Skip to main content
Codex is OpenAI’s coding agent for terminal, IDE extension, and CLI. It uses a shared config (user-level ~/.codex/config.toml and optional project-level .codex/config.toml) for default model, approval policies, sandbox settings, and provider details. Add Portkey to get:
  • 1600+ LLMs through one interface — switch providers by updating model in config
  • Observability — track costs, tokens, and latency for every request
  • Reliability — automatic fallbacks, retries, and caching
  • Governance — budget limits, usage tracking, and team access controls
Configure Codex with Portkey in a few minutes.
For enterprise deployments across teams, see Enterprise Governance.

1. Setup

1

Add Provider

Go to Model CatalogAdd Provider.
2

Configure Credentials

Select provider (OpenAI, Anthropic, etc.), enter API key, and create a slug like openai-prod.
3

Get Portkey API Key

Go to API Keys and generate your Portkey API key.

2. Configure Portkey in Codex

Codex loads config from ~/.codex/config.toml (overridable with .codex/config.toml in a repo; see Config basics for precedence). Add Portkey as the provider by setting model_provider and defining [model_providers.portkey] with base_url and env_key (see Config reference): 
model_provider = "portkey"
model = "@openai-prod/gpt-4o"

[model_providers.portkey]
name = "Portkey"
base_url = "https://api.portkey.ai/v1"
env_key = "PORTKEY_API_KEY"
# wire_api = "chat"   # optional: "chat" (default) or "responses"

Multiple model providers

Define multiple entries under model_providers to switch between environments or backends by changing model_provider: 
model_provider = "portkey-prod"
model = "@openai-prod/gpt-4o"

[model_providers.portkey-prod]
name = "Portkey (prod)"
base_url = "https://api.portkey.ai/v1"
env_key = "PORTKEY_API_KEY"

[model_providers.portkey-dev]
name = "Portkey (dev)"
base_url = "https://api.portkey.ai/v1"
env_key = "PORTKEY_API_KEY_DEV"
Use .codex/config.toml in a repository to override model_provider and model for that project while keeping the shared ~/.codex/config.toml as the default. Set PORTKEY_API_KEY in the environment: 
export PORTKEY_API_KEY="<portkey-api-key>"
Add to ~/.zshrc or ~/.bashrc for persistence.
Test the integration: 
codex "explain this repository to me"
Monitor usage in the Portkey Dashboard.

3. Using Codex with 1600+ Models

Codex uses the model value in config.toml to decide which model to call. With Portkey, set model to a Model Catalog slug in the form @<provider-slug>/<model-name>. Change providers or models by updating model in the config. Example: 
model = "@openai-prod/gpt-4o"

Using Responses API

Codex supports OpenAI’s Responses API natively. Configure config.toml with keys from the Codex config reference. Provider protocol (wire_api)
Under [model_providers.portkey], set wire_api to choose which API protocol Codex uses when talking to the provider:
ValueDescription
"chat"Chat Completions API (default if omitted). Use for standard chat/completion models.
"responses"Responses API. Use for models that support structured reasoning and tool use via the Responses API.
Example with protocol and optional retry/timeout tuning: 
[model_providers.portkey]
name = "Portkey"
base_url = "https://api.portkey.ai/v1"
env_key = "PORTKEY_API_KEY"
wire_api = "responses"
# request_max_retries = 4
# stream_idle_timeout_ms = 300000

Adding Model Capabilities

Reasoning, output, and tools (top-level)
These top-level keys apply to the current session model and control reasoning, output, and tool behavior:
KeyValuesDescription
model_reasoning_effortminimal, low, medium, high, xhighHow much reasoning effort the model uses (Responses API). Higher values can improve quality; xhigh is model-dependent.
model_reasoning_summaryauto, concise, detailed, noneHow much reasoning summary to include or whether to disable summaries.
personalitynone, friendly, pragmaticDefault communication style for models that support it. Overridable per thread or via /personality in-session.
temperature02 (for example 0.1)Sampling temperature. Lower values make outputs more deterministic; 0.1 is a good default for coding and tooling.
max_output_tokensInteger (for example 8192)Maximum number of tokens in the response. Prevents run-away output; upper bound is model-dependent.
parallel_tool_callstrue / falseAllow the model to call multiple tools in parallel when tools are configured.
tool_choice"auto", "required", "none"Control whether the model decides when to call tools ("auto"), must call tools, or never uses tools.
Example: 
model_provider = "portkey"
model = "@openai-prod/gpt-4o"

model_reasoning_effort = "high"
model_reasoning_summary = "concise"
personality = "pragmatic"
temperature = 0.1
max_output_tokens = 8192
parallel_tool_calls = true
tool_choice = "auto"

[model_providers.portkey]
name = "Portkey"
base_url = "https://api.portkey.ai/v1"
env_key = "PORTKEY_API_KEY"
wire_api = "chat"
Fallbacks, load balancing, or caching? Create a Portkey Config, attach it to your API key, and set model to the config’s virtual model. See Enterprise Governance for examples.

3. Set Up Enterprise Governance

Why Enterprise Governance?
  • Cost Management: Controlling and tracking AI spending across teams
  • Access Control: Managing team access and workspaces
  • Usage Analytics: Understanding how AI is being used across the organization
  • Security & Compliance: Maintaining enterprise security standards
  • Reliability: Ensuring consistent service across all users
  • Model Management: Managing what models are being used in your setup
Portkey adds a comprehensive governance layer to address these enterprise needs. Enterprise Implementation Guide

Step 1: Implement Budget Controls & Rate Limits

Model Catalog enables you to have granular control over LLM access at the team/department level. This helps you:
  • Set up budget limits
  • Prevent unexpected usage spikes using Rate limits
  • Track departmental spending

Setting Up Department-Specific Controls:

  1. Navigate to Model Catalog in Portkey dashboard
  2. Create new Provider for each engineering team with budget limits and rate limits
  3. Configure department-specific limits

Step 2: Define Model Access Rules

As your AI usage scales, controlling which teams can access specific models becomes crucial. You can simply manage AI models in your org by provisioning model at the top integration level.
Portkey allows you to control your routing logic very simply with it’s Configs feature. Portkey Configs provide this control layer with things like:
  • Data Protection: Implement guardrails for sensitive code and data
  • Reliability Controls: Add fallbacks, load-balance, retry and smart conditional routing logic
  • Caching: Implement Simple and Semantic Caching. and more…

Example Configuration:

Here’s a basic configuration to load-balance requests to OpenAI and Anthropic:
{
	"strategy": {
		"mode": "load-balance"
	},
	"targets": [
		{
			"override_params": {
				"model": "@YOUR_OPENAI_PROVIDER_SLUG/gpt-model"
			}
		},
		{
			"override_params": {
				"model": "@YOUR_ANTHROPIC_PROVIDER/claude-sonnet-model"
			}
		}
	]
}
Create your config on the Configs page in your Portkey dashboard. You’ll need the config ID for connecting.
Configs can be updated anytime to adjust controls without affecting running applications.

Step 3: Implement Access Controls

Create User-specific API keys that automatically:
  • Track usage per developer/team with the help of metadata
  • Apply appropriate configs to route requests
  • Collect relevant metadata to filter logs
  • Enforce access permissions
Create API keys through:Example using Python SDK:
from portkey_ai import Portkey

portkey = Portkey(api_key="YOUR_ADMIN_API_KEY")

api_key = portkey.api_keys.create(
    name="frontend-engineering",
    type="organisation",
    workspace_id="YOUR_WORKSPACE_ID",
    defaults={
        "config_id": "your-config-id",
        "metadata": {
            "environment": "development",
            "department": "engineering",
            "team": "frontend"
        }
    },
    scopes=["logs.view", "configs.read"]
)
For detailed key management instructions, see our API Keys documentation.

Step 4: Deploy & Monitor

After distributing API keys to your engineering teams, your enterprise-ready setup is ready to go. Each developer can now use their designated API keys with appropriate access levels and budget controls. Apply your governance setup using the integration steps from earlier sections Monitor usage in Portkey dashboard:
  • Cost tracking by engineering team
  • Model usage patterns for AI agent tasks
  • Request volumes
  • Error rates and debugging logs

Enterprise Features Now Available

You now have:
  • Departmental budget controls
  • Model access governance
  • Usage tracking & attribution
  • Security guardrails
  • Reliability features

Portkey Features

Now that you have an enterprise-grade setup, let’s explore the comprehensive features Portkey provides to ensure secure, efficient, and cost-effective AI operations.

1. Comprehensive Metrics

Using Portkey you can track 40+ key metrics including cost, token usage, response time, and performance across all your LLM providers in real time. You can also filter these metrics based on custom metadata that you can set in your configs. Learn more about metadata here.

2. Advanced Logs

Portkey’s logging dashboard provides detailed logs for every request made to your LLMs. These logs include:
  • Complete request and response tracking
  • Metadata tags for filtering
  • Cost attribution and much more…

3. Unified Access to 1600+ LLMs

You can easily switch between 1600+ LLMs. Call various LLMs such as Anthropic, Gemini, Mistral, Azure OpenAI, Google Vertex AI, AWS Bedrock, and many more by simply changing the virtual key in your default config object.

4. Advanced Metadata Tracking

Using Portkey, you can add custom metadata to your LLM requests for detailed tracking and analytics. Use metadata tags to filter logs, track usage, and attribute costs across departments and teams.

Custom Metata

5. Enterprise Access Management

Budget Controls

Set and manage spending limits across teams and departments. Control costs with granular budget limits and usage tracking.

Single Sign-On (SSO)

Enterprise-grade SSO integration with support for SAML 2.0, Okta, Azure AD, and custom providers for secure authentication.

Organization Management

Hierarchical organization structure with workspaces, teams, and role-based access control for enterprise-scale deployments.

Access Rules & Audit Logs

Comprehensive access control rules and detailed audit logging for security compliance and usage tracking.

6. Reliability Features

Fallbacks

Automatically switch to backup targets if the primary target fails.

Conditional Routing

Route requests to different targets based on specified conditions.

Load Balancing

Distribute requests across multiple targets based on defined weights.

Caching

Enable caching of responses to improve performance and reduce costs.

Smart Retries

Automatic retry handling with exponential backoff for failed requests

Budget Limits

Set and manage budget limits across teams and departments. Control costs with granular budget limits and usage tracking.

7. Advanced Guardrails

Protect your Project’s data and enhance reliability with real-time checks on LLM inputs and outputs. Leverage guardrails to:
  • Prevent sensitive data leaks
  • Enforce compliance with organizational policies
  • PII detection and masking
  • Content filtering
  • Custom security rules
  • Data compliance checks

Guardrails

Implement real-time protection for your LLM interactions with automatic detection and filtering of sensitive content, PII, and custom security rules. Enable comprehensive data protection while maintaining compliance with organizational policies.

FAQs

You can update your Virtual Key limits at any time from the Portkey dashboard:1. Go to Virtual Keys section2. Click on the Virtual Key you want to modify3. Update the budget or rate limits4. Save your changes
Yes! You can create multiple Virtual Keys (one for each provider) and attach them to a single config. This config can then be connected to your API key, allowing you to use multiple providers through a single API key.
Portkey provides several ways to track team costs:
  • Create separate Virtual Keys for each team
  • Use metadata tags in your configs
  • Set up team-specific API keys
  • Monitor usage in the analytics dashboard
When a team reaches their budget limit:
  1. Further requests will be blocked
  2. Team admins receive notifications
  3. Usage statistics remain available in dashboard
  4. Limits can be adjusted if needed

Next Steps

Join our Community
For enterprise support and custom features, contact our enterprise team.
Last modified on February 17, 2026