Hmmm… can't reach this page: I get this after signing in anyone has this issue?

Codex Codex CLI
,
1

After completing the sign-in flow, the browser is redirected to a loopback (localhost) OAuth callback, but nothing is listening on port 1455. The page fails to load with “Hmmm… can’t reach this page – localhost refused to connect (ERR_CONNECTION_REFUSED)” and the login never completes.

Error (as shown in browser)

  • Message: Hmmm… can’t reach this page

  • Detail: localhost refused to connect

  • Code: ERR_CONNECTION_REFUSED

  • URL:

    http://localhost:1455/auth/callback?code=REDACTED&scope=openid+profile+email+offline_access&state=REDACTED

    (authorization code and state redacted in this report)

Expected result

After sign-in, the local callback endpoint accepts the request, the app/CLI captures the tokens, and the session is established.

Actual result

The callback to http://localhost:1455/auth/callback fails with ERR_CONNECTION_REFUSED and the login flow halts.

Environment

  • OS: [fill in e.g., Windows 11 23H2 / macOS 14.5 / Ubuntu 22.04]

  • Browser: [fill in e.g., Edge 126 / Chrome 126 / Safari 17]

  • Network: [fill in e.g., corporate VPN/proxy on? Zscaler?]

  • App/CLI: [fill in the exact tool & version you’re logging into]

Steps to reproduce

  1. Launch [app/CLI name and version].

  2. Start the login flow (opens browser to the provider’s sign-in page).

  3. Enter credentials and approve.

  4. Browser redirects to http://localhost:1455/auth/callback?...

  5. Page shows ERR_CONNECTION_REFUSED and login does not complete.

Suspected cause

The login uses a loopback OAuth redirect. A small local web server should be listening on port 1455 to receive the callback, but it’s either:

  • not running (parent app/CLI exited or failed to bind),

  • blocked by firewall/VPN/proxy rules,

  • bound only on IPv4/IPv6 while localhost resolves to the other, or

  • the port is in use by another process.

Troubleshooting tried

  • Kept the launching app/CLI running during login.

  • Retried in a second browser.

  • Disabled VPN/proxy temporarily and allowed the app through the OS firewall.

  • Checked the port:

    • Windows (PowerShell): netstat -ano | findstr :1455

    • macOS/Linux: lsof -i :1455

  • Verified localhost resolves correctly (ping localhost127.0.0.1).

  • Tried the callback with 127.0.0.1 instead of localhost:
    http://127.0.0.1:1455/auth/callback?...

2

The same localhost problem happens to me when I try on WSL 2 Ubuntu on VScode. When I try in on windows 11, it gives me a different error which is “Sign-in failed: {“code”:-32603,“message”:“failed to start login server: An attempt was made to access a socket in a way forbidden by its access permissions. (os error 10013)”}”

I’ve tried the steps you’ve done, and it still doesn’t work.
I also get the same localhost error when trying to use Codex on the terminal.

3

Got the fix.

How to Fix Codex Sign-In on VS Code with WSL2 (localhost:1455 errors)

I was stuck with ERR_CONNECTION_REFUSED, Invalid Session, and State mismatch errors when trying to sign in to Codex in VS Code with WSL2. After a lot of trial and error, here’s the full solution that worked for me.

Steps

1. Install Firefox inside WSL2

By default, Ubuntu on WSL2 doesn’t ship with a browser. Codex login requires one inside WSL, because the login server listens on localhost:1455 inside WSL only.

Install Firefox via Snap:

sudo apt update
sudo apt install -y snapd
sudo snap install firefox

:warning: Don’t try to use Windows Firefox/Chrome here — they can’t reach WSL’s loopback server without extra networking hacks.

2. Start the Codex login flow

In your WSL2 terminal:

codex auth login

This starts a local server at http://localhost:1455 (inside WSL) and prints a long https://auth.openai.com/... URL.

:warning: Keep this terminal open — if you close it, the login server shuts down.

3. Open the login URL in Firefox (inside WSL2)

Open another WSL2 terminal and run:

firefox "https://auth.openai.com/..."

  • Paste the full URL from the codex auth login output.

  • Quote the URL ("...") so bash doesn’t split on spaces.

  • If you see spaces in the URL (e.g. scope=openid profile email ...), replace them with %20.

This will launch Firefox through WSLg (GUI apps on Windows 11), and the redirect to localhost:1455 will correctly reach Codex’s listener.

4. Complete the sign-in

  • Log into your OpenAI account.

  • Approve access.

  • You should see either:

    • A browser success page: “Signed in to Codex”, or

    • The CLI prints:

      Successfully logged in

If you see “Invalid Session” or “State mismatch”:

  • Don’t reuse old URLs.

  • Restart with a fresh codex auth login.

  • Clear cookies for auth.openai.com in Firefox if needed.

5. Reload VS Code

Back in VS Code (Remote-WSL):

  • Run Ctrl+Shift+P → Reload Window.

  • The Codex extension should now show you as signed in.

If it still says “Sign in with ChatGPT”:

codex auth whoami   # should print your account
codex auth logout
codex auth login    # then redo the Firefox step

Notes

  • If you install Codex extension on Windows VS Code instead of WSL, you must log in on the Windows side (codex auth login in PowerShell/CMD) and may need URL ACLs:

    netsh http add urlacl url=http://localhost:1455/ user=%USERNAME%
netsh http add urlacl url=http://localhost:1455/auth/callback/ user=%USERNAME%

  • For most people, the cleanest way is do everything inside WSL2 using Linux Firefox installed via Snap.

TL;DR

  1. sudo apt install snapd && sudo snap install firefox

  2. Run codex auth login in WSL2 (keep terminal open).

  3. In another WSL2 terminal:

    firefox "https://auth.openai.com/..."

  4. Complete login → see “Signed in to Codex”.

  5. Reload VS Code window.

2 Likes
4

This seems awfully unnecessary for something so basic… Why does this inability to login with chat gpt only seem to be affecting some users… I’m pulling my hair out trying to sign in, both with the CLI (WSL) and VSCode extension

3 Likes
5

Not sure if this helps but I got the same error running it inside a container and noticed that for some reason the port was mapped as 1455 to 1456. I changed it to 1455 to 1455 and that worked.

image
image813×216 11.2 KB

6 Likes
6

This works for me, simply right click the port and select “change local adress port” and enter “1455”.

7

i had the codex extension for vscode running in wsl2 (mirrored mode) past 2 weeks. Then today I wanted to copy the exact same setup on my new laptop - and the codex openai login of the WSL2 installation didnt work localhost . 1455 /auth /callback “state missmatch”. Codex extension on native windows got authenticated.

So I found this thread and installed the firefox snap as suggested. But firefox did work (no screen X11/Wayland stuff). So Chatgpt told me to install the leightweight epiphany-browser:

sudo apt install epiphany-browser
run epiphany

After that I just copied the auth url from codex into epiphany-browser, logged into my account, allowed codex - and boom - authentication worked.

Thank your guys!
PS: VSCode WSL port forwarding says 1455→1455

8

That’s the issue. If you already installed the Codex extension before, it take port 1455. And Codex can not reconnect to VSCode without that port being available.

However that port is not automatically deleted if you remove the extension, or continue to use the same server. VS Code keeps holding it.

TLDR. Delete the port being held in vscode, and you can login fine.

9

OMG @henrik_hargedahl what a simply fix 1455 → 1455 (rather than 1456). Surely this is a bug? I have connected to several machines on VE Code both local VMs and AWS and they worked but for some reason - this machine - a Bitnami rather than Ubuntu really did not want to play - until I fixed the port forward :wink: Thank you so much. Still better than AI IMHO

10

It’s wired that forwarding port 1455 works, but curl manually doesn’t(it returns Not Found without redirection).