Codex Account Pooling
Codex account pooling means grouping authorized upstream Codex accounts behind a Pool. Clients use a stable Pool API key, and Codex Pooler chooses an eligible upstream account based on Pool assignment, lifecycle state, model support, quota evidence, route health, policy, and continuity.
Account Pooling Checklist
Section titled “Account Pooling Checklist”Use this checklist when you want to know whether a Pool can route supported Codex work.
| Check | Why it matters | Where to read more |
|---|---|---|
| Pool is active | A disabled or archived Pool should not admit new runtime work | Pools |
| Pool API key is active | The client credential must represent the Pool receiving the request | API keys |
| Upstream is assigned and active | Only assigned, usable upstream accounts can become route candidates | Upstreams |
| Model and route are compatible | The requested model and route shape must be supported for the assignment | Runtime Routes |
| Quota and health evidence are usable | Exhausted quota, stale evidence, or route health can remove an account before strategy ordering | Routing Strategies |
| Continuity can be honored | Existing sessions, websocket sessions, previous response links, and file affinity may pin work to one upstream | Routing Strategies |
What A Pool Does
Section titled “What A Pool Does”A Pool is the routing and policy boundary that clients authenticate against. It groups upstream account assignments, Pool API keys, routing behavior, compatibility settings, and metadata scope for request and audit evidence.
The routing strategy orders only accounts that already passed eligibility checks. It cannot choose a paused account, an unassigned account, an account without the requested model, or an account blocked by continuity or quota evidence.
What Stays Metadata-Only
Section titled “What Stays Metadata-Only”Codex Pooler docs describe request logs, audit logs, and MCP output as metadata-only. Public-safe fields include route family, endpoint path, status class, Pool label, upstream label, model name, retry count, duration, token count, and timestamp examples.
Raw prompts, completions, request bodies, response bodies, file bytes, audio bytes, image bytes, websocket frames, bearer tokens, Pool API keys, MCP tokens, upstream secrets, and Codex auth.json material must not appear in public docs or examples.