JetBrains users no longer have to leave the IDE to try Codex through the Copilot agent picker. The setup is short, but the permission mode determines how much the agent can change without stopping for confirmation.
Quick answer
Install the Codex CLI, enable Codex in the JetBrains Copilot Chat settings, set the CLI path, and select it from the agent picker. Begin with default approvals in a disposable branch and inspect every command and diff.
# Confirm the CLI exists before configuring the IDE.
codex --version
# Then set its executable path under:
# Settings > Tools > GitHub Copilot > Chat
what changed
Codex is available as an agent provider in public preview in the GitHub Copilot plugin for JetBrains IDEs. The same update adds hooks, richer MCP management, permission controls, custom models for managed plans, and generally available Inline Chat.
This is a current platform change, so confirm availability for your plan, organization, and installed client before changing a production workflow. Preview features can also change faster than generally available controls.
who should use it
Default approvals suit unfamiliar repositories and sensitive work. Bypass and Autopilot modes reduce interruptions but expand the consequences of a mistaken command, so teams should define where those modes are acceptable.
The practical question is whether the feature removes a real bottleneck or security gap in your workflow. A new control is not valuable merely because it exists; it needs an owner, a narrow purpose, and an observable result.
a safe implementation
- Update the Copilot plugin and install Codex CLI.
- Enable the preview feature if an enterprise policy requires it.
- Start in a new branch with default approvals.
- Run tests and review the full diff before committing.
Make the first rollout small enough to reverse. Record the previous behavior, the setting or command that changed it, and the person responsible for deciding whether the experiment expands.
the mistake to avoid
Do not grant broad permissions merely to make a demo feel smoother. MCP servers, hooks, terminals, and filesystem access can reach data far beyond the file currently open in the editor.
Convenience features still operate inside your existing trust model. Repository permissions, protected environments, review rules, test accounts, and audit logs remain important even when the new workflow removes manual steps.
how to verify it
Ask the agent for a tiny test-backed change. Confirm the IDE shows the expected provider, approvals behave as configured, only intended files change, and the repository tests pass from a clean state.
Keep the verification evidence in the pull request or rollout ticket. That gives reviewers something concrete to evaluate and gives the next person a known baseline when the platform changes again.
rollout checklist
- Confirm the feature and client version are available.
- Test with non-production data and minimum permissions.
- Capture expected success and failure behavior.
- Document rollback and ownership.
- Recheck the official announcement before a wide rollout.
official reference
The announcement is the source of truth for availability and product behavior. This article focuses on the implementation decisions teams should make around it.