GuidesAPIMCP

Codex CLI e-sign integration

OpenAI Codex CLI runs coding agents in your terminal with tool access. Atlas fits as a REST or MCP integration when the agent should prepare contracts after implementing a feature or onboarding a vendor.

> Share: "Codex writes code and can call Atlas MCP to return a review URL in the thread."

Integration surfaces

SurfaceWhen to use
Atlas MCPAgent calls ten lifecycle tools from Codex MCP config
REST curlOne-off scripts the agent generates
Custom CLI wrapperYour sign-contract.sh the agent invokes

MCP is the agent-native path. REST is fine for deterministic scripts.

MCP config for Codex CLI

Add Atlas to your Codex MCP server list (path varies by Codex version):

{
  "mcpServers": {
    "atlas": {
      "url": "https://atlaswork.ai/api/mcp",
      "headers": {
        "Authorization": "Bearer YOUR_API_KEY"
      }
    }
  }
}

OAuth-based MCP clients use the discovery flow documented at /mcp/cursor with Bearer key for CLI tools.

After connect, prompt:

We closed the vendor deal. Use Atlas to send vendor-msa.pdf for signature.
Signer: legal@vendor.com, Vendor Legal.
Give me the review URL.

The agent should call send_contract_for_review or start an upload session for local PDFs.

REST script the agent can write

Codex may generate:

#!/usr/bin/env bash
set -euo pipefail
curl -sS -X POST https://atlaswork.ai/api/envelope \
  -H "Authorization: Bearer ${ATLAS_API_KEY}" \
  -H "Content-Type: application/json" \
  -H "Idempotency-Key: codex-$(date +%s)" \
  -d @- <<EOF
{
  "document_url": "$1",
  "parties": [{ "email": "$2", "name": "$3", "role": "Customer" }]
}
EOF

Review URL still requires human Send for ad-hoc PDFs.

Safety rails for agents

Codex should not:

  • Auto-send ad-hoc uploads without user opening review
  • Store API keys in generated repos (use env vars)
  • Skip Idempotency-Key on retries

Add a AGENTS.md note in your repo pointing Codex to Atlas docs and trust ladder behavior.

Compare to GitHub Copilot keyword

Copilot extensions in VS Code follow similar MCP config patterns. Codex CLI users often batch repo changes and contract sends in one session. Same Atlas tools apply.

Upload session for local PDFs

Codex workspace files are local. Flow:

  1. Agent calls MCP with request_document_upload: true
  2. User opens link, uploads PDF or DOCX
  3. Agent calls complete_upload_session
  4. User opens review_url

See MCP electronic signatures.

CI integration

Codex may propose GitHub Actions in same session as contract send. Point generated workflows to GitHub Action signing guide for webhook gates instead of duplicating YAML ad hoc.

Token rotation

When rotating Atlas API keys, update Codex MCP config and any generated scripts in repo. Add reminder in AGENTS.md so the agent stops using revoked keys from cached snippets.

Team sharing

Check MCP config into repo template for onboarding. Use environment variable substitution for keys per developer machine, never committed literals.

Prompt library

Store approved prompts in repo docs/agent-prompts/:

  • NDA send with upload session
  • Template send with template id variable
  • Status check only without create

Codex sessions reference those files instead of improvising party JSON shapes each time.

Comparison table

ToolBest for
Codex CLI + MCPRepo work plus contract in one session
Claude DesktopNon-developer founders
REST onlyLocked-down environments blocking MCP

FAQ

Does Codex ship Atlas natively? You add MCP server config yourself.

ChatGPT vs Codex CLI? ChatGPT uses OAuth connector. Codex CLI uses API key header.

Void mistaken send? Agent can call void_envelope before signers complete.

Template repeat? After first review, save template and use send_contract_from_template.

Credits? Five free sends on signup for testing agent flows.

Related

Extended FAQ

OpenAI Codex vs Claude Code? Both support MCP config with Bearer key. Prompt patterns match.

Can Codex commit API keys? Block in pre-commit hook scanning for Atlas key patterns.

Sandbox org for agents? Separate Atlas org recommended when agents run untrusted repo code.

Voice mode signing? Not supported. Codex is text terminal interface.

CI generated scripts? Review HTTP scripts before merge like any other CI change.

Session hygiene

Clear Codex context when switching from customer repo to internal repo if API keys could appear in generated scripts. Run secret scanners on branches Codex touches before merge to main.

Add Atlas MCP config to repo onboarding checklist alongside lint and test commands so new hires connect signing on day one.

Pair Codex integration with pre-merge review rule: any new file matching *sign*.sh requires legal ops acknowledgment in pull request template.

When Codex generates integration tests for signing, assert on review_url presence rather than assuming immediate pending status before human Send.

Document expected Codex MCP config in README so contractors enable signing on first clone.