Fix: Add id_token field for codex-cli v0.117.0+ compatibility

[Chewy-b0t]

Fix: Add id_token field for codex-cli v0.117.0+ compatibility

Problem

Starting with codex-cli version 0.117.0, the auth.json file requires an id_token field inside the tokens object. When switching accounts with cq, users get this error:

missing field `id_token` at line 7 column 3

This happens because cq doesn't write the id_token field when updating the codex auth configuration.

Solution

Add the id_token field (set to the same value as access_token) in both functions that write codex auth configuration:

• ApplyAccountToCodex() in internal/config/managed.go
• saveCodexAccount() in internal/config/loader.go

Changes

internal/config/managed.go

tokens["access_token"] = account.AccessToken
tokens["id_token"] = account.AccessToken  // ← Added
if account.RefreshToken != "" {
    tokens["refresh_token"] = account.RefreshToken
}

internal/config/loader.go

tokens["access_token"] = account.AccessToken
tokens["id_token"] = account.AccessToken  // ← Added
if account.RefreshToken != "" {
    tokens["refresh_token"] = account.RefreshToken
}

Testing

1. Build cq with these changes
2. Switch to a different account using cq
3. Run codex - should work without the id_token error
4. Verify ~/.codex/auth.json contains the id_token field

Compatibility

• ✅ Fixes codex-cli v0.117.0+
• ✅ Backward compatible (older versions ignore the extra field)
• ✅ No breaking changes

Related

This field is required by the OpenAI auth system for newer versions of codex-cli. The id_token is typically the same JWT as the access_token.