Does forking/modifying Codex CLI affect ToS when using “Sign in with ChatGPT”?

[thife455]

Hi! I’m using Codex CLI for personal use via "Sign in with ChatGPT"(ChatGPT subscription, not an API key).

I’d like to fork the Codex CLI repo and add some UX changes (mainly a "plan mode”"/ planning step in the CLI before it starts making edits). The fork would still use the official auth flow (no scraping, no private endpoints), not try to bypass rate limits or restrictions, not do bulk automation/scraping; just normal interactive use, keep licensing notices/attribution (Apache-2.0) if I publish it.

Question: Is a fork like this allowed under OpenAI’s Terms/usage policies when used with “Sign in with ChatGPT”?
If there are guidelines on what kinds of modifications are not OK (e.g., automation patterns that look like programmatic extraction), I’d appreciate pointers.

[etraut-openai]

The codex CLI sources are licensed under a permissive Apache license, and you're welcome to fork the repo and make modifications to suit your own needs.

The Terms of Use for OpenAI's services are covered here.

You mentioned that you would like to add a plan mode. You may be interested to learn about a new "skills" feature that we announced today. You can read about it here. The feature includes a "plan" skill that you can invoke for planning purposes. Please give it a try and let us know what you think.

[thife455]

That's Nice! I will check it out!

Just to narrow this down: the only thing I’m trying to clarify is the ChatGPT subscription / Terms of Use side.

The Terms say you can’t "automatically or programmatically" use/extract from the Services, but tools like Codex CLI are inherently making programmatic requests. Unlike Claude, I haven’t seen an explicit statement that “Sign in with ChatGPT (OAuth)” is an approved way to use a third party service with codex under a ChatGPT plan. (This aged very poorly).

Could you confirm (or point me to the exact doc) that clarifies if using Codex CLI with “Sign in with ChatGPT” is officially permitted under a ChatGPT subscription for personal use, and forking the client and adding a UI/UX feature like plan mode doesn’t change that, as long as it uses the standard login flow, respects rate limits, and doesn’t access undocumented/private endpoints or do bulk scraping?

[Lewik]

Waaaait... I'd like to take this a step further. My use case:

1. Custom app with your endpoint — Can I build my own application (not a CLI fork, but a completely separate app) that authenticates via the same ChatGPT OAuth flow and sends requests to the Codex backend endpoint? Essentially using the subscription as the auth/billing layer, but with my own UI and orchestration logic. The app would clearly state that it's powered by ChatGPT / OpenAI — no attempts to hide or misrepresent the underlying service.

   To be explicit about my intent: I'm not trying to parasitize on your brand or your contribution. Quite the opposite — I want to build ON TOP of what you've built, just as I'd build on top of other AI providers. The whole point of my app is that it's a layer ABOVE the LLMs. I have zero incentive to hide whose brains it's built on — proper attribution is a feature, not a concession.

2. Selling the app — If the above is permitted, can I distribute/sell this application commercially? The app itself would be my product, but each user would authenticate with their own ChatGPT subscription. I would not be reselling access to OpenAI services — users bring their own subscription, I just provide the client, a better UI, and a lot of features around it.

To be clear about what I'm NOT doing:

• Not reselling or redistributing subscription access
• Not bypassing rate limits
• Not training competing models
• Not running server-side on behalf of multiple users with a single account

Each user = their own subscription, their own auth, their own rate limits.

Is this permitted under the current Terms of Use? If there's a specific doc or policy that covers this, I'd appreciate a pointer.

[Lewik]

cc @etraut-openai

[etraut-openai]

I'm an engineer, not a lawyer, so I'm not qualified to answer your questions in detail. What I can say is that our terms of use and code license are quite permissive, and OSS projects like OpenCode are doing things similar to what you're describing above. If you're looking to start a business and sell a software product, it's always a good idea to get advice from a legal expert if you have questions about licenses.

[Akira-Papa]

Hi OpenAI team. Cc @etraut-openai

I'm a Japanese developer with a ChatGPT Pro subscription, planning to build and distribute a desktop application that embeds the open-source Codex App Server (Apache 2.0).

My distribution model is essentially identical to @Lewik's question above:

• Standalone desktop app, distributed for a small one-time fee (e.g., USD 7 for the SOFTWARE itself, not for OpenAI access)
• Each end user authenticates via "Sign in with ChatGPT" OAuth
• Each user's usage is fully covered by their OWN ChatGPT subscription
• I never share my own credentials, never proxy multiple users through my account, never bypass rate limits

This is structurally the same as OpenClaw (which Sam Altman publicly endorsed on May 1, 2026), with the only difference being a paid distribution model.

The OpenAI blog post "Unlocking the Codex harness: how we built the App Server" explicitly recommends App Server for "deep integration inside your own product" — which seems to suggest exactly this kind of use.

Could the OpenAI team please clarify:

1. Is the user-brings-their-own-subscription model permitted under current ToS?
2. Does it matter whether the application is distributed for free vs. for a paid fee, given that the fee covers only the SOFTWARE (not OpenAI service access)?
3. Are there any official attribution requirements or developer registration steps for such distribution?

Many developers (including the OP and @Lewik) are waiting for clear guidance here. An official response would unblock a lot of legitimate ecosystem development.

Thank you!