Command-line config overrides let you run Codex with one-off settings without touching shared configuration, keeping experiments and temporary tweaks isolated from routine runs.
The -c flag supplies configuration overrides as key=value pairs, including dotted keys for nested settings. Overrides apply only to the current codex invocation, and repeating -c lets you adjust multiple settings at once without editing /~/.codex/config.toml.
CLI overrides parse values as TOML, so quoting and bracket syntax matter when passing arrays, strings, or booleans. If a value cannot be parsed as TOML, Codex treats it as a literal string, so quote values that include spaces or shell-sensitive characters.
Related: How to run Codex with a specific model
Related: How to run Codex in full-auto mode
Steps to override Codex config values from the CLI:
- Run codex exec with a temporary model override.
$ codex exec -c model="gpt-5.2-codex" "Return OK." OK
String values are easiest to handle when quoted, even when the value looks simple.
- Add another override to change multiple settings for the same run.
$ codex exec -c model="gpt-5.2-codex" -c 'sandbox_permissions=["disk-full-read-access"]' "Return OK." OK
Array values must be valid TOML, so wrap lists in brackets and quote strings.
- Run the same prompt without overrides to return to the configured defaults.
$ codex exec "Return OK." OK
Omitting -c restores the default configuration for the next run.
- Avoid passing secrets through -c overrides.
Command-line arguments can be stored in shell history and may be visible in process listings, so sensitive values are safer in protected config storage or environment-based secret injection.
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
