|
| 1 | +--- |
| 2 | +title: AI Coding Agent Gateway |
| 3 | +description: Public answer page for using Codex Pooler as a self-hosted gateway for AI coding agents, Codex backend clients, selected /v1 SDK clients, and operator MCP metadata. |
| 4 | +sidebar: |
| 5 | + hidden: true |
| 6 | +head: |
| 7 | + - tag: script |
| 8 | + attrs: |
| 9 | + type: application/ld+json |
| 10 | + content: | |
| 11 | + {"@context":"https://schema.org","@type":"TechArticle","headline":"AI Coding Agent Gateway","description":"Codex Pooler can serve as a self-hosted gateway for trusted AI coding agents by giving clients stable Pool API keys, routing Codex backend or narrow /v1 traffic through account Pools, and keeping operator evidence metadata-only.","url":"https://docs.codex-pooler.com/discovery/ai-coding-agent-gateway/","about":["AI coding agent gateway","Codex Pooler","Codex backend clients","OpenAI-compatible /v1","Pool API keys"]} |
| 12 | +--- |
| 13 | + |
| 14 | +Codex Pooler can act as a self-hosted gateway for trusted AI coding agents. Operators run Codex Pooler themselves, connect authorized upstream Codex accounts to Pools, issue stable Pool API keys to agent clients, and route supported Codex backend or narrow `/v1` requests through Pool policy without exposing upstream account secrets to every workstation or automation host. |
| 15 | + |
| 16 | +## What Is An AI Coding Agent Gateway? |
| 17 | + |
| 18 | +An AI coding agent gateway is the controlled runtime boundary between coding agents and the model-provider capacity they use. In Codex Pooler, that boundary authenticates Pool API keys, chooses eligible upstream accounts, preserves continuity for stateful Codex work, and records metadata-only operational evidence. |
| 19 | + |
| 20 | +The gateway does not replace account authorization. It coordinates accounts you are allowed to operate and keeps client credentials, routing policy, operator metadata, and upstream secret storage in separate product surfaces. |
| 21 | + |
| 22 | +## Agent Route Matrix |
| 23 | + |
| 24 | +<table> |
| 25 | + <thead> |
| 26 | + <tr> |
| 27 | + <th>Agent or tool shape</th> |
| 28 | + <th>Use this route</th> |
| 29 | + <th>Credential</th> |
| 30 | + <th>Read next</th> |
| 31 | + </tr> |
| 32 | + </thead> |
| 33 | + <tbody> |
| 34 | + <tr> |
| 35 | + <td>Codex CLI and Codex Desktop</td> |
| 36 | + <td><code>/backend-api/codex</code></td> |
| 37 | + <td>Pool API key</td> |
| 38 | + <td><a href="/clients/codex-cli/">Codex CLI and Codex Desktop</a></td> |
| 39 | + </tr> |
| 40 | + <tr> |
| 41 | + <td>Selected OpenAI SDK-compatible agents</td> |
| 42 | + <td><code>/v1</code></td> |
| 43 | + <td>Pool API key</td> |
| 44 | + <td><a href="/clients/openai-compatible/">OpenAI-compatible SDKs</a></td> |
| 45 | + </tr> |
| 46 | + <tr> |
| 47 | + <td>Aider, Continue, Cline, Goose, Kilo, OpenCode, OpenClaw, OpenHands, OMP, Pi, Hermes, and Windmill</td> |
| 48 | + <td>Client-specific <code>/v1</code> or backend route documented on each setup page</td> |
| 49 | + <td>Pool API key for runtime model work</td> |
| 50 | + <td><a href="/clients/openai-compatible/">Client setup index</a></td> |
| 51 | + </tr> |
| 52 | + <tr> |
| 53 | + <td>Operator metadata tools</td> |
| 54 | + <td><code>/mcp</code></td> |
| 55 | + <td>Operator-owned MCP token</td> |
| 56 | + <td><a href="/operators/admin-ui/">Operator admin UI</a></td> |
| 57 | + </tr> |
| 58 | + </tbody> |
| 59 | +</table> |
| 60 | + |
| 61 | +## Setup Path For Agent Clients |
| 62 | + |
| 63 | +1. Deploy Codex Pooler with Docker Compose or the Helm chart. |
| 64 | +2. Create the first owner, then create a Pool for the agent clients. |
| 65 | +3. Add or import authorized upstream Codex accounts and assign usable accounts to the Pool. |
| 66 | +4. Create a Pool API key for runtime clients and store the raw key in each trusted agent environment. |
| 67 | +5. Configure Codex backend clients with `https://codex-pooler.example.com/backend-api/codex`. |
| 68 | +6. Configure selected OpenAI SDK-compatible clients with `https://codex-pooler.example.com/v1`. |
| 69 | +7. Add `/mcp` only for trusted operator metadata hosts, using an operator MCP token instead of the Pool API key. |
| 70 | + |
| 71 | +## What Codex Pooler Does Not Claim |
| 72 | + |
| 73 | +Codex Pooler is not documented as a hosted provider, a general OpenAI API clone, or a way to bypass account terms and limits. It does not provide full OpenAI API parity, and `/v1/realtime` plus OpenAI Realtime SDK websocket or session routes are unsupported. |
| 74 | + |
| 75 | +The operator MCP endpoint is separate from `/backend-api` and `/v1`. It is metadata-only and read-only, and it is not a `/v1/responses` remote MCP bridge. |
| 76 | + |
| 77 | +## What Stays Metadata-Only |
| 78 | + |
| 79 | +Public docs describe request logs, audit logs, and MCP output as metadata-only. Safe examples can mention route family, endpoint path, method, status class, Pool label, upstream label, model name, retry count, duration, token count, and timestamps. |
| 80 | + |
| 81 | +Raw prompts, completions, request bodies, response bodies, multipart bodies, websocket frames, file bytes, audio bytes, image bytes, bearer tokens, Pool API keys, MCP tokens, upstream secrets, and Codex `auth.json` material must not appear in public examples, docs, logs, screenshots, tickets, or prompts. |
| 82 | + |
| 83 | +## Related Discovery Pages |
| 84 | + |
| 85 | +- [Self-hosted Codex gateway](/discovery/self-hosted-codex-gateway/) |
| 86 | +- [Codex account pooling](/discovery/codex-account-pooling/) |
| 87 | +- [OpenAI-compatible Codex gateway](/discovery/openai-compatible-codex-gateway/) |
| 88 | +- [Codex Pooler vs direct credentials](/discovery/codex-pooler-vs-direct-credentials/) |
0 commit comments