Skip to main content
Manage tool integrations independently of the base setup. Enable wires a tool to use cordon (running base setup if needed); disable removes only the tool-specific settings.

cordon integration enable

Enable a tool integration. Runs the base setup if needed, then configures the tool’s proxy settings. 
cordon integration enable <tool> [--scope project|user] [OPTIONS]
Argument / OptionDescription
<tool>claude-code, codex, or hermes
--scopeConfiguration scope (see defaults below)
--config, -cPath to cordon.toml (default: ./cordon.toml)
--yesSkip confirmation prompts
--trustAdd CA to system trust store
--no-trustSkip trust store prompt
--regenerate-caRegenerate the CA certificate
--serviceInstall cordon as a background service
--no-serviceSkip the service install prompt

Default scopes

Each tool has a default scope that matches its typical usage pattern:
ToolDefault scope
claude-codeproject
codexproject
hermesuser
Override with --scope: 
# Use user scope for claude-code instead of the default project scope
cordon integration enable claude-code --scope user

Examples

# Enable Claude Code integration (project scope)
cordon integration enable claude-code

# Enable Codex integration with trust and service install
cordon integration enable codex --trust --service

# Enable Hermes integration (defaults to user scope)
cordon integration enable hermes

cordon integration disable

Disable a tool integration. Removes only the settings that the integration wrote — keeps the CA files and cordon.toml so you can re-enable without rotating certificates. 
cordon integration disable <tool> [--scope project|user] [OPTIONS]
Argument / OptionDescription
<tool>claude-code, codex, or hermes
--scopeConfiguration scope (same defaults as enable)
--config, -cPath to cordon.toml
--yesSkip confirmation prompts
--trustAlso remove the CA from the system trust store

Examples

# Disable Claude Code integration
cordon integration disable claude-code

# Disable and remove CA from trust store
cordon integration disable codex --trust

# Disable Hermes integration (defaults to user scope)
cordon integration disable hermes

# Skip confirmation
cordon integration disable claude-code --yes
Disabling an integration is safe — it only removes tool-specific wiring. The CA certificate, key, and cordon.toml are retained so you can re-enable with cordon integration enable without regenerating anything.