How to Add the Atlassian MCP Server to Codex CLI
A step-by-step, hand-verified guide to connecting Atlassian’s official remote MCP server — Jira and Confluence — to OpenAI’s Codex CLI. You get the exact codex mcp add command, the ~/.codex/config.toml block, the OAuth login flow, a first prompt to prove it works, and the specific steps to add Jira and Confluence. No fabricated syntax: every command below is checked against OpenAI’s and Atlassian’s current docs.

On this page · 12 sections▾
TL;DR — the two-minute setup
Codex reads MCP servers from one file, ~/.codex/config.toml. The Atlassian MCP server is remote and OAuth-secured, so the reliable path is to bridge it with mcp-remote. One command:
codex mcp add atlassian -- npx -y mcp-remote https://mcp.atlassian.com/v1/mcp/authv2Then start codex. A browser tab opens, you approve Atlassian’s OAuth consent screen, and the Jira + Confluence tools appear. Confirm with /mcp inside the session. If your Codex build supports remote MCP OAuth natively, there’s an even cleaner path (a url block plus codex mcp login) — both are covered below. Everything else in this guide is the detail behind those two lines: prerequisites, the OAuth flow, verifying it, adding Jira and Confluence specifically, and the errors people actually hit.
What the Atlassian MCP server does
The Atlassian MCP server exposes Jira and Confluence to an AI client as callable tools. Once connected, Codex can search issues with JQL, read and create issues, transition statuses, add comments and worklogs, and search, read, and write Confluence pages — all as you, bounded by your existing Atlassian permissions. It is Atlassian’s own remote server, hosted at mcp.atlassian.com, not a local package you run. That single fact drives the whole setup: there is no npm install, no binary — you point Codex at a URL and authenticate over OAuth 2.1. For the full server overview (both the official server and the community alternative for Server/Data Center), see our Jira MCP server guide; this page is only about wiring it into Codex.
Prerequisites
- Codex CLI installed. Install or update with
npm i -g @openai/codex. Older builds have rougher MCP handling on Windows — update first. Start a session once withcodexto create~/.codex/config.tomlif it doesn’t exist. Not set up yet? Our Codex client page has the base configuration. - Node.js 18+. The
mcp-remotebridge runs undernpx, so you need Node on your PATH. Check withnode --version. - An Atlassian Cloud site. The official server connects to Cloud only — a
*.atlassian.netsite with Jira and/or Confluence. Jira Server or Data Center is not supported by this server (use the community server for on-prem, covered in the guide linked above). - A browser on the same machine for the one-time OAuth consent. For headless/CI, use the API-token path in the errors section.
Add it to Codex CLI
There are two ways to register the server. Method A works on every Codex version. Method B is cleaner but needs a recent build that speaks remote MCP OAuth. Pick one.
Method A — the mcp-remote bridge (works everywhere)
codex mcp add registers a stdio command; mcp-remote is a small Node proxy that turns Atlassian’s OAuth HTTP endpoint into that stdio command and handles the browser round-trip. Run:
codex mcp add atlassian -- npx -y mcp-remote https://mcp.atlassian.com/v1/mcp/authv2That writes a table into ~/.codex/config.toml. You can also hand-write it — identical result:
[mcp_servers.atlassian]
command = "npx"
args = ["-y", "mcp-remote", "https://mcp.atlassian.com/v1/mcp/authv2"]
startup_timeout_sec = 60 # optional; the first cold npx run can be slowOne opinionated note: raise startup_timeout_sec from its default of 10. The first run downloads mcp-remote and opens a browser, which routinely blows a 10-second handshake budget. Sixty seconds removes a whole class of “request timed out” confusion.
Method B — native url + codex mcp login (recent Codex)
Newer Codex builds can talk to a streamable-HTTP MCP server directly and run the OAuth flow themselves, no Node bridge. Per OpenAI’s Codex MCP docs, a remote server is a url table:
[mcp_servers.atlassian]
url = "https://mcp.atlassian.com/v1/mcp/authv2"Then authenticate with the login subcommand, which opens the browser consent screen:
codex mcp login atlassianCodex stores the resulting token according to mcp_oauth_credentials_store (auto, file, or keyring) from the config reference. Honest caveat: adding a remote OAuth server through the CLI in one shot is still maturing — there’s an open request to give codex mcp add a --url/--oauth flag (issue #23846). Until that lands, Method A is the path that never surprises you.
The canonical server card — the same one on our Atlassian server page — is below. It’s the quick reference for GUI clients; for Codex, use the exact config.toml blocks above, since Codex needs the remote-server config rather than a local package.
One-line install · Atlassian (Jira & Confluence)
Open server pageInstall
Complete the OAuth login
Atlassian’s server uses OAuth 2.1 as its primary authentication, so the token is bound to your identity and every action respects your existing project and space roles. The flow, whichever method you chose:
- Start Codex (Method A) or run
codex mcp login atlassian(Method B). A browser tab opens to Atlassian’s consent screen. - Sign in if needed, pick the Atlassian site to grant, and approve. The tab shows a success page you can close.
- The token is cached — Method A stores it under
~/.mcp-auth(mcp-remote’s cache), Method B under Codex’s credential store. Subsequent sessions reuse it; you don’t re-authenticate every run.
If the browser never opens on a remote or headless box, set a fixed callback port so you can forward it — mcp_oauth_callback_port is a top-level key in config.toml. And if a browser genuinely isn’t available, switch to the API-token path in the errors section.
Verify it works
Two checks — one from the terminal, one from a prompt. First, list what Codex parsed and connected:
codex mcp list # atlassian should appear, connected
codex mcp get atlassian # shows the resolved config for one serverInside a Codex session, /mcp shows the same view plus the tool names. Then prove the round-trip with a real request — the canonical first prompt:
> List my open Jira issues, newest first, with key, status, and assignee.Codex compiles that to a JQL query, calls searchJiraIssuesUsingJql, and prints a real table from your instance. If you get rows back, the connection, the OAuth grant, and your permissions all check out. If the tools aren’t there, jump to common errors — the OAuth step is the usual culprit.
Add Jira to Codex
There is no separate “Jira MCP” to install for Codex — Jira is part of the one Atlassian server you already added. Finish the setup above and the Jira tool surface is live. The ones you’ll actually use, from Atlassian’s supported-tools reference:
searchJiraIssuesUsingJql— the workhorse. Every “find me…” request compiles to this.getJiraIssue,getVisibleJiraProjects,getTransitionsForJiraIssue— read paths.createJiraIssue,editJiraIssue,transitionJiraIssue,addCommentToJiraIssue— write paths.
A prompt that exercises write access, from inside a Codex session in your repo:
> Read PAY-1421 from Jira, implement the change it describes in this
codebase, then transition the issue to "In Review" and add a comment
linking the files you touched.This is the “codex add jira mcp” workflow people are actually after: issue-driven development where the ticket is context and the status update is a tool call, not a context switch. The failure mode to know: hallucinated custom field names surface immediately as a JQL parse error, and the agent self-corrects in one round-trip.
Add Confluence
Confluence rides the same connection — no second server, no second login. Once the Atlassian server is authenticated, Codex has the Confluence tools too: searchConfluenceUsingCql, getConfluencePage, createConfluencePage, and updateConfluencePage, plus comment tools. If you only use Jira, you can ignore them; they cost nothing when unused.
A recipe that ties both products together in one prompt:
> Summarize everything that moved to Done in project PAY this week,
then write it up as a new Confluence page titled "PAY — Weekly Ship
Log" under the Engineering space.Codex runs a JQL search, drafts the summary, and calls createConfluencePage. One caveat worth setting expectations on: the server is pull-and-push on request, not event-driven — there are no webhooks, so Codex reads and writes when you ask, it doesn’t react to Jira changes on its own.
Common errors and fixes
Tools never appear / OAuth didn’t complete
The most common one. Run /mcp inside a session to re-trigger authentication and approve in the browser; check codex mcp list for the server’s status. Confirm you’re on /v1/mcp/authv2, not the retired /v1/sse endpoint. And ask whether your Atlassian org admin has disabled the MCP server — that kills the flow org-wide regardless of your config.
“program not found” (Windows)
On Windows, npx is a .cmd script and older Codex builds can’t spawn it. Update Codex first, or point at the full npx.cmd path. This and every other Windows quirk is covered in our Codex MCP on Windows fix guide.
TOML parse error on the config
Usually a Windows path in double quotes (backslashes are escape characters in TOML) or a mistyped table header. Paste your file into the Codex config validator — it flags structural problems with line-level pointers, entirely in your browser.
Need it headless (CI, no browser)
Skip OAuth and use API-token auth against the /v1/mcp endpoint with a bearer token env var. Your org admin must allow API-token auth first.[mcp_servers.atlassian] url = "https://mcp.atlassian.com/v1/mcp" bearer_token_env_var = "ATLASSIAN_API_TOKEN"
429 rate-limit errors
Atlassian throttles MCP traffic per user, and heavy agents hit it fast — community reports describe lockouts after listing a few dozen issues. Batch: one precise JQL call with a capped maxResults instead of per-issue loops. Reports on r/atlassian describe roughly 30-minute waits with no reset time in the error.
Community signal
Three sources, each a public, verifiable artifact — the maintainer’s framing, a Codex-specific walkthrough, and an honest look at where the tooling is still rough.
Think in @claudeai, ship in Jira.
— Atlassian (@Atlassian)March 2, 2026
Your AI teammate can now access your projects, pages, and priorities as live context. Turn those specs and insights into action, without missing a beat.
For more you can do with the Rovo MCP server ➡️ https://t.co/GGTQGCw5NH
“On first connection, a browser window opens for Atlassian authentication. Subsequent sessions reuse the cached token.”
Daniel Vaughan (Codex Knowledge Base) · Blog
A Codex-specific walkthrough of the exact mcp-remote setup this guide recommends, including the browser OAuth flow and the pull-only (no-webhook) limitation.
“Add --oauth [URL] to codex mcp add for configuring OAuth resource.”
openai/codex issue #23846 (open feature request) · Blog
The contrarian data point: registering a remote OAuth server through the CLI in one command isn't there yet. That's why mcp-remote (Method A) remains the reliable path in 2026.
Frequently asked questions
How do I add the Atlassian MCP to Codex?
Register the remote server through the mcp-remote bridge: codex mcp add atlassian -- npx -y mcp-remote https://mcp.atlassian.com/v1/mcp/authv2. Start Codex and a browser opens for Atlassian's OAuth 2.1 consent. Approve it, then run /mcp inside the session to confirm the Jira and Confluence tools loaded. That is the whole flow.
What is the Codex config for the Atlassian MCP server?
In ~/.codex/config.toml, a [mcp_servers.atlassian] table with command = "npx" and args = ["-y", "mcp-remote", "https://mcp.atlassian.com/v1/mcp/authv2"]. Recent Codex builds also accept a native url = "https://mcp.atlassian.com/v1/mcp/authv2" line paired with codex mcp login atlassian, which skips the Node bridge entirely.
How do I add Jira to Codex?
Jira ships inside the one Atlassian MCP server — there is no separate Jira-only endpoint. Add the Atlassian server once with the mcp-remote command, finish the OAuth login, and Jira tools such as searchJiraIssuesUsingJql and createJiraIssue are live. Ask Codex to "list my open Jira issues" to confirm the connection works.
How do I install the Atlassian MCP in Codex?
Nothing installs locally — the Atlassian MCP server is remote-hosted. You install only the bridge, and npx -y mcp-remote fetches it on demand. Run codex mcp add atlassian -- npx -y mcp-remote https://mcp.atlassian.com/v1/mcp/authv2, then complete the browser OAuth. Node.js 18+ and an Atlassian Cloud site are the only prerequisites.
Does codex mcp add support the Atlassian remote server directly?
Not with a URL flag yet — codex mcp add targets stdio commands, and adding a --url or --oauth option is an open request (openai/codex issue #23846). So you either wrap the remote endpoint in mcp-remote via codex mcp add, or hand-write a url block in config.toml and run codex mcp login atlassian to authenticate.
Do I need mcp-remote to use Atlassian in Codex?
On older Codex builds, yes — mcp-remote bridges Atlassian's OAuth remote server to the stdio transport codex mcp add expects. On recent builds that support remote MCP OAuth natively, you can skip it: put url = "https://mcp.atlassian.com/v1/mcp/authv2" in config.toml and authenticate with codex mcp login atlassian.
Why don't the Atlassian tools show up in Codex?
Almost always the OAuth flow never completed. Run /mcp inside a session to re-trigger it and approve in the browser. Also check codex mcp list for the server's status, confirm you're on /v1/mcp/authv2 (not the retired /v1/sse endpoint), and make sure your Atlassian org admin hasn't disabled the MCP server.
Sources & further reading
Primary — Atlassian
- github.com/atlassian/atlassian-mcp-server — the official remote server; confirms the
/v1/mcp/authv2(OAuth) and/v1/mcp(API-token) endpoints and the hosted-only model. - Atlassian Rovo MCP Server — getting started — OAuth 2.1, prerequisites, Cloud-only support.
Primary — OpenAI Codex
- developers.openai.com/codex/mcp —
codex mcp add, the stdio and streamable-HTTP TOML schema,startup_timeout_sec. - developers.openai.com/codex/config-reference —
url,bearer_token_env_var,mcp_oauth_callback_port,mcp_oauth_credentials_store.
Community & walkthroughs
- Codex CLI and Jira: issue-driven development with the Atlassian MCP server — a Codex-specific tutorial (mcp-remote, browser OAuth).
- Composio — how to use MCPs with Codex —
codex mcp loginand nativeurlconfig. - openai/codex #23846 — feature request to add a
--oauthflag tocodex mcp add. - r/atlassian — “Atlassian MCP server always just 429’s” — rate-limit reports.
- First-party X post: @Atlassian, March 2, 2026
Internal
- /servers/atlassian-jira-confluence — canonical server page
- /clients/codex — Codex client setup
- Jira MCP server guide — official vs community, tools, JQL recipes
- Codex MCP on Windows fix guide — every Windows failure mode
- Codex CLI config validator — paste-and-check your config.toml