Codex Mobile — Your Phone as the Agent Approval Gate

The important change here is not coding on a phone — your phone is now the approval gate for agents running on your machine when you are not at your desk.

TL;DR

• What: Codex now runs inside the ChatGPT mobile app (iOS + Android), connecting to sessions on your macOS machine via a secure relay layer
• Real story: The phone is not an editor — it is an approval surface for autonomous agents that need human judgment mid-run
• Also shipping: Remote SSH and Hooks both hit general availability the same day
• Lock-in warning: Once your approval workflow lives in ChatGPT mobile, switching agent harnesses costs you the entire operational layer

What Actually Shipped

On May 14, OpenAI shipped Codex inside the ChatGPT mobile app on iOS and Android, available in preview to all plans including Free and Go. This is not a mobile code editor you tap on during your commute. It is a remote supervision surface. Your phone connects via OpenAI’s secure relay layer to a Codex session already running on macOS — Windows support is listed as “coming soon” but did not ship on day one. Files, credentials, and permissions stay on the originating machine. Only state updates flow to the phone: screenshots, diffs, test results, terminal output, and approval requests.

From the ChatGPT app, you can review active threads, approve pending commands, switch models mid-session, add context, and dispatch new tasks. OpenAI’s own framing is explicit — this is “more than the ability to remotely control a single task.” The intended use case is cross-thread agent management across multiple running sessions.

Two other features went GA simultaneously. Remote SSH now lets Codex connect into approved enterprise dev environments with company dependencies, credentials, and security policies. And Hooks — custom event triggers that fire at defined points in a Codex session — are production-ready, meaning teams can wire Codex checkpoints into existing CI/CD or alerting pipelines. Hooks can scan prompts for secrets, run validators, log conversations, create memories, or customize Codex behavior. Both features are available on all plans.

One important correction to the early coverage: Pro users at $200/month do not get truly unlimited Codex access. Pro receives a 20x Plus multiplier on an ongoing basis, with a temporary 25x multiplier on 5-hour Codex limits through May 31 — token-based billing still applies. The specific rate limits for Free and Go tiers have not been published yet. That pricing ambiguity is worth watching, because a supervision workflow you build around Codex mobile becomes very expensive to abandon once rate limits tighten.

OpenAI reported more than 4 million weekly Codex users at the time of the mobile launch. That is the installed base they are wrapping this supervision layer around.

Why This Matters

The industry has been building agent infrastructure under the assumption that the human stays at a terminal. Think about what that means operationally: your agent hits a permission boundary, needs approval to run a destructive migration, or encounters a test failure that requires a judgment call. If you are not at your desk, the agent blocks. For minutes, sometimes hours. The longer the agent runs autonomously, the more likely the approval request arrives at an inconvenient moment.

OpenAI’s mobile surface is an architectural statement about this problem. The secure relay layer keeps your machine reachable without exposing it to the public internet. Real-time sync of session state and context flows to a device you already carry everywhere. The ability to approve from a phone notification — this is not a convenience feature bolted onto a coding tool. It is infrastructure designed for a world where agents run longer than humans sit.

Compare this to how Claude Code and other agent harnesses handle the approval problem. Most rely on terminal prompts, Slack integrations, or custom webhook setups that teams build themselves. None of them ship a first-party mobile supervision surface with the agent runtime. OpenAI is not just shipping a better agent — they are shipping the control plane around it and putting it in the app 4 million people already have on their phones.

The simultaneous GA of Remote SSH and Hooks makes this a three-part play. Remote SSH solves the enterprise credentialing problem — Codex can operate inside your company’s security perimeter with real dependencies, not just a sandboxed toy environment. Hooks solve the automation problem — you can trigger linting, secret scanning, or custom validators at any checkpoint. And mobile solves the human-in-the-loop problem. Together, these three features form a complete agent supervision stack. None of the three is individually remarkable. The combination, shipping on the same day, is.

Programmatic access tokens are limited to Enterprise and Business plans. HIPAA-compliant Codex use applies only to eligible ChatGPT Enterprise workspaces using local environments. If your team needs either, the “available on all plans” framing does not apply to you.

There is also a platform consolidation story here. Codex now spans four surfaces: desktop app, CLI, IDE extensions, and ChatGPT mobile. All unified through a ChatGPT account. All routing through OpenAI’s relay infrastructure. The approval workflow — the moment where a human decides whether an agent proceeds — lives inside OpenAI’s ecosystem. That relay layer is not portable. You cannot take it to a competing agent harness. And you cannot easily replicate it, because the value is not in any single component but in the integration between the mobile notification, the session state sync, and the credential isolation.

If you are evaluating Codex mobile for team use, test the approval latency first. The relay layer adds round-trip time between your phone and the running session. For time-sensitive operations — database migrations, deployment approvals — that latency matters more than feature checklists.

This is the tightest lock-in play OpenAI has shipped since the Codex desktop app. Model lock-in is old news — you can swap models. Workflow lock-in is harder. Once your team’s muscle memory is “approve from phone notification,” switching to a competing agent that requires opening a laptop becomes friction your team will resist. OpenAI knows this. The mobile launch is not about convenience. It is about making the operational dependency so natural that you stop noticing it.

The Take

I think OpenAI just made the most important agent infrastructure move of the quarter, and they disguised it as a mobile app update. The real product is not Codex on your phone. The real product is the approval gate — the choke point where human judgment enters an autonomous loop. By owning that choke point across desktop, CLI, IDE, and now mobile, OpenAI controls the surface where trust is established between a human and an agent. Every competitor now has to answer the question: what happens when your agent needs approval and the developer is not at a desk? Most do not have an answer yet.

The risk is obvious. You are building operational dependency on a relay layer you do not control, cannot inspect, and cannot migrate. If OpenAI changes pricing, throttles free-tier approvals, or deprecates a surface, your agent supervision workflow breaks. That is not hypothetical — it is the standard playbook for platform lock-in.

My recommendation: use Codex mobile if it genuinely solves your approval latency problem. But track every approval that flows through it. The moment you cannot operate without it, you have given OpenAI leverage over your release cadence. That is a trade-off worth making consciously, not one you should stumble into because the notifications are convenient.