diff --git a/bot_bottle/agent_provider.py b/bot_bottle/agent_provider.py
index dbd4a59..b0e538e 100644
--- a/bot_bottle/agent_provider.py
+++ b/bot_bottle/agent_provider.py
@@ -160,14 +160,14 @@ def agent_provision_plan(
         config_file.chmod(0o600)
         files.append(AgentProvisionFile(config_file, config_path))
 
+        for host in CODEX_HOST_CREDENTIAL_HOSTS:
+            egress_routes.append(EgressRoute(
+                host=host,
+                auth_scheme="Bearer" if forward_host_credentials else "",
+                token_ref=CODEX_HOST_CREDENTIAL_TOKEN_REF if forward_host_credentials else "",
+                tls_passthrough=True,
+            ))
         if forward_host_credentials:
-            for host in CODEX_HOST_CREDENTIAL_HOSTS:
-                egress_routes.append(EgressRoute(
-                    host=host,
-                    auth_scheme="Bearer",
-                    token_ref=CODEX_HOST_CREDENTIAL_TOKEN_REF,
-                    tls_passthrough=True,
-                ))
             auth_file = state_dir / "codex-auth.json"
             write_codex_dummy_auth_file(auth_file, host_env or dict(os.environ))
             files.append(AgentProvisionFile(auth_file, f"{auth_dir}/auth.json"))
diff --git a/tests/unit/test_agent_provider.py b/tests/unit/test_agent_provider.py
index b6c5588..e8905f2 100644
--- a/tests/unit/test_agent_provider.py
+++ b/tests/unit/test_agent_provider.py
@@ -117,7 +117,7 @@ class TestAgentProviderRuntime(unittest.TestCase):
             self.assertEqual(CODEX_HOST_CREDENTIAL_TOKEN_REF, r.token_ref)
             self.assertTrue(r.tls_passthrough)
 
-    def test_codex_without_forward_host_credentials_has_no_egress_routes(self):
+    def test_codex_without_forward_host_credentials_has_passthrough_egress_routes(self):
         with tempfile.TemporaryDirectory(prefix="bb-provider.") as tmp:
             plan = agent_provision_plan(
                 template="codex",
@@ -125,7 +125,14 @@ class TestAgentProviderRuntime(unittest.TestCase):
                 state_dir=Path(tmp),
                 forward_host_credentials=False,
             )
-        self.assertEqual((), plan.egress_routes)
+        self.assertEqual(
+            {r.host for r in plan.egress_routes},
+            set(CODEX_HOST_CREDENTIAL_HOSTS),
+        )
+        for r in plan.egress_routes:
+            self.assertEqual("", r.auth_scheme)
+            self.assertEqual("", r.token_ref)
+            self.assertTrue(r.tls_passthrough)
 
     def test_claude_plan_has_no_egress_routes(self):
         with tempfile.TemporaryDirectory(prefix="bb-provider.") as tmp: