Comment by dist-epoch
13 hours ago
I run Codex in multiple disposable sandboxes and OAuth is such a fucking pain. I vibe-coded a project which just stores/allocates/shuffles codex auth.json files around. I have a codex instance that I manually authenticate multiple times with browser OAuth, then copy that auth.json in a store from where it's distributed to the sandboxes. And sandbox codex sometimes refreshes the authorization, so when that happens I need to send that auth.json back to the central store. Madness.
One good thing GitHub Copilot has it that you can just give it a GH_TOKEN that is valid for 6 months and stop this browser login nonsense.
Yeah I was doing some similar stuff. I think I tried copying the auth file for codex or claude and even that didn't work - the tokens were somehow tied to some machine identifiers just to make it even more annoying. Claude Code has long lived oauth tokens which were working well for me, but then it turns out you can't use Remote Control if you use those, so I had to go back to the standard oauth web login trash everytime I spin up a new devbox. At every step the enterprise auth mindset makes my life more difficult by assuming I'm running some clownshow with bad code fully open to the internet unable to secure an API key, and gives me no way to just say "no thanks, i accept the increased risk ” and opt out of their junk.
What does codex's auth.json file have to do with OAuth?