codex docs

siddharthsambharia-portkey · siddharthsambharia-portkey · commit 7a9b9ae94ba0 · 2025-04-28T19:49:01.000+05:30
diff --git a/integrations/libraries/codex.mdx b/integrations/libraries/codex.mdx
@@ -0,0 +1,396 @@
+---
+title: 'OpenAI Codex CLI'
+description: 'Add usage tracking, cost controls, and security guardrails to your Codex CLI deployment'
+---
+
+OpenAI Codex CLI is a lightweight coding agent that runs directly in your terminal, letting you interact with AI to analyze, modify, and execute code in your projects. While Codex delivers powerful code generation and execution capabilities, Portkey adds essential enterprise controls for production deployments:
+
+- **Unified AI Gateway** - Single interface for 250+ LLMs with API key management (beyond Codex's default model options)
+- **Centralized AI observability**: Real-time usage tracking for 40+ key metrics and logs for every request
+- **Governance** - Real-time spend tracking, set budget limits and RBAC in your Codex setup
+- **Security Guardrails** - PII detection, content filtering, and compliance controls
+
+This guide will walk you through integrating Portkey with OpenAI Codex CLI and setting up essential enterprise features including usage tracking, access controls, and budget management.
+
+<Note>
+  If you are an enterprise looking to use Codex CLI in your organization, [check out this section](#3-set-up-enterprise-governance-for-codex).
+</Note>
+
+# 1. Setting up Portkey
+Portkey allows you to use 250+ LLMs with your Codex CLI setup, with minimal configuration required. Let's set up the core components in Portkey that you'll need for integration.
+
+<Steps>
+<Step title="Create Virtual Key">
+Virtual Keys are Portkey's secure way to manage your LLM provider API keys. Think of them like disposable credit cards for your LLM API keys, providing essential controls like:
+- Budget limits for API usage
+- Rate limiting capabilities
+- Secure API key storage
+
+To create a virtual key:
+Go to [Virtual Keys](https://app.portkey.ai/virtual-keys) in the Portkey App. Save and copy the virtual key ID
+
+<Frame>
+<img src="/images/integrations/openai/virtual-key-2.png" width="500"/>
+</Frame>
+
+<Note>
+Save your virtual key ID - you'll need it for the next step.
+</Note>
+</Step>
+
+<Step title="Create Default Config">
+
+Configs in Portkey are JSON objects that define how your requests are routed. They help with implementing features like advanced routing, fallbacks, and retries.
+
+We need to create a default config to route our requests to the virtual key created in Step 1.
+
+To create your config:
+1. Go to [Configs](https://app.portkey.ai/configs) in Portkey dashboard
+2. Create new config with:
+    ```json
+    {
+        "virtual_key": "YOUR_VIRTUAL_KEY_FROM_STEP1",
+        "override_params": {
+          "model": "gpt-4o" // Your preferred model name
+        }
+    }
+    ```
+3. Save and note the Config name for the next step
+
+<Frame>
+<img src="/images/integrations/config.png" width="500"/>
+</Frame>
+
+<Note>
+This basic config connects to your virtual key. You can add more advanced portkey features later.
+</Note>
+</Step>
+
+<Step title="Configure Portkey API Key">
+
+Now create Portkey API key access point and attach the config you created in Step 2:
+
+1. Go to [API Keys](https://app.portkey.ai/api-keys) in Portkey and Create new API key
+2. Select your config from `Step 2`
+3. Generate and save your API key
+
+<Frame>
+<img src="/images/integrations/api-key.png" width="500"/>
+</Frame>
+
+<Note>
+Save your API key securely - you'll need it for Codex CLI integration.
+</Note>
+</Step>
+</Steps>
+
+# 2. Integrate Portkey with OpenAI Codex CLI
+
+Now that you have your Portkey components set up, let's connect them to OpenAI Codex CLI. The integration leverages Codex's provider configuration options to route all requests through Portkey's AI Gateway.
+
+<Note>
+You need your Portkey API Key from [Step 1](#1-setting-up-portkey) before going further.
+</Note>
+
+## Using Portkey Configuration File
+
+OpenAI Codex CLI supports a configuration file where you can specify your AI provider settings. Let's set up this configuration to use Portkey:
+
+1. Create or edit the Codex configuration file at `~/.codex/config.json`:
+
+```json
+{
+  "provider": "portkey",
+  "model": "gpt-4o",
+  "providers": {
+    "portkey": {
+      "name": "Portkey",
+      "baseURL": "https://api.portkey.ai/v1",
+      "envKey": "PORTKEY_API_KEY"
+    }
+  }
+}
+```
+
+2. Set your Portkey API key as an environment variable:
+
+```shell
+export PORTKEY_API_KEY="your-portkey-api-key-here"
+```
+
+> **Note:** This command sets the key only for your current terminal session. You can add the `export` line to your shell's configuration file (e.g., `~/.zshrc`) for persistence, or place it in a `.env` file at the root of your project.
+
+3. Test your integration:
+
+```shell
+codex "explain this repository to me"
+```
+
+
+# 3. Set Up Enterprise Governance for Codex
+
+**Why Enterprise Governance?**
+If you are using Codex CLI inside your organization, you need to consider several governance aspects:
+- **Cost Management**: Controlling and tracking AI spending across teams
+- **Access Control**: Managing which teams can use specific models
+- **Usage Analytics**: Understanding how AI is being used across the organization
+- **Security & Compliance**: Maintaining enterprise security standards
+- **Reliability**: Ensuring consistent service across all users
+
+Portkey adds a comprehensive governance layer to address these enterprise needs. Let's implement these controls step by step.
+
+**Enterprise Implementation Guide**
+
+<AccordionGroup>
+  <Accordion title="Step 1: Implement Budget Controls & Rate Limits">
+### Step 1: Implement Budget Controls & Rate Limits
+
+Virtual Keys enable granular control over LLM access at the team/department level. This helps you:
+- Set up [budget limits](/product/ai-gateway/virtual-keys/budget-limits)
+- Prevent unexpected usage spikes using Rate limits
+- Track departmental spending
+
+#### Setting Up Department-Specific Controls:
+1. Navigate to [Virtual Keys](https://app.portkey.ai/virtual-keys) in Portkey dashboard
+2. Create new Virtual Key for each department with budget limits and rate limits
+3. Configure department-specific limits
+
+<Frame>
+<img src="/images/integrations/openai/virtual-key-2.png" width="500"/>
+</Frame>
+
+  </Accordion>
+
+  <Accordion title="Step 2: Define Model Access Rules">
+### Step 2: Define Model Access Rules
+
+As your AI usage scales, controlling which teams can access specific models becomes crucial. Portkey Configs provide this control layer with features like:
+
+#### Access Control Features:
+- **Model Restrictions**: Limit access to specific models
+- **Data Protection**: Implement guardrails for sensitive data
+- **Reliability Controls**: Add fallbacks and retry logic
+
+#### Example Configuration:
+Here's a basic configuration to route requests to OpenAI, specifically using GPT-4o:
+
+```json
+{
+	"strategy": {
+		"mode": "single"
+	},
+	"targets": [
+		{
+			"virtual_key": "YOUR_OPENAI_VIRTUAL_KEY",
+			"override_params": {
+				"model": "gpt-4o"
+			}
+		}
+	]
+}
+```
+
+Create your config on the [Configs page](https://app.portkey.ai/configs) in your Portkey dashboard. You'll need the config ID for connecting to Codex CLI's setup.
+
+
+<Note>
+Configs can be updated anytime to adjust controls without affecting running applications.
+</Note>
+  </Accordion>
+
+  <Accordion title="Step 3: Implement Access Controls">
+### Step 3: Implement Access Controls
+
+Create User-specific API keys that automatically:
+- Track usage per user/team with the help of virtual keys
+- Apply appropriate configs to route requests
+- Collect relevant metadata to filter logs
+- Enforce access permissions
+
+
+Create API keys through:
+- [Portkey App](https://app.portkey.ai/)
+- [API Key Management API](/api-reference/admin-api/control-plane/api-keys/create-api-key)
+
+
+Example using Python SDK:
+```python
+from portkey_ai import Portkey
+
+portkey = Portkey(api_key="YOUR_ADMIN_API_KEY")
+
+api_key = portkey.api_keys.create(
+    name="engineering-team",
+    type="organisation",
+    workspace_id="YOUR_WORKSPACE_ID",
+    defaults={
+        "config_id": "your-config-id",
+        "metadata": {
+            "environment": "production",
+            "department": "engineering"
+        }
+    },
+    scopes=["logs.view", "configs.read"]
+)
+```
+
+For detailed key management instructions, see our [API Keys documentation](/api-reference/admin-api/control-plane/api-keys/create-api-key).
+  </Accordion>
+
+  <Accordion title="Step 4: Deploy & Monitor">
+### Step 4: Deploy & Monitor
+After distributing API keys to your team members, your enterprise-ready Codex CLI setup is ready to go. Each team member can now use their designated API keys with appropriate access levels and budget controls.
+Apply your governance setup using the integration steps from earlier sections
+Monitor usage in Portkey dashboard:
+- Cost tracking by department
+- Model usage patterns
+- Request volumes
+- Error rates
+</Accordion>
+
+</AccordionGroup>
+
+<Check>
+### Enterprise Features Now Available
+**Codex CLI now has:**
+
+- Departmental budget controls
+- Model access governance
+- Usage tracking & attribution
+- Security guardrails
+- Reliability features
+
+</Check>
+
+# Portkey Features
+Now that you have enterprise-grade Codex CLI setup, let's explore the comprehensive features Portkey provides to ensure secure, efficient, and cost-effective AI operations.
+
+### 1. Comprehensive Metrics
+Using Portkey you can track 40+ key metrics including cost, token usage, response time, and performance across all your LLM providers in real time. You can also filter these metrics based on custom metadata that you can set in your configs. Learn more about metadata here.
+
+<Frame>
+  <img src="/images/integrations/observability.png" width="600"/>
+</Frame>
+
+### 2. Advanced Logs
+Portkey's logging dashboard provides detailed logs for every request made to your LLMs. These logs include:
+- Complete request and response tracking
+- Metadata tags for filtering
+- Cost attribution and much more...
+
+<Frame>
+<img src="/images/llms/openai/logs.png"></img>
+</Frame>
+
+
+
+
+### 3. Unified Access to 250+ LLMs
+
+You can easily switch between 250+ LLMs. Call various LLMs such as Anthropic, Gemini, Mistral, Azure OpenAI, Google Vertex AI, AWS Bedrock, and many more by simply changing the `virtual_key` in your default `config` object.
+
+
+### 4. Advanced Metadata Tracking
+Using Portkey, you can add custom metadata to your LLM requests for detailed tracking and analytics. Use metadata tags to filter logs, track usage, and attribute costs across departments and teams.
+
+<Card title="Custom Metadata" icon="coins" href="/docs/product/ai-gateway/metadata">
+</Card>
+
+
+
+### 5. Enterprise Access Management
+
+<CardGroup cols={2}>
+<Card title="Budget Controls" icon="coins" href="/docs/product/ai-gateway/virtual-keys/budget-limits">
+Set and manage spending limits across teams and departments. Control costs with granular budget limits and usage tracking.
+</Card>
+
+<Card title="Single Sign-On (SSO)" icon="key" href="/docs/product/enterprise-offering/org-management/sso">
+Enterprise-grade SSO integration with support for SAML 2.0, Okta, Azure AD, and custom providers for secure authentication.
+</Card>
+
+<Card title="Organization Management" icon="building" href="/docs/product/enterprise-offering/org-management">
+Hierarchical organization structure with workspaces, teams, and role-based access control for enterprise-scale deployments.
+</Card>
+
+<Card title="Access Rules & Audit Logs" icon="shield-check" href="/docs/product/enterprise-offering/access-control-management#audit-logs">
+Comprehensive access control rules and detailed audit logging for security compliance and usage tracking.
+</Card>
+</CardGroup>
+
+
+### 6. Reliability Features
+<CardGroup cols={3}>
+  <Card title="Fallbacks" icon="life-ring" href="/product/ai-gateway/fallbacks">
+    Automatically switch to backup targets if the primary target fails.
+  </Card>
+  <Card title="Conditional Routing" icon="route" href="/product/ai-gateway/conditional-routing">
+    Route requests to different targets based on specified conditions.
+  </Card>
+  <Card title="Load Balancing" icon="key" href="/docs/product/ai-gateway/load-balancing">
+      Distribute requests across multiple targets based on defined weights.
+  </Card>
+  <Card title="Caching" icon="database" href="/product/ai-gateway/caching">
+    Enable caching of responses to improve performance and reduce costs.
+  </Card>
+  <Card title="Smart Retries" icon="database" href="/product/ai-gateway/retries">
+Automatic retry handling with exponential backoff for failed requests
+</Card>
+<Card title="Budget Limits" icon="shield-check" href="/product/ai-gateway/virtual-keys/budget-limits">
+    Set and manage budget limits across teams and departments. Control costs with granular budget limits and usage tracking.
+</Card>
+</CardGroup>
+
+
+
+### 7. Advanced Guardrails
+
+Protect your Codex CLI's data and enhance reliability with real-time checks on LLM inputs and outputs. Leverage guardrails to:
+- Prevent sensitive data leaks
+- Enforce compliance with organizational policies
+- PII detection and masking
+- Content filtering
+- Custom security rules
+- Data compliance checks
+
+<Card title="Guardrails" icon="shield-check" href="/docs/product/guardrails">
+Implement real-time protection for your LLM interactions with automatic detection and filtering of sensitive content, PII, and custom security rules. Enable comprehensive data protection while maintaining compliance with organizational policies.
+</Card>
+
+# FAQs
+<AccordionGroup>
+<Accordion title="How do I update my Virtual Key limits after creation?">
+  You can update your Virtual Key limits at any time from the Portkey dashboard:1. Go to Virtual Keys section2. Click on the Virtual Key you want to modify3. Update the budget or rate limits4. Save your changes
+</Accordion>
+<Accordion title="Can I use multiple LLM providers with the same API key?">
+      Yes! You can create multiple Virtual Keys (one for each provider) and attach them to a single config. This config can then be connected to your API key, allowing you to use multiple providers through a single API key.
+</Accordion>
+<Accordion title="How do I track costs for different teams?">
+Portkey provides several ways to track team costs:
+- Create separate Virtual Keys for each team
+- Use metadata tags in your configs
+- Set up team-specific API keys
+- Monitor usage in the analytics dashboard
+</Accordion>
+<Accordion title="What happens if a team exceeds their budget limit?">
+When a team reaches their budget limit:
+1. Further requests will be blocked
+2. Team admins receive notifications
+3. Usage statistics remain available in dashboard
+4. Limits can be adjusted if needed
+</Accordion>
+<Accordion title="Can I use Portkey with the open source version of Codex CLI?">
+Yes! Portkey fully integrates with [OpenAI's open source Codex CLI](https://github.com/openai/codex). This gives you the flexibility to leverage both the power of open source with the enterprise controls of Portkey.
+</Accordion>
+</AccordionGroup>
+
+
+# Next Steps
+
+ **Join our Community**
+- [Discord Community](https://portkey.sh/discord-report)
+- [GitHub Repository](https://github.com/Portkey-AI)
+
+<Note>
+For enterprise support and custom features, contact our [enterprise team](https://calendly.com/portkey-ai).
+</Note>
