How to log out of Codex

Logging out of Codex clears the cached local credential used by the CLI or IDE extension on the current machine. Use it before handing over a shared shell, switching accounts, or leaving a runner that should not keep access to ChatGPT or an OpenAI API key.

The codex logout command removes stored Codex authentication credentials. Codex reuses cached sign-in details between launches, and the CLI and IDE extension share that cached login. Credential storage can use the operating system credential store or auth.json under CODEX_HOME, which defaults to /~/.codex.

Logout is local credential cleanup, not upstream revocation. It does not revoke a browser ChatGPT session or disable an OpenAI API key in the owning account. If a token, key, or copied auth.json file may be exposed, revoke or rotate that credential after clearing the local cache.

Steps to log out of Codex:

Check the current Codex login state in the same shell that will run the logout.
```
$ codex login status
Logged in using an API key - sk-proj-***00000
```
A ChatGPT session prints Logged in using ChatGPT. If the command already prints Not logged in, the local profile has no cached login to remove.
Log out of Codex.
```
$ codex logout
Successfully logged out
```
The command clears stored credentials for the active Codex profile. When no cached session exists, it prints Not logged in and exits cleanly.
Confirm the profile is unauthenticated.
```
$ codex login status
Not logged in
```
With file-based credential storage, logout removes auth.json from CODEX_HOME. The unauthenticated status check exits with status 1.
Start a new login only if this machine still needs Codex access.
```
$ codex login
```
Plain codex login starts the ChatGPT browser sign-in path.
Related: How to log in to Codex with device authentication
Related: How to log in to Codex with an API key