Skip to content

Codex Account Pooling

Codex account pooling means grouping authorized upstream Codex accounts behind a Pool. Clients use a stable Pool API key, and Codex Pooler chooses an eligible upstream account based on Pool assignment, lifecycle state, model support, quota evidence, route health, policy, and continuity.

Use this checklist when you want to know whether a Pool can route supported Codex work.

CheckWhy it mattersWhere to read more
Pool is activeA disabled or archived Pool should not admit new runtime workPools
Pool API key is activeThe client credential must represent the Pool receiving the requestAPI keys
Upstream is assigned and activeOnly assigned, usable upstream accounts can become route candidatesUpstreams
Model and route are compatibleThe requested model and route shape must be supported for the assignmentRuntime Routes
Quota and health evidence are usableExhausted quota, stale evidence, or route health can remove an account before strategy orderingRouting Strategies
Continuity can be honoredExisting sessions, websocket sessions, previous response links, and file affinity may pin work to one upstreamRouting Strategies

A Pool is the routing and policy boundary that clients authenticate against. It groups upstream account assignments, Pool API keys, routing behavior, compatibility settings, and metadata scope for request and audit evidence.

The routing strategy orders only accounts that already passed eligibility checks. It cannot choose a paused account, an unassigned account, an account without the requested model, or an account blocked by continuity or quota evidence.

Codex Pooler docs describe request logs, audit logs, and MCP output as metadata-only. Public-safe fields include route family, endpoint path, status class, Pool label, upstream label, model name, retry count, duration, token count, and timestamp examples.

Raw prompts, completions, request bodies, response bodies, file bytes, audio bytes, image bytes, websocket frames, bearer tokens, Pool API keys, MCP tokens, upstream secrets, and Codex auth.json material must not appear in public docs or examples.