AI Tools

Codex Now Supports Remote Access from ChatGPT Mobile, with Access Tokens for Enterprise Workspaces

A look at OpenAI's May 14, 2026 Codex update: remote access to long-running Codex tasks from ChatGPT mobile, and Codex access tokens for Enterprise workspaces.

On May 14, 2026, OpenAI updated the ChatGPT Enterprise & Edu release notes with two Codex changes: Codex can now be accessed remotely from the ChatGPT mobile app, and Enterprise workspaces can use Codex access tokens for controlled automation.

This is not a model capability release. It is a shift in the shape of Codex as a product. Codex is moving from a coding assistant that lives locally or in a web session toward a coding agent that can run for longer, be managed remotely, and connect to enterprise automation workflows.

What Changed

According to OpenAI Help Center, Codex now supports remote access from the ChatGPT mobile app. Users can connect to a running Codex environment from their phone, follow long-running tasks, and step in when needed.

At the same time, ChatGPT Enterprise workspaces now have Codex access tokens. These are designed for trusted non-interactive local workflows, allowing automation to use ChatGPT workspace identity and enterprise controls without requiring a browser login every time.

The update has two main entry points:

  • Mobile remote access: solves the problem of monitoring long Codex tasks when you are away from your computer.
  • Access tokens: lets enterprise automation scripts use Codex workflows with a controlled identity.

What Mobile Remote Access Solves

Codex tasks do not always finish in seconds. In real development work, Codex may need to read a repository, edit multiple files, run tests, wait for command output, fix errors, and ask for approval midway.

Previously, these tasks often required users to stay near their Mac, desktop app, CLI, or IDE. Now the ChatGPT mobile app can act as a remote console, letting users follow Codex after leaving their computer.

OpenAI says the mobile app can show live state from the underlying environment, including:

  • Project context.
  • Approvals.
  • Screenshots.
  • Terminal output.
  • Diffs.
  • Test results.

Users can also answer Codex questions, redirect execution, approve actions, inspect output, and switch between connected hosts. The underlying task still runs on a Mac host or connected remote environment; the phone is used for viewing and control.

Why This Matters for Developers

This feature is most useful for long tasks that need occasional confirmation.

For example:

  • Codex is running a slow test suite and you want to check the result while away.
  • Codex changed multiple files and you want to review the diff from your phone before approving the next step.
  • Codex is waiting for confirmation before a risky operation.
  • You have multiple connected hosts and need to switch between them from mobile.

The value is not writing code on a phone. The value is that you no longer need to sit in front of the computer the entire time. Codex keeps working in the original environment, while you step in only at key moments.

This also shows Codex moving toward a background-agent model: tasks can keep running, the user does not need to stay online the entire time, but approval and control remain with the human.

What Access Tokens Solve

Codex access tokens are for ChatGPT Enterprise workspaces. Their focus is not ordinary personal login, but trusted enterprise automation.

Enterprises often have local or internal workflows that need to run non-interactively, such as:

  • Scheduled code checks.
  • Triggering Codex workflows on managed machines.
  • Connecting Codex to internal developer tooling.
  • Using workspace identity without opening a browser.

Access tokens let these workflows run with ChatGPT workspace identity while still being governed by enterprise policy. Compared with manual browser login, they are better suited to automation. Compared with sharing personal credentials, they are easier to govern.

This Is Not a Generic API Key

This distinction matters. Codex access tokens should not be understood as a simple all-purpose API key.

OpenAI notes that access tokens are available for ChatGPT Enterprise workspaces, admins can manage workspace-level availability, and members with allowed roles can create their own tokens. Governance views may also reflect access token activity when available.

In other words, access tokens sit inside the enterprise permission, role, and audit framework:

  • Admins can decide whether a workspace enables them.
  • Not every member can create them by default.
  • Token activity can appear in governance views.
  • They inherit ChatGPT workspace identity and enterprise controls.

That is different from casually generating a long-lived personal secret.

Secure Defaults: Remote Control Is Off by Default

Codex mobile remote access touches code environments, terminal output, diffs, test results, and approval actions. If it were enabled by default, it would create obvious enterprise security risks.

OpenAI’s default is therefore conservative: remote control is off by default, and an admin or owner must enable it in Workspace settings.

Enabling mobile remote access may also involve:

  • Workspace-enabled Remote Control access.
  • SSO.
  • Multi-factor authentication.
  • Passkey.

This is a capability that enterprise IT and security teams need to configure, not something that automatically becomes available to everyone after updating the app.

What Needs to Be Updated

OpenAI says mobile remote access requires updates on both sides:

  • ChatGPT mobile app.
  • Codex app on macOS.

If the workspace requires it, setup may also trigger SSO, multi-factor authentication, or passkey flows.

In practice, enterprise admins should first review the remote control settings in Workspace settings and decide which members or roles can use the feature.

Impact on Enterprise Codex Usage

This update pushes Codex in two directions.

First, Codex becomes more suitable for long-running tasks. Previously, long tasks often required constant attention. Now users can monitor status and approve actions from mobile, making Codex more natural as a background worker.

Second, Codex becomes more suitable for enterprise automation. Access tokens give non-interactive workflows a more formal identity path, making future integration with internal CI, code review, scripts, and developer platforms easier.

Together, these changes suggest Codex is evolving from a developer-side AI helper into a manageable enterprise coding agent.

Remaining Boundaries

This update is useful, but it does not mean Codex should run unattended without policy.

Enterprises still need to consider:

  • Which projects allow remote control.
  • Which commands require approval.
  • How tokens are created, rotated, and revoked.
  • Whether mobile remote access fits device management policy.
  • Whether terminal output, screenshots, and diffs may contain sensitive data.
  • Whether audit logs and governance views meet compliance requirements.

Access tokens in particular should be managed like other enterprise credentials: least privilege, rotation, no hardcoding, and timely revocation of unused tokens.

Summary

OpenAI’s Codex update is focused: ChatGPT mobile can remotely access long-running Codex tasks, and Enterprise workspaces can use Codex access tokens for controlled automation.

The first change lets developers avoid sitting in front of their computer the whole time. The second lets enterprises connect Codex more formally to internal workflows. Together, they show Codex moving from an interactive coding assistant toward a remotely manageable, auditable, automation-friendly enterprise coding agent.

Reference:

© 2022 - 2026 KnightLi Blog
记录并分享
Built with Hugo
Theme Stack designed by Jimmy