupg\n    curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -\n    sudo apt-get install -y nodejs git\n  else\n    echo \"Install Node.js LTS and npm first, then rerun this block.\" >&2\n    exit 1\n  fi\nfi\nnpm install -g @openai/codex@latest\nCODEX_HOME_DIR=\"$HOME/.codex\"\nCONFIG_PATH=\"$CODEX_HOME_DIR/config.toml\"\nmkdir -p \"$CODEX_HOME_DIR\" 2>/dev/null || true\nif [ -e \"$CODEX_HOME_DIR\" ] && [ ! -w \"$CODEX_HOME_DIR\" ]; then\n  echo \"Fixing ownership of $CODEX_HOME_DIR for this user...\"\n  if command -v sudo >/dev/null 2>&1; then sudo chown -R \"$(id -u):$(id -g)\" \"$CODEX_HOME_DIR\"; fi\nfi\nif [ -e \"$CONFIG_PATH\" ] && [ ! -w \"$CONFIG_PATH\" ]; then\n  echo \"Fixing ownership of $CONFIG_PATH for this user...\"\n  if command -v sudo >/dev/null 2>&1; then sudo chown \"$(id -u):$(id -g)\" \"$CONFIG_PATH\"; fi\nfi\nmkdir -p \"$CODEX_HOME_DIR\"\nif [ ! -w \"$CODEX_HOME_DIR\" ] || { [ -e \"$CONFIG_PATH\" ] && [ ! -w \"$CONFIG_PATH\" ]; }; then\n  echo \"Cannot write Codex config at $CONFIG_PATH. Run: sudo chown -R \\\"$(id -u):$(id -g)\\\" \\\"$CODEX_HOME_DIR\\\"\" >&2\n  exit 1\nfi\nif [ -f \"$CONFIG_PATH\" ]; then cp \"$CONFIG_PATH\" \"$CONFIG_PATH.backup.$(date +%Y%m%d%H%M%S)\"; fi\ncat > \"$CONFIG_PATH\" <<'TOML'\nmodel = \"gpt-5.5\"\npreferred_auth_method = \"apikey\"\nmodel_provider = \"codexapi\"\nmodel_reasoning_effort = \"medium\"\napproval_policy = \"never\"\nsandbox_mode = \"danger-full-access\"\n\n[model_providers.codexapi]\nname = \"CodexAPI.pro\"\nbase_url = \"https://api-canada.codexapi.pro/v1\"\nexperimental_bearer_token = \"<CODEXAPI_API_KEY>\"\nwire_api = \"responses\"\nsupports_websockets = false\nTOML\necho \"CodexAPI.pro is configured. Future sessions can start with codex or codex resume --search.\"\ncodex --search",
  "loggedInOverrideExecSmokeTestCommand": "codex --search exec --skip-git-repo-check \"Say hello from CodexAPI.pro.\"",
  "resumeLastCommand": "codex resume --search\ncodex resume --last --search",
  "windowsDependencyInstallCommand": "# Run PowerShell as Administrator for this dependency step.\nwinget source update\nwinget install --id OpenJS.NodeJS.LTS -e --accept-package-agreements --accept-source-agreements\nwinget install --id Git.Git -e --accept-package-agreements --accept-source-agreements\nSet-ExecutionPolicy -Scope CurrentUser RemoteSigned -Force\n# Close PowerShell, open a new PowerShell window, then run the verification step.",
  "windowsVerifyDependenciesCommand": "node --version\nnpm --version\ngit --version",
  "windowsCodexInstallCommand": "npm install -g @openai/codex@latest\ncodex --version",
  "windowsFullInstallCommand": "# Run PowerShell as Administrator for this dependency step.\nwinget source update\nwinget install --id OpenJS.NodeJS.LTS -e --accept-package-agreements --accept-source-agreements\nwinget install --id Git.Git -e --accept-package-agreements --accept-source-agreements\nSet-ExecutionPolicy -Scope CurrentUser RemoteSigned -Force\n# Close PowerShell, open a new PowerShell window, then run the verification step.\n\n# After reopening PowerShell:\nnode --version\nnpm --version\ngit --version\nnpm install -g @openai/codex@latest\ncodex --version",
  "windowsSetupAndStartCommand": "$ErrorActionPreference = \"Stop\"\nwinget source update\nif (-not (Get-Command node -ErrorAction SilentlyContinue)) { winget install --id OpenJS.NodeJS.LTS -e --accept-package-agreements --accept-source-agreements }\nif (-not (Get-Command git -ErrorAction SilentlyContinue)) { winget install --id Git.Git -e --accept-package-agreements --accept-source-agreements }\nnpm install -g @openai/codex@latest\n$CodexHome = \"$env:USERPROFILE\\.codex\"\n$ConfigPath = Join-Path $CodexHome \"config.toml\"\nNew-Item -ItemType Directory -Force -Path $CodexHome | Out-Null\n$ConfigProbe = Join-Path $CodexHome \".codexapi-write-test\"\ntry {\n  \"ok\" | Set-Content -Path $ConfigProbe -Encoding utf8 -Force\n  Remove-Item $ConfigProbe -Force\n} catch {\n  Write-Error \"Cannot write to $CodexHome. Open PowerShell as your normal Windows user, or fix folder ownership if this .codex folder was created by an Administrator shell.\"\n  throw\n}\nif (Test-Path $ConfigPath) {\n  Copy-Item $ConfigPath \"$ConfigPath.backup.$((Get-Date).ToString('yyyyMMddHHmmss'))\" -Force\n}\n@'\nmodel = \"gpt-5.5\"\npreferred_auth_method = \"apikey\"\nmodel_provider = \"codexapi\"\nmodel_reasoning_effort = \"medium\"\napproval_policy = \"never\"\nsandbox_mode = \"danger-full-access\"\n\n[model_providers.codexapi]\nname = \"CodexAPI.pro\"\nbase_url = \"https://api-canada.codexapi.pro/v1\"\nexperimental_bearer_token = \"<CODEXAPI_API_KEY>\"\nwire_api = \"responses\"\nsupports_websockets = false\n'@ | Set-Content -Path $ConfigPath -Encoding utf8\nWrite-Host \"CodexAPI.pro is configured. Future sessions can start with codex or codex resume --search.\"\ncodex --search",
  "windowsSetupCommand": "$ErrorActionPreference = \"Stop\"\nwinget source update\nif (-not (Get-Command node -ErrorAction SilentlyContinue)) { winget install --id OpenJS.NodeJS.LTS -e --accept-package-agreements --accept-source-agreements }\nif (-not (Get-Command git -ErrorAction SilentlyContinue)) { winget install --id Git.Git -e --accept-package-agreements --accept-source-agreements }\nnpm install -g @openai/codex@latest\n$CodexHome = \"$env:USERPROFILE\\.codex\"\n$ConfigPath = Join-Path $CodexHome \"config.toml\"\nNew-Item -ItemType Directory -Force -Path $CodexHome | Out-Null\n$ConfigProbe = Join-Path $CodexHome \".codexapi-write-test\"\ntry {\n  \"ok\" | Set-Content -Path $ConfigProbe -Encoding utf8 -Force\n  Remove-Item $ConfigProbe -Force\n} catch {\n  Write-Error \"Cannot write to $CodexHome. Open PowerShell as your normal Windows user, or fix folder ownership if this .codex folder was created by an Administrator shell.\"\n  throw\n}\nif (Test-Path $ConfigPath) {\n  Copy-Item $ConfigPath \"$ConfigPath.backup.$((Get-Date).ToString('yyyyMMddHHmmss'))\" -Force\n}\n@'\nmodel = \"gpt-5.5\"\npreferred_auth_method = \"apikey\"\nmodel_provider = \"codexapi\"\nmodel_reasoning_effort = \"medium\"\napproval_policy = \"never\"\nsandbox_mode = \"danger-full-access\"\n\n[model_providers.codexapi]\nname = \"CodexAPI.pro\"\nbase_url = \"https://api-canada.codexapi.pro/v1\"\nexperimental_bearer_token = \"<CODEXAPI_API_KEY>\"\nwire_api = \"responses\"\nsupports_websockets = false\n'@ | Set-Content -Path $ConfigPath -Encoding utf8\nWrite-Host \"CodexAPI.pro is configured. Future sessions can start with codex or codex resume --search.\"\ncodex --search",
  "windowsStartCommand": "codex\ncodex --search",
  "windowsResumeLastCommand": "codex resume --search\ncodex resume --last --search",
  "windowsExecSmokeTestCommand": "codex --search exec --skip-git-repo-check \"Say hello from CodexAPI.pro.\"",
  "macosStartCommand": "codex\ncodex --search",
  "macosResumeLastCommand": "codex resume --search\ncodex resume --last --search",
  "macosExecSmokeTestCommand": "codex --search exec --skip-git-repo-check \"Say hello from CodexAPI.pro.\"",
  "configToml": "model = \"gpt-5.5\"\npreferred_auth_method = \"apikey\"\nmodel_provider = \"codexapi\"\nmodel_reasoning_effort = \"medium\"\napproval_policy = \"never\"\nsandbox_mode = \"danger-full-access\"\n\n[model_providers.codexapi]\nname = \"CodexAPI.pro\"\nbase_url = \"https://api-canada.codexapi.pro/v1\"\nenv_key = \"CODEXAPI_CODEX_API_KEY\"\nwire_api = \"responses\"\nsupports_websockets = false\n",
  "clientModelLabel": "Deepseek v4 Budget",
  "displayModel": "Deepseek v4 Budget",
  "modelDisplayName": "Deepseek v4 Budget"
}

Windows users must use PowerShell syntax, not Bash exports. The live /api/v1/cli/public-codex payload includes a complete PowerShell setup block that installs dependencies when needed, writes %USERPROFILE%\.codex\config.toml, saves the wallet username as the provider bearer token, and starts codex --search.

Managed Defaults

Model: gpt-5.5
Reasoning effort: high
Approval policy: never
Sandbox policy: danger-full-access
Web search: enabled by default

Codex 0.134.0 Notes

The live server runs the official codex app-server over stdio with the required initialize then initialized handshake.
Codex 0.134.0 keeps legacy turn-level sandboxPolicy compatibility, while newer clients can send permissions / permissionProfile profile selections through the stable project endpoints or protected raw app-server RPC.
The adapter declares experimentalApi during initialize, so the new /permissions Full Access client toggle can send permission profiles without being rejected by app-server.
GET /api/v1/permissions publishes the Full Access and workspace profile payloads; GET /api/v1/skills lists the root Codex skills available to API-backed sessions.
New upstream app-server methods such as thread/goal/*, hooks/list, and modelProvider/capabilities/read are reachable through the protected raw RPC adapter. The stable browser-agent endpoints continue to stream the core thread, turn, item, and approval lifecycle.
Experimental websocket and realtime upstream surfaces remain intentionally behind protected RPC and are not treated as the production transport for this public API.

Primary Flow

GET /api/v1/agent/status to inspect live runtime and defaults.
POST /api/v1/projects to create a durable project workspace.
POST /api/v1/projects/{project_id}/open to create or resume the workspace thread.
POST /api/v1/projects/{project_id}/turns to start work.
GET /api/v1/projects/{project_id}/events for SSE notifications.
GET /api/v1/billing/token-usage to render wallet token transactions and daily usage graphs for the signed-in user.
GET /api/v1/share-credit and POST /api/v1/share-credit/claim power the one-time $10 CodexAPI.pro share-credit dashboard offer.

Wallet Billing

Surge Pricing: Codex display rates are currently $6.00 per million input tokens and $32.00 per million output tokens because the platform is under severe load.
Surge Pricing: Claude Code display rates are currently $6.00 per million input tokens and $32.00 per million output tokens. Rates will be reviewed within 60 minutes and may return to the normal displayed $5.00 input / $30.00 output rate if service load has settled.
Wallets use micro-USD accounting internally, so small prompts still deduct after completion even when the rounded two-decimal balance barely moves.
Every completed prompt writes a token usage transaction with input tokens, output tokens, charged USD, and balance-after values.
The public dashboard polls the wallet and token usage endpoints so balances update while a user keeps the page open.

Resume, Isolation, and Approvals

Each managed project_id maps to one stable workspace directory. When the same user returns to that project, the API resumes the latest Codex thread for that workspace instead of creating a fresh conversation.

Project-scoped approval handling stays explicit:

GET /api/v1/projects/{project_id}/approvals lists pending approval requests for the project’s latest thread.
POST /api/v1/projects/{project_id}/approvals/{request_id}/resolve resolves the approval. An empty JSON body now defaults to {"decision":"accept"} for the current command and file-change approval flows.
POST /api/v1/projects/{project_id}/turns/{turn_id}/interrupt interrupts a running turn.

Version & Changelog

v1.0.46

# Changelog

## v1.0.46 npm scope update - 2026-05-29

- Published the custom launcher under the official npm org package `@codexapi/codexclaude`.
- Updated customer install and forced-update commands to `npm install -g @codexapi/codexclaude@latest`.
- Released launcher `2.0.5` so the npm package page itself shows the official org-scoped install command.

## v1.0.46 - 2026-05-29

- Released `codexclaude` v2.0.4 with Deepseek v4 Budget as a third selectable model beside ChatGPT-5.5 and Opus 4.7.
- Routed `deepseek-v4-pro` Codex Responses requests through the CodexAPI.pro Deepseek-compatible gateway with a separate Deepseek billing service.
- Added npm latest-version enforcement to `codexclaude` so older agents are prompted to update before coding starts.
- Added `/root/codexclaude/codexclaude.md` as the customization ledger for future official Codex CLI upgrades.
- Updated backend release metadata and public setup copy for the new launcher.

## Desktop Setup Client v1.0.16 - 2026-05-28

- Fixed Desktop Coding Mode MCP execution for Blender and Roblox Studio by adding a local MCP stdio bridge that starts explicitly enabled MCP servers, discovers their tools, forwards those tool definitions with Opus 4.7 requests, and runs the `tool_use` / `tool_result` loop locally.
- Added MCP bridge diagnostics to the Desktop Coding Mode context and status line so customers can see whether MCP tools were forwarded and how many tool calls were executed.
- Matched Roblox Studio MCP's expected config shape with `command = "npx"` and `args = ["-y", "robloxstudio-mcp@latest"]`, while keeping existing stored `roblox_studio` preset selections compatible.
- Switched the Desktop MCP bridge to newline-delimited JSON-RPC by default so standard MCP servers such as Blender and Roblox Studio expose tools correctly.
- Hardened Windows MCP process startup so command-based MCP packages such as `npx` presets launch correctly from the desktop app.
- Updated the public Desktop Setup Client installer metadata and download links to v1.0.16.

## Desktop Setup Client v1.0.14 - 2026-05-28

- Added the CodexAPI.pro MCP + Skills Pack to the Windows Desktop Setup Client.
- Codex setup now writes popular MCP server presets into the customer's `~/.codex/config.toml`, including the OpenAI Codex memories MCP plus curated developer, browser, documentation, database, cloud, and design presets.
- Credentialed MCP servers are installed as disabled presets until the customer adds the required local environment variables.
- Claude Desktop setup now receives safe MCP server presets and bundled skills are copied into both Codex and Claude skill folders.
- Desktop Coding Mode now loads the same MCP and skill catalog into every task context.

## v1.0.45 - 2026-05-27

- Added admin-only Internal Surge Pricing for the next 12 hours at `$9` per million input tokens and `$48` per million output tokens.
- Set the permanent post-surge internal billing base for Codex and Claude to `$8` per million input tokens and `$45` per million output tokens.
- Kept customer-facing display rates unchanged while hiding internal wallet-deduction rates from customer API and dashboard payloads.
- Expanded the admin Token Rates panel with explicit internal-vs-display labels, current internal mode, active window, landing rates, tokens in-window, and extra-margin reporting.
- Improved responsive wrapping in admin cards and rate controls so long values remain readable on narrow screens.
- Refreshed SEO metadata and structured-data coverage on the public sites for clearer indexing, snippets, and social previews.

## v1.0.44 - 2026-05-27

- Updated the official Codex CLI compatibility target to `0.134.0` and synced the upstream stable release manifest.
- Updated the hosted Codex binary to `codex-cli 0.134.0` while preserving Full Access defaults and `--search` startup commands.
- Updated Claude Code on the host to `2.1.152`.
- Released `codexclaude` v2.0.3 pinned to official `@openai/codex` `0.134.0`.
- Refreshed dashboard, docs, and public copy that referenced Codex `0.133.0`.

## v1.0.43 - 2026-05-27

- Added first-login collection for email plus a customer-chosen dashboard password.
- Preserved original issued marketplace credentials while enabling email plus Chosen Password as an additional login path.
- Added admin-visible Chosen Password display under Customers & Wallets and Access & Tokens.
- Updated welcome emails with email login details and a 7-day one-click sign-on link that opens the Desktop Client download area.
- Kept the Windows Desktop Setup Client on the same login endpoint so email plus Chosen Password works there too.

## v1.0.42 - 2026-05-27

- Fixed duplicate-device and duplicate-network customer registration so flagged signups now enter admin review instead of failing with a 409 Conflict response.
- Added PostgreSQL-backed customer inbox messages for public broadcasts, private admin messages, and stored copies of lifecycle emails sent to customers.
- Added admin Inbox & Push tooling for writing public or private customer messages from `/admin`.
- Released CodexAPI.pro Desktop Setup Client v1.0.11 with broader Codex Desktop / Claude Desktop detection, corrected CodexAPI.pro provider readiness classification, Windows notifications for unread inbox messages, and system-tray minimize-on-close behavior.

## v1.0.41 - 2026-05-26

- Fixed Claude Code / VS Code routing so customer sessions stay in the customer's local project directory instead of being handled by a hosted remote Claude Code workspace.
- Added local `/v1/messages/count_tokens` support for Claude Code startup token-count probes, avoiding upstream count-token incompatibilities.
- Hardened Claude request handling so client disconnects no longer create noisy backend tracebacks.
- Released CodexAPI.pro Desktop Setup Client v1.0.10 with stricter desktop readiness checks and signed-in remote Ubuntu/Debian SSH setup for Codex CLI and Claude Code.

## v1.0.40 - 2026-05-25

- Added Google account signup directly from the Windows Desktop Setup Client using a `codexapi-desktop://` return flow.
- Added manual account creation inside the Desktop Setup Client with email, password, country, mobile, starting package, device fingerprint, and PostgreSQL-backed wallet provisioning.
- After desktop signup, the app verifies the returned wallet token, saves the login for one year, loads the Token Wallet, and enables Codex Desktop / Claude Desktop configuration.
- Released CodexAPI.pro Desktop Setup Client v1.0.9 with the signup flow and updated public installer metadata.

## v1.0.39 - 2026-05-25

- Added the three-mode pricing system: Surge Pricing, Standard Pricing, and Reduced Pricing, all served from one master countdown payload.
- Activated Reduced Pricing for the current 60-minute window at `$4.50` per million input tokens and `$27` per million output tokens.
- Added exact-text SVG pricing icons for Surge Pricing, Standard Pricing, and Reduced Pricing across the dashboard and desktop app.
- Updated the Windows Desktop Setup Client to v1.0.8 with vivid pricing-mode display, synced countdown, and refreshed installer metadata.

## v1.0.38 - 2026-05-25

- Added a 60-minute Surge Pricing event countdown with automatic fallback to normal `$5` / `$30` billing after the event expires.
- Added direct Deepseek v4 Pro surge opt-out routing for both Codex Responses and Claude Messages traffic without using OpenRouter.
- Added the exact in-session notices for customers who choose Deepseek v4 or pause during active Surge Pricing.
- Added the `$2` / `$5` Deepseek v4 opt-out billing card and separated it from standard Codex/Claude surge billing.
- Updated the Windows Desktop Setup Client to v1.0.7 with automatic 60-second balance, usage, pricing, and Toolbox refresh while the app is open.
- Added a visible Surge Event countdown beside the desktop Token Wallet, plus saved Toolbox options for Stay, Deepseek v4, and Pause.

## v1.0.37 - 2026-05-25

- Added customer-visible Surge Pricing status in the dashboard wallet card, including the active tariff, normal tariff, and Reduced Pricing target.
- Added a customer Toolbox with account-level Surge Pricing behavior: stay on the active premium route, opt Codex requests into Deepseek v4 during surge windows, or pause new model calls until the surge ends.
- Added the same Toolbox controls to the Windows Desktop Setup Client and moved the Token Wallet plus Topup action higher in the app for immediate visibility.
- Added a 7-day dashboard single sign-on link endpoint so desktop and lifecycle emails can open customers directly at the active pricing tariff section.
- Updated admin operational pages with Toolbox controls, Surge Pricing email delivery, and serving-cost margin calculations based on the configured internal cost price.
- Released CodexAPI.pro Desktop Setup Client v1.0.6 with recurring update checks, wallet-first layout, Topup shortcut, and Surge Pricing opt-out controls.

## v1.0.36 - 2026-05-25

- Added the `$99` 10-Day Unlimited Promo package with quantity support up to 5 blocks; each quantity adds another 10 days while preserving the customer's existing API username/token.
- Added Stripe Checkout handling for the promo as a one-time payment with saved-card setup for future purchases and automatic top-ups.
- Added admin Unlimited Promo settings for promo input/output cost assumptions plus 5-hour and 24-hour fair-use limits in USD.
- Added customer-facing Unlimited Promo dashboard offer cards and a usage monitor that shows token counts, reset estimates, and fair-use progress without exposing private dollar limits.
- Added dedicated Unlimited Promo invitation and activation email templates with 7-day one-click dashboard sign-on links.

## v1.0.35 - 2026-05-25

- Added Titan, Apex, and Enterprise Token Wallet packages: $120 to $1250 credit, $150 to $1600 credit, and $200 to $2200 credit.
- Confirmed the new paid credit packages fund both official Codex CLI ChatGPT-5.5 sessions and Claude Code Opus 4.7 sessions through the same customer wallet and API username.
- Refreshed customer email templates so welcome, top-up, low-balance, checkout-fix, admin-created, Google welcome, and fair-use notices explain Codex CLI plus Claude Code / Opus 4.7 setup.
- Added automatic 7-day one-click dashboard sign-on links to touchpoint emails when the customer account is known, pointing customers to `https://codexapi.pro/dashboard.html` for all setup details.
- Updated dashboard, top-up, referral, Telegram, homepage, and changelog package displays to include the new higher-credit packs.

## v1.0.34 - 2026-05-24

- Routed Claude Code API traffic through the dedicated remote Claude Code agent on the private SSH tunnel, with per-customer isolated workspaces and main-server wallet billing preserved.
- Verified separate customer-token Claude Code requests end to end through the CodexAPI.pro `/v1/messages` gateway.
- Added admin-only GPT-5.5 Usage and Opus 4.7 Usage pages showing serving cost, client charges, gross margin, daily usage, top customers, and recent requests.
- Standardized admin serving-cost reporting at $5 per million input tokens and $30 per million output tokens across both model families.

## v1.0.33 - 2026-05-24

- Released the CodexAPI.pro Desktop Setup Client v1.0.5 for Windows.
- Added direct Windows download links for Codex Desktop and Claude Desktop inside the setup client.
- Added Linux-first operating system selection to the client dashboard, with Windows desktop setup and VS Code instructions clearly separated.
- Updated the CodexAPI.pro homepage, install page, dashboard, and ChatPlus homepage with the v1.0.5 desktop client download path.

## v1.0.32 - 2026-05-23

- Restricted the promotional $149 Unlimited Credit subscription to the official OpenAI Codex CLI with ChatGPT-5.5 only.
- Added active API blockers for Opus 4.7, Claude Code, and codexclaude traffic on Unlimited subscriptions with a clear customer-facing reason.
- Updated purchase, checkout, dashboard, and documentation copy so customers see the Unlimited scope before and during purchase.
- Released `codexclaude` v2.0.2 with backend-identifying request headers so plan restrictions can be enforced server-side.

## v1.0.31 - 2026-05-23

- Fixed the `codexclaude` Opus 4.7 path so Codex Responses requests now route through a working Claude tool-call provider instead of timing out on coding/tool prompts.
- Verified the `codexclaude model` selector only exposes `ChatGPT-5.5` and `Opus 4.7`, writes the selected model to `~/.codex/config.toml`, and honors that selection before Codex starts.
- Released `codexclaude` v2.0.1 with terminal-visible changelog support and a forced-update metadata response.
- Tightened synthetic Responses streaming events for compatible model routes so Codex receives output items before text deltas.

## v1.0.30 - 2026-05-23

- Updated the current Codex compatibility target to official Codex CLI `0.133.0` while keeping public install commands on the official npm channel.
- Released `codexclaude` v2.0.0 as a forced launcher update, backed by official `@openai/codex` `0.133.0` and preserving CodexAPI.pro login, model selection, Full Access, high reasoning, fast mode, and wallet-linked provider config.
- Added a `codexclaude` wallet/status preflight line so users see their selected model, high/fast runtime profile, current project path, and Token Wallet balance before Codex starts.

## v1.0.29 - 2026-05-22

- Fixed `codexclaude login` returning `Internal Server Error` by returning the Claude Code setup payload correctly from the customer login endpoint.
- Released `codexclaude` v1.0.1 as a forced launcher update so outdated clients receive an Update Now message before normal coding resumes.
- Added a codexclaude version metadata endpoint and update gate. The update replaces only the launcher/config writer and does not delete local Codex session history.

## v1.0.28 - 2026-05-21

- Added the first CodexAPI.pro-owned coding CLI release, `codexclaude` v1.0.0, so customers can log in with dashboard credentials, choose ChatGPT-5.5 or Opus 4.7, and launch a full-access Codex workflow from one command.
- Added richer customer usage analytics with wallet-spend charts split between Codex CLI and Claude Code, daily spend, token mix, request counts, and recent billed completions.
- Made dashboard login return both Codex CLI and Claude Code setup payloads immediately so new sessions can switch model families without a refresh.

## v1.0.27 - 2026-05-19

- Added a dedicated `/gumroad` buyer activation page with Google and manual signup options.
- Added Gumroad.com customer marking and automatic one-time `$200` Token Wallet credit for Gumroad-created accounts.
- Hardened public signup creation so repeat accounts from the same IP address or device fingerprint are blocked before wallet credit is issued.

## v1.0.26 - 2026-05-19

- Updated the hosted CodexAPI.pro compatibility target and customer setup payloads to Codex CLI `0.131.0`.
- Updated the host machine's official OpenAI Codex CLI runtime target to `@openai/codex@0.131.0`.
- Bumped the in-house Codex package metadata to `0.131.0` so internal packaging tracks the current upstream Codex release.

## v1.0.25 - 2026-05-09

- Added an admin-only GPT-5.5 provider selector for the public Codex Responses gateway so new starts/resumes can use the selected GPT-5.5 route.
- Added a compatible secondary GPT-5.5 execution route while keeping all client-facing setup and model labels under CodexAPI.pro GPT-5.5.
- Added an admin model usage chart with provider/model request totals, token totals, and wallet deductions.
- Updated token wallet billing display to $5 per million input tokens and $25 per million output tokens for both providers.

## v1.0.24 - 2026-05-08

- Updated the CodexAPI.pro public Codex compatibility target to Codex CLI `0.129.0` and verified the host is already running `@openai/codex` `0.129.0` with current npm.
- Enabled Codex app-server `experimentalApi` negotiation so `permissions` profile payloads used by the new `/permissions` Full Access client toggle are accepted.
- Added `/api/v1/permissions` and `/api/v1/skills`, exposed root Codex skill availability in agent defaults, and made `CODEX_HOME=/root/.codex` explicit for the service.
- Added Windows PowerShell-specific public Codex setup/start/resume/smoke-test command support for API users.

## v1.0.23 - 2026-05-04

- Rebuilt the CodexAPI.pro homepage around instant Codex CLI API access, current wallet packs, the promotional $149 Unlimited Credit plan, Stripe top-ups, and resumable public Codex setup.
- Added fresh SEO metadata, structured data, sitemap, robots file, and a new 1200x630 Open Graph image for Google, WhatsApp, Facebook, and other social previews.
- Configured SMTP delivery for CodexAPI.pro and polished signup, wallet top-up, low-balance, and Unlimited fair-use email templates.

## v1.0.22 - 2026-05-04

- Repriced PAYG and top-up packs to the new wallet-credit values, including the private exit-intent $50 to $585 offer.
- Added a vivid top-of-dashboard top-up panel, subscription card, and exit-intent offer modal for signed-in customers.
- Added the promotional $149 Unlimited Credit subscription flow with private fair-use enforcement and admin-adjustable 5-hour and 3-day limits.

## v1.0.21 - 2026-05-03

- Hardened Stripe wallet top-ups so paid Checkout sessions are reloaded from Stripe, fulfilled idempotently, and credited as soon as the webhook or return confirmation succeeds.
- Preserved existing wallet API tokens during Stripe top-ups, low-balance SSO, and normal admin simulation so G2G buyers do not need to reconfigure Codex after adding credit.
- Added direct client simulation controls to the admin Access & Tokens page.

## v1.0.20 - 2026-05-03

- Repaired legacy G2G wallet-token state so each buyer account has exactly one active buyer API token.
- Hid expired/admin-impersonation tokens from buyer token summaries to avoid confusing G2G delivery credentials.
- Hardened dashboard login token reuse so existing active wallet tokens are preferred over creating extra buyer tokens.
- Kept the G2G creation success message visible after dashboard refresh so admins can see that the order was created.

## v1.0.19 - 2026-05-03

- Fixed G2G order creation so the admin page gives visible progress and creates a usable account from a single wallet-credit amount.
- Stopped customer dashboard logins from issuing a new wallet API token every time; existing active wallet tokens are now reused.
- Expanded the G2G delivery and token display areas so admins can read and copy the generated setup text without cramped fields.

## v1.0.18 - 2026-05-03

- Added a once-per-version release notes modal for admin and customer dashboard sessions.
- Preserved direct admin section links after login and made Access & Tokens load independently of the full dashboard refresh.
- Added wallet balances to the Access & Tokens API key list so admins can see remaining credit beside each token.

## v1.0.17 - 2026-05-02

- Corrected public Codex token billing so cumulative reported input context is stored separately and only newly added input tokens are charged.
- Added token usage idempotency by response ID to prevent duplicate wallet deductions for the same completion.
- Added billing regression coverage for the advertised `$2/M` input and `$15/M` output rates plus cumulative input delta handling.

## v1.0.16 - 2026-05-01

- Rebuilt G2G Codex delivery commands around one-time config-file setup blocks instead of long inline `-c` command strings.
- Added separate Linux/macOS/WSL and Windows PowerShell G2G setup, start, resume, and smoke-test commands.
- Updated the G2G admin command cards with exact-copy buttons and non-wrapping command rendering so marketplace delivery text stays executable.

## v1.0.15 - 2026-05-01

- Added plaintext token persistence for newly created managed API keys so admins can retrieve customer and G2G tokens after creation.
- Updated the admin Access & Tokens and Customers & Wallets tables to show full stored tokens with copy controls instead of only prefixes.
- Labeled legacy hash-only token rows clearly because older plaintext tokens cannot be reconstructed from their hashes.

## v1.0.14 - 2026-05-01

- Fixed the G2G Orders admin layout so the create form and delivery preview use the intended 5/7 grid split instead of collapsed single-column cards.
- Added scrollable delivery and command previews so generated G2G instructions remain readable after token-filled commands are created.
- Added a public favicon response and cleaned login autocomplete metadata to keep live browser verification free of avoidable console errors.

## v1.0.13 - 2026-05-01

- Added a dedicated admin G2G Orders workspace for one-click marketplace account delivery.
- Stored G2G usernames and account notes on API users for future admin reference.
- Rebuilt G2G delivery output with dashboard credentials, wallet details, and token-filled public Codex CLI commands split by state.

## v1.0.12 - 2026-05-01

- Updated the official public OpenAI Codex install command to `npm install -g @openai/codex@latest` across generated API payloads, docs, and customer-facing pages.
- Updated the CodexAPI.pro public Codex compatibility target to Codex CLI `0.128.0`.
- Reviewed the Codex `0.128.0` app-server protocol changes and documented the relevant additions: `permissions` profile selection, `thread/goal/*`, `hooks/list`, `modelProvider/capabilities/read`, and the continued stdio-first production transport.

## v1.0.11 - 2026-04-30

- Auto-issued wallet-linked API tokens when admins create API users.
- Added one-click G2G marketplace account generation with paste-ready public Codex CLI delivery instructions.
- Returned token-specific official public Codex setup, start, override, smoke-test, and resume commands with admin-created accounts.

## v1.0.10 - 2026-04-30

- Pinned customer-facing official OpenAI Codex CLI guidance for the then-current public Codex release.
- Added a one-time $10 CodexAPI.pro share-credit offer for signed-in customer wallets.
- Added live dashboard wallet refresh polling and share-credit status removal after claim.
- Updated public SEO and Open Graph metadata for the CodexAPI.pro Codex API service.

## v1.0.9 - 2026-04-29

- Changed Codex token billing to micro-USD accounting at $2 per million input tokens and $15 per million output tokens.
- Added token usage transactions with input tokens, output tokens, charged USD, and balance-after values.
- Added a customer dashboard token usage list and daily usage graph.
- Moved app-server token debits to turn completion so the wallet is charged after each completed prompt.

## v1.0.8 - 2026-04-29

- Integrated Modbot WhatsApp notifications for signup and wallet-balance thresholds.
- Added required country and WhatsApp/mobile collection during first-time signup.
- Added signed dashboard SSO links for notification-driven Stripe recharges.
- Added matching formatted email notifications for WhatsApp notices.

## v1.0.7 - 2026-04-29

- Fixed public Codex token-usage billing so completed streams drain available wallet credit instead of silently skipping deduction when usage exceeds the remaining balance.
- Added a preflight wallet check for `/v1/responses` so wallet-linked public Codex calls are blocked once a customer balance reaches zero.

## v1.0.6 - 2026-04-29

- Updated the public Codex startup commands shown on the client dashboard and install page.
- Added logged-in OpenAI Codex override commands to the client dashboard so CodexAPI.pro API settings win for that run.
- Hid register/login fields for signed-in dashboard users and added a visible logout button.

## v1.0.5 - 2026-04-29

- Corrected the official OpenAI `@openai/codex` CLI setup guide for CodexAPI.pro provider usage.
- Added generated command variants that isolate CodexAPI.pro with `CODEX_HOME="$HOME/.codexapi-codex"` so existing OpenAI/ChatGPT Codex logins are overridden for that run.
- Updated non-interactive examples to use `codex --search exec ...`, because the current official CLI rejects `codex exec --search ...`.

## v1.0.4 - 2026-04-29

- Added admin-created manual API tokens for the official OpenAI `@openai/codex` CLI provider flow.
- Returned token-specific official Codex CLI install/start/smoke-test configuration when an admin creates a token.
- Documented the manual-token workflow in `/api-docs` and the public Codex CLI guide.

## v1.0.3 - 2026-04-25

- Added admin-managed API users with username/password credentials and wallet balances stored in cents.
- Added a configurable per-call USD price for wallet-linked managed API keys.
- Added wallet charging for standard API calls made with user-linked managed API keys while leaving static tokens and unlinked keys unchanged.
- Added admin dashboard controls for billing settings, API users, wallet balances, and assigning managed API tokens to billing users.

## v1.0.2 - 2026-04-16

- Added PostgreSQL-backed managed API keys that admins can create and revoke from the hosted admin dashboard.
- Extended bearer authentication so managed `api` and `admin` keys work alongside the existing static environment tokens.
- Expanded `/api-docs` into a verbose operator-facing guide with auth rules, defaults, project lifecycle notes, approval flow details, version display, and embedded agent reference material.
- Displayed the running version and changelog directly on the admin dashboard and docs page.

## v1.0.1 - 2026-04-16

- Added the stable `/api/v1` project-scoped browser-agent surface for managed projects, turns, files, events, approvals, and resume behavior.
- Added project-scoped approval and interrupt endpoints for browser coding clients.
- Normalized managed sandbox policy values to the upstream Codex app-server wire enum format.

## v1.0.0 - 2026-04-16

- Published the HTTPS API and admin dashboard on `codexapi.pro`.
- Integrated PostgreSQL-backed admin login.
- Added public docs, release sync, security hardening, and the managed Codex app-server lifecycle API.

Every Available API Call

This catalogue is generated from the live FastAPI route table. public calls need no bearer token, api calls accept the Codex API username or a managed API key, and admin calls require an admin bearer key or admin session.

Method	Path	Access	Tags	Summary
`GET`	`/`	public	system	API root
`GET`	`/admin`	public	-	admin_root
`GET`	`/admin/api/api-keys`	public	-	admin_api_keys
`POST`	`/admin/api/api-keys`	public	-	admin_create_api_key
`POST`	`/admin/api/api-keys/{key_id}/revoke`	public	-	admin_revoke_api_key
`POST`	`/admin/api/auth/device/start`	public	-	admin_device_start
`POST`	`/admin/api/auth/logout`	public	-	admin_codex_logout
`GET`	`/admin/api/billing`	public	-	admin_billing
`POST`	`/admin/api/billing/fup-settings`	public	-	admin_update_subscription_fup_settings
`POST`	`/admin/api/billing/settings`	public	-	admin_update_billing_settings
`GET`	`/admin/api/billing/unlimited-promo`	public	-	admin_unlimited_promo_settings
`POST`	`/admin/api/billing/unlimited-promo`	public	-	admin_update_unlimited_promo_settings
`GET`	`/admin/api/dashboard`	public	-	admin_dashboard_data
`POST`	`/admin/api/email/surge-pricing`	public	-	admin_send_surge_pricing_email
`GET`	`/admin/api/email/templates`	public	-	admin_email_templates
`POST`	`/admin/api/email/templates/test`	public	-	admin_email_template_test
`POST`	`/admin/api/email/unlimited-promo`	public	-	admin_send_unlimited_promo_email
`GET`	`/admin/api/me`	public	-	admin_me
`POST`	`/admin/api/messages`	public	-	admin_create_message
`GET`	`/admin/api/messages`	public	-	admin_messages
`GET`	`/admin/api/model-provider`	public	-	admin_model_provider
`POST`	`/admin/api/model-provider`	public	-	admin_set_model_provider
`GET`	`/admin/api/model-usage`	public	-	admin_model_usage
`GET`	`/admin/api/models`	public	-	admin_models
`GET`	`/admin/api/pending-signups`	public	-	admin_pending_signups
`POST`	`/admin/api/pending-signups/{application_id}/approve`	public	-	admin_approve_pending_signup
`POST`	`/admin/api/pending-signups/{application_id}/reject`	public	-	admin_reject_pending_signup
`GET`	`/admin/api/referrals/pending`	public	-	admin_pending_referrals
`POST`	`/admin/api/referrals/{commission_id}/review`	public	-	admin_review_referral
`GET`	`/admin/api/registrations`	public	-	admin_registration_events
`POST`	`/admin/api/releases/sync`	public	-	admin_release_sync
`POST`	`/admin/api/rpc`	public	-	admin_rpc
`GET`	`/admin/api/server-requests`	public	-	admin_server_requests
`GET`	`/admin/api/serving-usage`	public	-	admin_serving_usage
`GET`	`/admin/api/smtp/settings`	public	-	admin_smtp_settings
`POST`	`/admin/api/smtp/settings`	public	-	admin_update_smtp_settings
`POST`	`/admin/api/smtp/test`	public	-	admin_test_smtp_settings
`POST`	`/admin/api/system/start`	public	-	admin_system_start
`POST`	`/admin/api/system/stop`	public	-	admin_system_stop
`GET`	`/admin/api/threads`	public	-	admin_threads
`POST`	`/admin/api/token-rates`	public	-	admin_set_token_rates
`GET`	`/admin/api/token-rates`	public	-	admin_token_rates
`GET`	`/admin/api/users`	public	-	admin_api_users
`POST`	`/admin/api/users`	public	-	admin_create_api_user
`POST`	`/admin/api/users/g2g`	public	-	admin_create_g2g_api_user
`DELETE`	`/admin/api/users/{user_id}`	public	-	admin_delete_api_user
`POST`	`/admin/api/users/{user_id}/active`	public	-	admin_set_api_user_active
`POST`	`/admin/api/users/{user_id}/edge-region`	public	-	admin_set_user_edge_region
`POST`	`/admin/api/users/{user_id}/impersonate`	public	-	admin_impersonate_api_user
`POST`	`/admin/api/users/{user_id}/password`	public	-	admin_set_api_user_password
`POST`	`/admin/api/users/{user_id}/wallet`	public	-	admin_update_api_user_wallet
`POST`	`/admin/api/users/{user_id}/wallet/credit`	public	-	admin_adjust_api_user_wallet_credit
`GET`	`/admin/api/users/{user_id}/wallet/transactions`	public	-	admin_api_user_wallet_credit_transactions
`POST`	`/admin/auth/login`	public	-	admin_login
`POST`	`/admin/logout`	public	-	admin_logout
`GET`	`/api-docs`	public	-	api_docs
`POST`	`/api/auth/device/start`	admin	auth	Start ChatGPT device-code login
`POST`	`/api/auth/logout`	admin	auth	Log out the managed Codex account
`GET`	`/api/auth/status`	admin	auth	Read current Codex auth/account state
`GET`	`/api/codex/events`	admin	rpc	Stream Codex notifications over SSE
`POST`	`/api/codex/notify`	admin	rpc	Send a Codex app-server notification
`POST`	`/api/codex/rpc`	admin	rpc	Call a Codex app-server JSON-RPC method
`GET`	`/api/core/releases/current`	api	releases	Read the current synced stable Codex release
`POST`	`/api/core/releases/sync`	admin	releases	Sync the latest stable upstream Codex release
`GET`	`/api/models`	api	rpc	List visible Codex models
`POST`	`/api/projects/open`	api	threads	Open a project by cwd, resuming the latest matching thread when present
`GET`	`/api/server-requests`	admin	rpc	List pending server-initiated approval requests
`POST`	`/api/server-requests/{request_id}/resolve`	admin	rpc	Resolve a pending server-initiated request
`POST`	`/api/system/start`	admin	system	Start managed Codex app-server
`GET`	`/api/system/status`	admin	system	Get API runtime status
`POST`	`/api/system/stop`	admin	system	Stop managed Codex app-server
`GET`	`/api/threads`	api	threads	List Codex threads
`POST`	`/api/threads`	api	threads	Start a new thread
`GET`	`/api/threads/{thread_id}`	api	threads	Read a thread by id
`POST`	`/api/threads/{thread_id}/resume`	api	threads	Resume an existing thread
`POST`	`/api/turns`	api	turns	Start a new turn on a thread
`POST`	`/api/turns/{turn_id}/interrupt`	api	turns	Interrupt an active turn
`GET`	`/api/v1/agent/status`	api	agent	Read the managed Codex account state and default coding-agent configuration
`GET`	`/api/v1/auth/google/callback`	public	auth	Complete Google sign-up or sign-in for a CodexAPI.pro wallet account
`GET`	`/api/v1/auth/google/start`	public	auth	Start Google sign-up or sign-in for a CodexAPI.pro wallet account
`POST`	`/api/v1/auth/login`	public	auth	Authenticate a CodexAPI.pro CLI user and issue a wallet-linked API key
`GET`	`/api/v1/auth/sso`	public	auth	Open the customer dashboard from a signed notification link
`POST`	`/api/v1/auth/web-login`	public	auth	Authenticate a CodexAPI.pro dashboard user after Cloudflare Turnstile verification
`GET`	`/api/v1/billing/token-usage`	api	billing	Read token usage transactions and daily spend for the current wallet
`POST`	`/api/v1/cash-wallet/stripe/checkout`	api	billing	Create a Stripe Checkout Session to load real-money Cash Wallet balance
`POST`	`/api/v1/cash-wallet/stripe/confirm`	api	billing	Confirm a paid Stripe Checkout Session and reconcile Cash Wallet balance
`POST`	`/api/v1/cash-wallet/token-purchase`	api	billing	Use Cash Wallet balance to buy a Token Wallet top-up package
`GET`	`/api/v1/cli/public-claude-code`	public	system	Read stock public Claude Code CLI connection settings for CodexAPI.pro
`GET`	`/api/v1/cli/public-codex`	public	system	Read stock public Codex CLI connection settings for CodexAPI.pro
`GET`	`/api/v1/cli/version`	public	system	Read the current CodexAPI.pro Codex CLI release metadata
`GET`	`/api/v1/codexclaude/version`	public	system	Read the required CodexAPI.pro codexclaude launcher version
`POST`	`/api/v1/customer/register`	public	auth	Create a CodexAPI.pro customer account and issue a wallet-linked API key
`GET`	`/api/v1/desktop/bootstrap`	api	desktop	Verify a CodexAPI.pro token and return Windows desktop setup payloads
`POST`	`/api/v1/desktop/bug-report`	api	desktop	Send a customer desktop bug report to CodexAPI.pro support
`GET`	`/api/v1/desktop/coding-session`	api	desktop	Load the saved CodexAPI.pro Desktop coding conversation history
`PUT`	`/api/v1/desktop/coding-session`	api	desktop	Persist CodexAPI.pro Desktop coding conversation history
`POST`	`/api/v1/gumroad/register`	public	auth	Create a Gumroad.com buyer account and load $200 Token Wallet credit
`GET`	`/api/v1/me`	api	auth	Read the current CodexAPI.pro customer wallet and CLI configuration
`POST`	`/api/v1/me/email`	api	auth	Save the required customer email address for the current CodexAPI.pro wallet
`POST`	`/api/v1/me/password`	api	auth	Change the current CodexAPI.pro dashboard password
`POST`	`/api/v1/me/sso-link`	api	auth	Create a short-lived one-click dashboard sign-on link for the current customer
`GET`	`/api/v1/messages`	api	auth	List the current customer's inbox messages
`POST`	`/api/v1/messages/{message_id}/read`	api	auth	Mark a customer inbox message read
`GET`	`/api/v1/permissions`	api	agent	Read Codex permission profile presets for API clients
`GET`	`/api/v1/plans`	public	billing	List CodexAPI.pro wallet credit plans
`POST`	`/api/v1/projects`	api	projects	Create a managed project workspace for a web coding session
`GET`	`/api/v1/projects`	api	projects	List managed isolated project workspaces
`GET`	`/api/v1/projects/{project_id}`	api	projects	Read managed project metadata and its latest Codex thread summary
`GET`	`/api/v1/projects/{project_id}/approvals`	api	agent	List pending approval requests for the latest managed project thread
`POST`	`/api/v1/projects/{project_id}/approvals/{request_id}/resolve`	api	agent	Resolve a pending project-scoped approval request
`GET`	`/api/v1/projects/{project_id}/events`	api	agent	Stream project-scoped Codex notifications over SSE
`GET`	`/api/v1/projects/{project_id}/files/content`	api	projects	Read a file from a managed project workspace
`PUT`	`/api/v1/projects/{project_id}/files/content`	api	projects	Write a file inside a managed project workspace
`GET`	`/api/v1/projects/{project_id}/files/tree`	api	projects	List files inside a managed project workspace
`POST`	`/api/v1/projects/{project_id}/open`	api	agent	Open or resume a managed project and optionally start an initial turn
`GET`	`/api/v1/projects/{project_id}/state`	api	agent	Read project metadata, latest thread state, and pending project-scoped approvals
`GET`	`/api/v1/projects/{project_id}/thread`	api	agent	Read the latest Codex thread for a managed project
`POST`	`/api/v1/projects/{project_id}/turns`	api	agent	Start a project-scoped Codex turn using the web-coding defaults
`POST`	`/api/v1/projects/{project_id}/turns/{turn_id}/interrupt`	api	agent	Interrupt an active turn for a managed project
`POST`	`/api/v1/reddit/conversion`	public	analytics	Send a server-side Reddit Conversions API website event
`GET`	`/api/v1/referral`	api	billing	Read the current CodexAPI.pro VIP Referral Club and Cash Wallet status
`GET`	`/api/v1/share-credit`	api	billing	Read the one-time CodexAPI.pro share-credit offer for the current wallet
`POST`	`/api/v1/share-credit/claim`	api	billing	Claim the one-time CodexAPI.pro share credit after sharing the public site
`GET`	`/api/v1/skills`	api	agent	List Codex skills available to API-backed Codex sessions
`POST`	`/api/v1/stripe/webhook`	public	billing	Receive Stripe wallet payment events
`GET`	`/api/v1/telegram/google/callback`	public	auth	Complete Telegram Google account linking
`GET`	`/api/v1/telegram/google/start`	public	auth	Start Google sign-in for linking an existing CodexAPI.pro account to Telegram
`POST`	`/api/v1/telegram/webhook`	public	auth	Receive Telegram Bot API webhook updates for dashboard actions
`GET`	`/api/v1/toolbox`	api	auth	Read the current customer Toolbox settings
`POST`	`/api/v1/toolbox`	api	auth	Update the current customer Toolbox settings
`POST`	`/api/v1/wallet/auto-topup`	api	billing	Configure automatic wallet top-up for the current CodexAPI.pro user
`GET`	`/api/v1/wallet/status`	public	billing	Read a lightweight wallet balance snapshot for CLI launchers
`POST`	`/api/v1/wallet/stripe/checkout`	api	billing	Create a Stripe Checkout Session for a CodexAPI.pro wallet credit pack
`POST`	`/api/v1/wallet/stripe/confirm`	api	billing	Confirm a paid Stripe Checkout Session and reconcile wallet credit
`POST`	`/api/v1/wallet/top-up`	api	billing	Load credit onto the current CodexAPI.pro wallet after a plan payment
`GET`	`/favicon.ico`	public	-	favicon
`GET`	`/health`	public	system	Health check
`GET`	`/openapi.json`	api	-	openapi
`POST`	`/v1/messages`	api	anthropic-compatible	Proxy Claude Code CLI Messages API traffic through CodexAPI.pro wallet billing
`POST`	`/v1/messages/{subpath:path}`	api	anthropic-compatible	Proxy Claude Code CLI auxiliary Messages API traffic
`GET`	`/v1/models`	api	openai-compatible	List CodexAPI.pro models for stock public Codex CLI
`POST`	`/v1/responses`	api	openai-compatible	Proxy stock public Codex CLI Responses API traffic through CodexAPI.pro wallet billing

Agent Reference

# Agent API v1

This document describes the stable `/api/v1` layer for a browser-based coding agent that uses the managed local Codex CLI runtime behind this service.

## Goal

The `/api/v1` layer is designed for an external web application or agentic LLM orchestration layer that needs to:

- create isolated coding projects
- resume a returning user's project history
- run Codex turns against a stable workspace
- stream live Codex events
- inspect the project file tree and file contents

It is an adapter over the existing `codex app-server` thread and turn model, not a replacement for it.

## Authentication

The hosted API accepts bearer tokens in two ways:

- static environment tokens configured on the server
- managed PostgreSQL-backed API keys created from the admin dashboard at `/admin`

Use standard API keys for the browser-agent surface. Use admin keys only when you need the privileged raw RPC, auth, or system-control endpoints.

## Defaults

Managed project runs default to:

- model: `gpt-5.5`
- effort: `medium`
- approval policy: `untrusted`
- sandbox mode on the API wire: `workspace-write`
- live web search: enabled globally by the managed Codex app-server process
- root machine skills: exposed through Codex `skills/list` and `GET /api/v1/skills`

These defaults can be overridden per request.

## Lifecycle

1. Read runtime status:

```http
GET /api/v1/agent/status
Authorization: Bearer <api-token>
```

Optional checks for the current permission and skill surfaces:

```http
GET /api/v1/permissions
Authorization: Bearer <api-token>
```

```http
GET /api/v1/skills
Authorization: Bearer <api-token>
```

2. Create a project:

```http
POST /api/v1/projects
Authorization: Bearer <api-token>
Content-Type: application/json

{
  "name": "Landing Page Builder",
  "ownerId": "user_123",
  "template": "react"
}
```

3. Open or resume the project:

```http
POST /api/v1/projects/{project_id}/open
Authorization: Bearer <api-token>
Content-Type: application/json

{}
```

4. Subscribe to live events:

```http
GET /api/v1/projects/{project_id}/events?threadId=<thread_id>
Authorization: Bearer <api-token>
Accept: text/event-stream
```

5. Start a coding turn:

```http
POST /api/v1/projects/{project_id}/turns
Authorization: Bearer <api-token>
Content-Type: application/json

{
  "prompt": "Build a polished SaaS landing page with pricing, testimonials, FAQ, and a contact form."
}
```

The `open` and `turns` responses include convenient top-level `threadId` and `turnId` fields in addition to the raw upstream payloads.

6. Rehydrate project state when the user returns:

```http
GET /api/v1/projects/{project_id}/state?includeTurns=true
Authorization: Bearer <api-token>
```

7. Surface and resolve approvals when Codex asks:

```http
GET /api/v1/projects/{project_id}/approvals
Authorization: Bearer <api-token>
```

```http
POST /api/v1/projects/{project_id}/approvals/{request_id}/resolve
Authorization: Bearer <api-token>
Content-Type: application/json

{}
```

## Resume Semantics

Managed project history is keyed by the managed workspace path for that project.

- each `project_id` maps to one stable `cwd`
- Codex session history remains attached to that `cwd`
- reopening the same project resumes the latest thread for that workspace

This means the browser agent does not need to track Codex session ids itself in the common case. It can treat `project_id` as the durable resume key.

## File Access

The file endpoints are intended for UI rendering and synchronization:

- `GET /api/v1/projects/{project_id}/files/tree`
- `GET /api/v1/projects/{project_id}/files/content?path=...`
- `PUT /api/v1/projects/{project_id}/files/content`

The tree endpoint is useful for explorer panels. The file-content endpoints are useful for editors, preview pipelines, and project snapshots.

## Approvals

Codex approvals remain part of the underlying app-server model.

- `approvalPolicy=untrusted` is the default for managed web-agent runs
- approval-bearing events continue to flow through the Codex notification stream
- project-scoped approval polling is available at `GET /api/v1/projects/{project_id}/approvals`
- project-scoped approval resolution is available at `POST /api/v1/projects/{project_id}/approvals/{request_id}/resolve`
- an empty JSON object is sufficient for a basic approval grant on the current file-change approval flow

## Full Access And Permissions

Codex CLI `0.134.0` accepts permission profile payloads only after the client
declares the `experimentalApi` capability during `initialize`. The adapter now
does this automatically.

Clients whose Full Access toggle lives under `/permissions` can read the exact
payload from:

```http
GET /api/v1/permissions
Authorization: Bearer <api-token>
```

For compatibility, managed project `open` and `turns` endpoints accept either
`permissions` or `permissionProfile`. Legacy clients can still use
`sandboxPolicy`.

## API Shape

The main endpoints a browser coding agent should bind to are:

- `GET /api/v1/agent/status`
- `GET /api/v1/permissions`
- `GET /api/v1/skills`
- `GET /api/v1/projects`
- `POST /api/v1/projects`
- `GET /api/v1/projects/{project_id}`
- `GET /api/v1/projects/{project_id}/state`
- `GET /api/v1/projects/{project_id}/thread`
- `POST /api/v1/projects/{project_id}/open`
- `POST /api/v1/projects/{project_id}/turns`
- `POST /api/v1/projects/{project_id}/turns/{turn_id}/interrupt`
- `GET /api/v1/projects/{project_id}/approvals`
- `POST /api/v1/projects/{project_id}/approvals/{request_id}/resolve`
- `GET /api/v1/projects/{project_id}/events`
- `GET /api/v1/projects/{project_id}/files/tree`
- `GET /api/v1/projects/{project_id}/files/content`
- `PUT /api/v1/projects/{project_id}/files/content`

If your frontend wants a richer approval UX, subscribe to the event stream and surface server requests explicitly.

API Documentation