Skip to content

[Feature]: Improve Codex login flow (avoid mandatory device code auth for workspace users) #2767

Open
Open
[Feature]: Improve Codex login flow (avoid mandatory device code auth for workspace users)#2767
Labels
type: featureBrand new functionality, features, pages, workflows, endpoints, etc.
@TomoNx

Description

@TomoNx
TomoNx
opened on Apr 1, 2026

1. Why Do You NEED This Feature?

I cannot log in to Codex from ForgeCode because the current login flow requires device code authentication, which must be explicitly enabled by a workspace admin.

As a workspace (Business plan) user, I do not have permission to enable this setting. This creates a hard blocker: I am completely unable to use Codex through ForgeCode in my current environment.

The impact is that Codex becomes unusable for non-admin workspace users in headless environments, effectively limiting its accessibility compared to other providers.

2. What Is NOT Possible Right Now?

It is not possible to log in to Codex from ForgeCode without device code authentication.

What I tried:

  • Running the standard Codex login flow from ForgeCode
  • Following the prompted device code authentication flow

What happens:

  • The login process requires device code authentication
  • The process fails with:
    "Please contact your workspace admin to enable device code authentication"

Why this cannot be worked around:

  • Device code authentication must be enabled at the workspace level
  • As a non-admin (Business plan workspace user), I do not have permission to enable this setting
  • There is no fallback authentication method (e.g., API key, browser redirect, token login)

Example failing workflow:

  • Open WSL
  • Run ForgeCode
  • Attempt login with codex auth
  • Blocked by device code auth requirement -> cannot proceed

Result:
There is currently no way to authenticate Codex in ForgeCode unless the workspace admin enables device code authentication, making it unusable for users without admin access.

Image

3. What WILL Be Possible With This Feature?

Allows logging into Codex Provider without requiring workspace admin intervention

Proposed Solution (User Experience)

Users can log in to Codex through a standard authentication flow similar to other providers in ForgeCode.

Alternatives Considered

Workarounds considered:

  • Asking workspace admin to enable device code authentication -> not feasible for many users without admin access
  • Using a non-workspace (personal) account -> not aligned with team/workspace usage

None of these are reliable or scalable solutions, as they either require elevated permissions or change the intended workflow.

Feature Category

AI/LLM Integration

Priority/Impact

Critical - Blocking my work

Examples from Other Tools

OpenCode Codex auth login

Additional Context

No response

Pre-submission Checklist

  • I have searched existing issues and confirmed this is not a duplicate
  • I am willing to submit a PR to implement this feature

Metadata

Metadata

Assignees

No one assigned

    Labels

    type: featureBrand new functionality, features, pages, workflows, endpoints, etc.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions