SpyBara
Go Premium

Documentation 2026-02-10 21:13 UTC to 2026-02-11 21:10 UTC

4 files changed +177 −7. View all changes and history on the product overview
2026
Sat 28 21:01 Fri 27 21:05 Thu 26 21:08 Wed 25 03:47 Tue 24 21:08 Mon 23 21:13 Sat 21 18:03 Fri 20 21:03 Thu 19 21:06 Wed 18 03:48 Tue 17 21:08 Mon 16 21:05 Sat 14 03:44 Fri 13 21:09 Thu 12 00:06 Wed 11 21:10 Tue 10 21:13 Mon 9 15:17 Sat 7 21:05 Fri 6 21:06 Thu 5 21:06 Wed 4 21:07 Tue 3 21:08 Sun 1 21:03

chrome.md +11 −3

Details

11Claude opens new tabs for browser tasks and shares your browser's login state, so it can access any site you're already signed into. Browser actions run in a visible Chrome window in real time. When Claude encounters a login page or CAPTCHA, it pauses and asks you to handle it manually.11Claude opens new tabs for browser tasks and shares your browser's login state, so it can access any site you're already signed into. Browser actions run in a visible Chrome window in real time. When Claude encounters a login page or CAPTCHA, it pauses and asks you to handle it manually.

12 12 

13<Note>13<Note>

14 Chrome integration is in beta and currently works with Google Chrome only. It is not yet supported on Brave, Arc, or other Chromium-based browsers. WSL (Windows Subsystem for Linux) is also not supported.14 Chrome integration is in beta and currently works with Google Chrome and Microsoft Edge. It is not yet supported on Brave, Arc, or other Chromium-based browsers. WSL (Windows Subsystem for Linux) is also not supported.

15</Note>15</Note>

16 16 

17## Capabilities17## Capabilities

30 30 

31Before using Claude Code with Chrome, you need:31Before using Claude Code with Chrome, you need:

32 32 

33* [Google Chrome](https://www.google.com/chrome/) browser33* [Google Chrome](https://www.google.com/chrome/) or [Microsoft Edge](https://www.microsoft.com/edge) browser

34* [Claude in Chrome extension](https://chromewebstore.google.com/detail/claude/fcoeoabgfenejglbffodgkkbkcdhcgfn) version 1.0.36 or higher34* [Claude in Chrome extension](https://chromewebstore.google.com/detail/claude/fcoeoabgfenejglbffodgkkbkcdhcgfn) version 1.0.36 or higher, available in the Chrome Web Store for both browsers

35* [Claude Code](/en/quickstart#step-1-install-claude-code) version 2.0.73 or higher35* [Claude Code](/en/quickstart#step-1-install-claude-code) version 2.0.73 or higher

36* A direct Anthropic plan (Pro, Max, Team, or Enterprise)36* A direct Anthropic plan (Pro, Max, Team, or Enterprise)

37 37 

180 180 

181If the connection still fails, verify the host configuration file exists at:181If the connection still fails, verify the host configuration file exists at:

182 182 

183For Chrome:

184 

183* **macOS**: `~/Library/Application Support/Google/Chrome/NativeMessagingHosts/com.anthropic.claude_code_browser_extension.json`185* **macOS**: `~/Library/Application Support/Google/Chrome/NativeMessagingHosts/com.anthropic.claude_code_browser_extension.json`

184* **Linux**: `~/.config/google-chrome/NativeMessagingHosts/com.anthropic.claude_code_browser_extension.json`186* **Linux**: `~/.config/google-chrome/NativeMessagingHosts/com.anthropic.claude_code_browser_extension.json`

185* **Windows**: check `HKCU\Software\Google\Chrome\NativeMessagingHosts\` in the Windows Registry187* **Windows**: check `HKCU\Software\Google\Chrome\NativeMessagingHosts\` in the Windows Registry

186 188 

189For Edge:

190 

191* **macOS**: `~/Library/Application Support/Microsoft Edge/NativeMessagingHosts/com.anthropic.claude_code_browser_extension.json`

192* **Linux**: `~/.config/microsoft-edge/NativeMessagingHosts/com.anthropic.claude_code_browser_extension.json`

193* **Windows**: check `HKCU\Software\Microsoft\Edge\NativeMessagingHosts\` in the Windows Registry

194 

187### Browser not responding195### Browser not responding

188 196 

189If Claude's browser commands stop working:197If Claude's browser commands stop working:

permissions.md +1 −1

Details

216 216 

217## Managed settings217## Managed settings

218 218 

219For organizations that need centralized control over Claude Code configuration, administrators can deploy `managed-settings.json` files to system directories. These policy files follow the same format as regular settings files and cannot be overridden by user or project settings.219For organizations that need centralized control over Claude Code configuration, administrators can deploy `managed-settings.json` files to system directories. These policy files follow the same format as regular settings files and cannot be overridden by user or project settings. For organizations without device management infrastructure, [server-managed settings](/en/server-managed-settings) provide an alternative that delivers configurations from Anthropic's servers.

220 220 

221**Managed settings file locations**:221**Managed settings file locations**:

222 222 

server-managed-settings.md +162 −0 created

Details

1> ## Documentation Index

2> Fetch the complete documentation index at: https://code.claude.com/docs/llms.txt

3> Use this file to discover all available pages before exploring further.

4 

5# Configure server-managed settings (public beta)

6 

7> Centrally configure Claude Code for your organization through server-delivered settings, without requiring device management infrastructure.

8 

9Server-managed settings allow administrators to centrally configure Claude Code through a web-based interface on Claude.ai. Claude Code clients automatically receive these settings when users authenticate with their organization credentials.

10 

11This approach is designed for organizations that do not have device management infrastructure in place, or need to manage settings for users on unmanaged devices.

12 

13<Note>

14 Server-managed settings are in public beta and available for [Claude for Teams](https://claude.com/pricing#team-&-enterprise) and [Claude for Enterprise](https://anthropic.com/contact-sales) customers. Features may evolve before general availability.

15</Note>

16 

17## Requirements

18 

19To use server-managed settings, you need:

20 

21* Claude for Teams or Claude for Enterprise plan

22* Claude Code version 2.1.30 or later

23* Network access to `api.anthropic.com`

24 

25## Choose between server-managed and endpoint-managed settings

26 

27Claude Code supports two approaches for centralized configuration. Server-managed settings deliver configuration from Anthropic's servers. [Endpoint-managed settings](/en/permissions#managed-settings) deploy a `managed-settings.json` file to system directories via MDM (mobile device management).

28 

29| Approach | Best for | Security model |

30| :---------------------------------------------------------------- | :------------------------------------------------------- | :----------------------------------------------------------------- |

31| **Server-managed settings** | Organizations without MDM, or users on unmanaged devices | Settings delivered from Anthropic's servers at authentication time |

32| **[Endpoint-managed settings](/en/permissions#managed-settings)** | Organizations with MDM or endpoint management | Settings deployed to protected system directories by IT |

33 

34If your devices are enrolled in an MDM or endpoint management solution, endpoint-managed settings provide stronger security guarantees because the settings file can be protected from user modification at the OS level.

35 

36## Configure server-managed settings

37 

38<Steps>

39 <Step title="Open the admin console">

40 In [Claude.ai](https://claude.ai), navigate to **Admin Settings > Claude Code > Managed settings**.

41 </Step>

42 

43 <Step title="Define your settings">

44 Add your configuration as JSON. All [settings available in `settings.json`](/en/settings#available-settings) are supported, including [managed-only settings](/en/permissions#managed-only-settings) like `disableBypassPermissionsMode`.

45 

46 This example enforces a permission deny list and prevents users from bypassing permissions:

47 

48 ```json theme={null}

49 {

50 "permissions": {

51 "deny": [

52 "Bash(curl *)",

53 "Read(./.env)",

54 "Read(./.env.*)",

55 "Read(./secrets/**)"

56 ]

57 },

58 "disableBypassPermissionsMode": "disable"

59 }

60 ```

61 </Step>

62 

63 <Step title="Save and deploy">

64 Save your changes. Claude Code clients receive the updated settings on their next startup or hourly polling cycle.

65 </Step>

66</Steps>

67 

68### Verify settings delivery

69 

70To confirm that settings are being applied, ask a user to restart Claude Code. If the configuration includes settings that trigger the [security approval dialog](#security-approval-dialogs), the user sees a prompt describing the managed settings on startup. You can also verify that managed permission rules are active by having a user run `/permissions` to view their effective permission rules.

71 

72### Access control

73 

74The following roles can manage server-managed settings:

75 

76* **Primary Owner**

77* **Owner**

78 

79Restrict access to trusted personnel, as settings changes apply to all users in the organization.

80 

81### Current limitations

82 

83Server-managed settings have the following limitations during the beta period:

84 

85* Settings apply uniformly to all users in the organization. Per-group configurations are not yet supported.

86* [MCP server configurations](/en/mcp#managed-mcp-configuration) cannot be distributed through server-managed settings.

87 

88## Settings delivery

89 

90### Settings precedence

91 

92Server-managed settings and [endpoint-managed settings](/en/permissions#managed-settings) both occupy the highest tier in the Claude Code [settings hierarchy](/en/settings#settings-precedence), and user or project settings cannot override them. When both are present, server-managed settings take precedence and the local `managed-settings.json` file is not used.

93 

94### Fetch and caching behavior

95 

96Claude Code fetches settings from Anthropic's servers at startup and polls for updates hourly during active sessions.

97 

98**First launch without cached settings:**

99 

100* Claude Code fetches settings asynchronously

101* If the fetch fails, Claude Code continues without managed settings

102* There is a brief window before settings load where restrictions are not yet enforced

103 

104**Subsequent launches with cached settings:**

105 

106* Cached settings apply immediately at startup

107* Claude Code fetches fresh settings in the background

108* Cached settings persist through network failures

109 

110Claude Code applies settings updates automatically without a restart, except for advanced settings like OpenTelemetry configuration, which require a full restart to take effect.

111 

112### Security approval dialogs

113 

114Certain settings that could pose security risks require explicit user approval before being applied:

115 

116* **Shell command settings**: settings that execute shell commands

117* **Custom environment variables**: variables not in the known safe allowlist

118* **Hook configurations**: any hook definition

119 

120When these settings are present, users see a security dialog explaining what is being configured. Users must approve to proceed. If a user rejects the settings, Claude Code exits.

121 

122<Note>

123 In non-interactive mode with the `-p` flag, Claude Code skips security dialogs and applies settings without user approval.

124</Note>

125 

126## Platform availability

127 

128Server-managed settings require a direct connection to `api.anthropic.com` and are not available when using third-party model providers:

129 

130* Amazon Bedrock

131* Google Vertex AI

132* Microsoft Foundry

133* Custom API endpoints via `ANTHROPIC_BASE_URL` or [LLM gateways](/en/llm-gateway)

134 

135## Audit logging

136 

137Audit log events for settings changes are available through the compliance API or audit log export. Contact your Anthropic account team for access.

138 

139Audit events include the type of action performed, the account and device that performed the action, and references to the previous and new values.

140 

141## Security considerations

142 

143Server-managed settings provide centralized policy enforcement, but they operate as a client-side control. On unmanaged devices, users with admin or sudo access can modify the Claude Code binary, filesystem, or network configuration.

144 

145| Scenario | Behavior |

146| :----------------------------------------------- | :-------------------------------------------------------------------------------------------------------------- |

147| User edits the cached settings file | Tampered file applies at startup, but correct settings restore on the next server fetch |

148| User deletes the cached settings file | First-launch behavior occurs: settings fetch asynchronously with a brief unenforced window |

149| API is unavailable | Cached settings apply if available, otherwise managed settings are not enforced until the next successful fetch |

150| User authenticates with a different organization | Settings are not delivered for accounts outside the managed organization |

151| User sets a non-default `ANTHROPIC_BASE_URL` | Server-managed settings are bypassed when using third-party API providers |

152 

153For stronger enforcement guarantees, use [endpoint-managed settings](/en/permissions#managed-settings) on devices enrolled in an MDM solution.

154 

155## See also

156 

157Related pages for managing Claude Code configuration:

158 

159* [Settings](/en/settings): complete configuration reference including all available settings

160* [Endpoint-managed settings](/en/permissions#managed-settings): file-based managed settings deployed by IT

161* [Authentication](/en/authentication): set up user access to Claude Code

162* [Security](/en/security): security safeguards and best practices

settings.md +3 −3

Details

93 These are system-wide paths (not user home directories like `~/Library/...`) that require administrator privileges. They are designed to be deployed by IT administrators.93 These are system-wide paths (not user home directories like `~/Library/...`) that require administrator privileges. They are designed to be deployed by IT administrators.

94 </Note>94 </Note>

95 95 

96 See [Managed settings](/en/permissions#managed-settings) and [Managed MCP configuration](/en/mcp#managed-mcp-configuration) for details.96 See [Managed settings](/en/permissions#managed-settings) and [Managed MCP configuration](/en/mcp#managed-mcp-configuration) for details. For organizations without device management infrastructure, see [server-managed settings](/en/server-managed-settings).

97 97 

98 <Note>98 <Note>

99 Managed deployments can also restrict **plugin marketplace additions** using99 Managed deployments can also restrict **plugin marketplace additions** using

354 354 

355Settings apply in order of precedence. From highest to lowest:355Settings apply in order of precedence. From highest to lowest:

356 356 

3571. **Managed settings** (`managed-settings.json`)3571. **Managed settings** ([`managed-settings.json`](/en/permissions#managed-settings) or [server-managed settings](/en/server-managed-settings))

358 * Policies deployed by IT/DevOps to system directories358 * Policies deployed by IT/DevOps to system directories, or delivered from Anthropic's servers for Claude for Enterprise customers

359 * Cannot be overridden by user or project settings359 * Cannot be overridden by user or project settings

360 360 

3612. **Command line arguments**3612. **Command line arguments**