ChatGPT product proof is manual and workspace-gated. This repository can prepare the server, OAuth/dev-noauth config, MCP metadata, tool list, and activation package, but it cannot claim product UI proof until an operator exercises ChatGPT.
./bin/codencer setup self-host \
--gateway-url http://127.0.0.1:19090 \
--mcp-url http://127.0.0.1:19090/mcp \
--relay-url http://127.0.0.1:8090 \
--relay-request-timeout-seconds 300 \
--default-relay-token-env CODENCER_DEFAULT_RELAY_TOKEN \
--token-env CODENCER_GATEWAY_MCP_TOKEN \
--enable-oauth-dev \
--json
./bin/codencer login --gateway http://127.0.0.1:19090
./bin/codencer connector login --gateway http://127.0.0.1:19090 --relay default --json
./bin/codencer activation self-host \
--gateway http://127.0.0.1:19090 \
--relay http://127.0.0.1:8090 \
--project codencer \
--token-env CODENCER_GATEWAY_MCP_TOKEN \
--jsonSave the generated client secret and operator approval code from $CODENCER_HOME/tokens.
codencer activation self-host --json writes a package containing ChatGPT setup
that points to Gateway. codencer activation chatgpt --json remains available
for direct Relay debug setup. The generated setup sheet includes:
mcp_endpointauth_modeclient_idclient_secret_fileoperator_code_fileauthorization_server_metadataopenid_configurationauthorization_endpointtoken_endpointprotected_resource_metadatascopesexpected_toolschatgpt_ui_stepstest_promptsevidence_checklist
Literal secrets are redacted. File paths are shown only for local token files.
- MCP endpoint:
http://127.0.0.1:19090/mcp - OAuth authorization server metadata:
http://127.0.0.1:19090/.well-known/oauth-authorization-server - OpenID configuration:
http://127.0.0.1:19090/.well-known/openid-configuration - Protected resource metadata:
http://127.0.0.1:19090/.well-known/oauth-protected-resource/mcp - Backend Relay profile target:
http://127.0.0.1:8090 - Required behavior: use
codencer.list_projectsfirst. - OAuth dev redirect behavior: valid redirect URIs are accepted for self-host dev testing. Production must use redirect allowlisting or an external IdP. OAuth dev mode is not public multi-user production.
Expected project-aware tools include:
codencer.list_relayscodencer.get_relaycodencer.list_projectscodencer.get_projectcodencer.list_project_locationscodencer.submit_project_task_and_waitcodencer.run_project_manifestcodencer.get_run_reportcodencer.get_blocker
- Confirm the ChatGPT workspace has Developer Mode/custom MCP app access.
- Create a draft custom MCP app named Codencer.
- Use the MCP endpoint above.
- Use OAuth mode against the Codencer OAuth dev metadata for self-host testing, or an operator-owned OAuth front door for production IAM.
- Complete the authorization flow with the operator approval code.
- Scan/list tools and confirm project-aware tools are present.
- Ask ChatGPT to call
codencer.list_projects. - For an approved one-task proof, ask it to call
codencer.submit_project_task_and_wait. - For an approved manifest proof, ask it to call
codencer.run_project_manifest. - If the response includes a blocker requiring planner decision, stop and save the blocker JSON.
Do not publish or mark live ChatGPT proof passed until client_connected, client_used_tool, and full_e2e_execution evidence is saved.