Skip to main content
Terminal-based coding agents such as OpenAI Codex CLI and Claude Code use LLMs to reason about code, generate changes, and complete development tasks from the terminal. By default, these tools send model requests directly to a provider such as OpenAI or Anthropic. The MeshAgent Room Proxy gives those CLIs a room-scoped MeshAgent endpoint instead. MeshAgent forwards each request to the provider configured for that room and includes the traffic in MeshAgent token usage reporting. Use this when you want people to run coding agents through a MeshAgent room instead of authenticating directly with OpenAI or Anthropic.

Why use the Room Proxy

  • Let someone use Codex CLI or Claude Code through the room even if they do not already have their own OpenAI or Anthropic account set up for that CLI.
  • Centralize provider access in MeshAgent instead of configuring raw provider credentials on each developer machine or CI job.
  • Route Codex CLI, Claude Code, and similar tools through the same room-scoped endpoint pattern.
  • Keep token usage reporting inside MeshAgent while the CLI continues to work like a normal OpenAI- or Anthropic-compatible client.

How it works

The Room Proxy exposes OpenAI- and Anthropic-compatible endpoints at room-scoped URLs: 
# OpenAI-compatible (Codex CLI, etc.)
https://api.meshagent.com/rooms/{room_name}/openai/v1

# Anthropic-compatible (Claude Code, etc.)
https://api.meshagent.com/rooms/{room_name}/anthropic
Instead of authenticating directly with the provider, the CLI authenticates to MeshAgent using a room-scoped participant token. The proxy validates the token, injects the real provider key server-side, forwards the request, and reports token usage for the traffic sent through it. The coding agent itself is unchanged: it still drives the task, decides when to call the model, and interprets responses. MeshAgent acts as the LLM gateway.

Setup: Shared first steps

These steps apply regardless of which CLI agent you are using.

1. Authenticate to MeshAgent and create an API key

If you haven’t set up MeshAgent yet, start with meshagent setup. Then create an API key. Copy the printed value — it is shown only once. 
meshagent api-key create --activate cli-agent-key

2. Create a token spec and generate a participant token JWT

The Room Proxy requires a participant token (JWT) as the bearer credential. The API key from Step 1 is used to sign it. The JWT is scoped to a specific room. Create a token spec file (contains no secrets — safe to commit):
token-spec.yaml
version: v1
kind: ParticipantToken
room: my-room
identity: cli-agent
role: agent
api:
  agents: {}
  messaging: {}
  queues: {}
  storage: {}
  memory: {}
  sync: {}
  database: {}
Replace my-room with your room name, then generate the JWT: 
meshagent token generate --input token-spec.yaml
This prints a eyJ... JWT. Store it somewhere secure — you will use it as the API key value in your CLI agent’s configuration.
Token expiration: Tokens do not expire by default. Regenerate at any time by re-running this command with the same spec file.

3. What is the Meshagent-Session header?

The proxy requires a Meshagent-Session header on every request. For the Room Proxy, this value is the session identifier MeshAgent attaches to usage tracking for that proxied traffic. For CLI tools, use a stable name for one run or terminal session such as codex-agent, codex-ci, or claude-local. This lets MeshAgent group token usage from that client session under the same session ID in reporting. The header is consumed by MeshAgent and is not forwarded to OpenAI or Anthropic.

Codex CLI

Codex CLI supports custom model providers in ~/.codex/config.toml, including custom base URLs, API key env vars, and static HTTP headers — making it a natural fit for the Room Proxy.

Install Codex

brew install openai-codex

Store the JWT as an environment variable

Add the JWT from the shared setup to your shell environment: 
export MESHAGENT_ROOM_TOKEN="eyJ..."   # your full JWT here
For a persistent setup, add this to a .env file that is sourced in your shell profile.

Configure ~/.codex/config.toml

Add a MeshAgent provider and profile:
~/.codex/config.toml
[model_providers.meshagent]
name = "MeshAgent"
base_url = "https://api.meshagent.com/rooms/my-room/openai/v1"
env_key = "MESHAGENT_ROOM_TOKEN"
http_headers = { "Meshagent-Session" = "codex-agent" }

[profiles.meshagent]
model_provider = "meshagent"
model = "gpt-5.4"
KeyDescription
base_urlReplace my-room with your room name.
env_keyThe env var name holding the JWT from the shared setup.
http_headersSets the session ID MeshAgent uses for usage attribution.
modelAny model available through the OpenAI API.

Run Codex with the MeshAgent profile

codex --profile meshagent "your task here"

Claude Code

Claude Code is Anthropic’s CLI coding agent. It uses the Anthropic API and can be pointed at a custom base URL via environment variables.

Install Claude Code

curl -fsSL https://claude.ai/install.sh | bash

Configure environment variables

Set the following in your shell environment (or .env file): 
export ANTHROPIC_BASE_URL="https://api.meshagent.com/rooms/my-room/anthropic"
export ANTHROPIC_AUTH_TOKEN="eyJ..."   # your JWT from the shared setup
export ANTHROPIC_CUSTOM_HEADERS=$'Meshagent-Session: name-for-your-session'
Note: You may want to export the ANTHROPIC_MODEL you want to use as well for example claude-sonnet-4-6. You can also change the model when claude is running by running /model claude-sonnet-4-6.

Run Claude Code

If you have previously logged into Claude with another account be sure to run claude /logout before connecting through MeshAgent. 
claude