Per-harness notes
Harness-specific notes for Claude Code, Codex, OpenCode, Grok, and Cursor.
Proliferate runs five harnesses today: Claude Code, Codex, OpenCode, Grok, and Cursor. Most of what's in this section applies the same way across all of them, but a few details are harness-specific.
Gemini CLI is no longer a supported harness. Google's upstream Gemini CLI project moved to an enterprise-only distribution, so it was removed rather than left in a broken state. If you have older material referencing it, treat it as retired.
Claude Code
- Route options: native, one API key, or the gateway. Only one at a time.
- Suggested key variable:
ANTHROPIC_API_KEY. - Native sign-in:
claude login's OAuth flow, or a cached credential Claude Code already stores locally. - Gateway models: current Claude Sonnet, Haiku, and Opus releases.
Codex
- Route options: native, one API key, or the gateway. Only one at a time.
- Suggested key variable:
OPENAI_API_KEY. - Native sign-in:
codex login's OAuth flow, or a cached credential Codex already stores locally. - Gateway models: current GPT-5 family releases.
OpenCode
- Route options: the gateway plus any number of API key rows, all at once. OpenCode is the one harness built to call more than one provider in the same session.
- Suggested key variable: none fixed. Use Add provider to search a vendored list of well over a hundred providers (Anthropic, OpenAI, Groq, OpenRouter, Together AI, and more); picking one prefills the right variable name for you.
- Because there's no single required credential, OpenCode is ready to run as soon as any one provider, or the gateway, is turned on.
Grok
- Route options: native, one API key, or the gateway. Only one at a time.
- Suggested key variables:
XAI_API_KEYorGROK_API_KEY. - Native sign-in: a cached login token from
grok login. - Grok isn't bundled with the desktop app the way Claude Code and Codex are; it downloads the first time you use it.
- Gateway models: current Grok releases, served through xAI.
Cursor: why it's different
Cursor doesn't have an Authentication tab with routes to pick. It always
signs in with its own account (cursor-agent login) on both local and cloud
runs, and it isn't part of the gateway or BYOK system at all.
This isn't a temporary gap, it's how Cursor's CLI is built: there's no supported way to hand it a bare provider API key or point it at another gateway, so Proliferate doesn't pretend otherwise. If Cursor is already signed in on your machine, Proliferate picks that up automatically; there's nothing else to configure.