# Codex Pooler Vs Direct Credentials

Codex Pooler changes the client credential model. Instead of putting account-specific material in each client, operators connect upstream Codex accounts to Pools and give clients stable Pool API keys. Codex Pooler then routes supported work to eligible upstream accounts.

## Comparison

<table>
  <thead>
    <tr>
      <th>Question</th>
      <th>Direct account credentials</th>
      <th>Codex Pooler</th>
    </tr>
  </thead>
  <tbody>
    <tr>
      <td>What does the client hold?</td>
      <td>Account-specific credential material or client-specific account setup</td>
      <td>A Pool API key that represents a Pool</td>
    </tr>
    <tr>
      <td>How do capacity changes work?</td>
      <td>Each client may need reconfiguration</td>
      <td>Operators adjust Pool assignments, upstream lifecycle, and routing policy centrally</td>
    </tr>
    <tr>
      <td>How is an account selected?</td>
      <td>Selection is usually fixed by client setup</td>
      <td>Eligibility checks and Pool strategy choose from assigned upstream accounts</td>
    </tr>
    <tr>
      <td>How are requests investigated?</td>
      <td>Evidence may be spread across clients and local logs</td>
      <td>Admin UI and MCP expose sanitized metadata for visible Pools</td>
    </tr>
    <tr>
      <td>What stays out of logs?</td>
      <td>Depends on each client and process</td>
      <td>Docs describe metadata-only request, routing, audit, and MCP evidence</td>
    </tr>
  </tbody>
</table>

## When Codex Pooler Fits

Codex Pooler fits teams that already operate trusted Codex accounts and want centralized Pool policy, stable client credentials, shared capacity, account readiness checks, continuity-aware routing, and metadata-only request evidence.

It is not a way to bypass account terms or limits. Operate only accounts you are allowed to use, and give Pool API keys only to trusted clients.

## Credential Boundaries

Use Pool API keys for `/backend-api` and `/v1` runtime requests. Use operator-owned MCP tokens for `/mcp`. Do not reuse Pool API keys for MCP, and do not use MCP tokens for runtime work.

Raw Pool API keys and raw MCP tokens are one-time secrets in the product surfaces. Public docs should use placeholders such as `<pool-api-key>` and `<operator-mcp-token>`.

## Canonical Docs

- [Codex Pooler overview](/) covers the product scope and FAQ
- [Pools](/operators/pools/) explains the Pool boundary and routing settings
- [Upstreams](/operators/upstreams/) explains account lifecycle and readiness
- [Routing Strategies](/reference/routing-strategies/) explains eligibility, continuity, quota evidence, and fallback

## Related Discovery Pages

- [AI coding agent gateway](/discovery/ai-coding-agent-gateway/)
- [Self-hosted Codex gateway](/discovery/self-hosted-codex-gateway/)
- [Codex account pooling](/discovery/codex-account-pooling/)
- [OpenAI-compatible Codex gateway](/discovery/openai-compatible-codex-gateway/)