Add /api-provision to app-server TUI

Wire the app-backed UI through a new internal ephemeral API-key login path so /api-provision can reuse the browser provisioning flow, persist OPENAI_API_KEY to .env, and hot-apply the key without writing auth.json. Co-authored-by: Codex <noreply@openai.com> (cherry picked from commit e7d7aebb48)
2026-04-25 07:05:38 +00:00 · 2026-03-24 22:00:30 +00:00
parent 2c08f00f65
commit a734106aff
16 changed files with 541 additions and 9 deletions
--- a/codex-rs/app-server-protocol/schema/json/ClientRequest.json
+++ b/codex-rs/app-server-protocol/schema/json/ClientRequest.json
@@ -1140,6 +1140,27 @@
          "title": "ApiKeyLoginAccountParams",
          "type": "object"
        },
+        {
+          "description": "[UNSTABLE] FOR OPENAI INTERNAL USE ONLY - DO NOT USE.",
+          "properties": {
+            "apiKey": {
+              "type": "string"
+            },
+            "type": {
+              "enum": [
+                "ephemeralApiKey"
+              ],
+              "title": "EphemeralApiKeyLoginAccountParamsType",
+              "type": "string"
+            }
+          },
+          "required": [
+            "apiKey",
+            "type"
+          ],
+          "title": "EphemeralApiKeyLoginAccountParams",
+          "type": "object"
+        },
        {
          "properties": {
            "type": {