1> ## Documentation Index
2> Fetch the complete documentation index at: https://code.claude.com/docs/llms.txt
3> Use this file to discover all available pages before exploring further.
4
1# Claude Code settings5# Claude Code settings
2 6
3> Configure Claude Code with global and project-level settings, and environment variables.7> Configure Claude Code with global and project-level settings, and environment variables.
4 8
5Claude Code offers a variety of settings to configure its behavior to meet your needs. You can configure Claude Code by running the `/config` command when using the interactive REPL, which opens a tabbed Settings interface where you can view status information and modify configuration options.9Claude Code offers a variety of settings to configure its behavior to meet your needs. You can configure Claude Code by running the `/config` command when using the interactive REPL, which opens a tabbed Settings interface where you can view status information and modify configuration options.
6 10
11## Configuration scopes
12
13Claude Code uses a **scope system** to determine where configurations apply and who they're shared with. Understanding scopes helps you decide how to configure Claude Code for personal use, team collaboration, or enterprise deployment.
14
15### Available scopes
16
17| Scope | Location | Who it affects | Shared with team? |
18| :---------- | :----------------------------------- | :----------------------------------- | :--------------------- |
19| **Managed** | System-level `managed-settings.json` | All users on the machine | Yes (deployed by IT) |
20| **User** | `~/.claude/` directory | You, across all projects | No |
21| **Project** | `.claude/` in repository | All collaborators on this repository | Yes (committed to git) |
22| **Local** | `.claude/*.local.*` files | You, in this repository only | No (gitignored) |
23
24### When to use each scope
25
26**Managed scope** is for:
27
28* Security policies that must be enforced organization-wide
29* Compliance requirements that can't be overridden
30* Standardized configurations deployed by IT/DevOps
31
32**User scope** is best for:
33
34* Personal preferences you want everywhere (themes, editor settings)
35* Tools and plugins you use across all projects
36* API keys and authentication (stored securely)
37
38**Project scope** is best for:
39
40* Team-shared settings (permissions, hooks, MCP servers)
41* Plugins the whole team should have
42* Standardizing tooling across collaborators
43
44**Local scope** is best for:
45
46* Personal overrides for a specific project
47* Testing configurations before sharing with the team
48* Machine-specific settings that won't work for others
49
50### How scopes interact
51
52When the same setting is configured in multiple scopes, more specific scopes take precedence:
53
541. **Managed** (highest) - can't be overridden by anything
552. **Command line arguments** - temporary session overrides
563. **Local** - overrides project and user settings
574. **Project** - overrides user settings
585. **User** (lowest) - applies when nothing else specifies the setting
59
60For example, if a permission is allowed in user settings but denied in project settings, the project setting takes precedence and the permission is blocked.
61
62### What uses scopes
63
64Scopes apply to many Claude Code features:
65
66| Feature | User location | Project location | Local location |
67| :-------------- | :------------------------ | :--------------------------------- | :----------------------------- |
68| **Settings** | `~/.claude/settings.json` | `.claude/settings.json` | `.claude/settings.local.json` |
69| **Subagents** | `~/.claude/agents/` | `.claude/agents/` | — |
70| **MCP servers** | `~/.claude.json` | `.mcp.json` | `~/.claude.json` (per-project) |
71| **Plugins** | `~/.claude/settings.json` | `.claude/settings.json` | `.claude/settings.local.json` |
72| **CLAUDE.md** | `~/.claude/CLAUDE.md` | `CLAUDE.md` or `.claude/CLAUDE.md` | `CLAUDE.local.md` |
73
74***
75
7## Settings files76## Settings files
8 77
9The `settings.json` file is our official mechanism for configuring Claude78The `settings.json` file is our official mechanism for configuring Claude
14* **Project settings** are saved in your project directory:83* **Project settings** are saved in your project directory:
15 * `.claude/settings.json` for settings that are checked into source control and shared with your team84 * `.claude/settings.json` for settings that are checked into source control and shared with your team
16 * `.claude/settings.local.json` for settings that are not checked in, useful for personal preferences and experimentation. Claude Code will configure git to ignore `.claude/settings.local.json` when it is created.85 * `.claude/settings.local.json` for settings that are not checked in, useful for personal preferences and experimentation. Claude Code will configure git to ignore `.claude/settings.local.json` when it is created.
17* For enterprise deployments of Claude Code, we also support **enterprise86* **Managed settings**: For organizations that need centralized control, Claude Code supports `managed-settings.json` and `managed-mcp.json` files that can be deployed to system directories:
18 managed policy settings**. These take precedence over user and project87
19 settings. System administrators can deploy policies to:88 * macOS: `/Library/Application Support/ClaudeCode/`
20 * macOS: `/Library/Application Support/ClaudeCode/managed-settings.json`89 * Linux and WSL: `/etc/claude-code/`
21 * Linux and WSL: `/etc/claude-code/managed-settings.json`90 * Windows: `C:\Program Files\ClaudeCode\`
22 * Windows: `C:\ProgramData\ClaudeCode\managed-settings.json`91
23* Enterprise deployments can also configure **managed MCP servers** that override92 <Note>
24 user-configured servers. See [Enterprise MCP configuration](/en/mcp#enterprise-mcp-configuration):93 These are system-wide paths (not user home directories like `~/Library/...`) that require administrator privileges. They are designed to be deployed by IT administrators.
25 * macOS: `/Library/Application Support/ClaudeCode/managed-mcp.json`94 </Note>
26 * Linux and WSL: `/etc/claude-code/managed-mcp.json`95
27 * Windows: `C:\ProgramData\ClaudeCode\managed-mcp.json`96 See [Managed settings](/en/iam#managed-settings) and [Managed MCP configuration](/en/mcp#managed-mcp-configuration) for details.
97
98 <Note>
99 Managed deployments can also restrict **plugin marketplace additions** using
100 `strictKnownMarketplaces`. For more information, see [Managed marketplace restrictions](/en/plugin-marketplaces#managed-marketplace-restrictions).
101 </Note>
102* **Other configuration** is stored in `~/.claude.json`. This file contains your preferences (theme, notification settings, editor mode), OAuth session, [MCP server](/en/mcp) configurations for user and local scopes, per-project state (allowed tools, trust settings), and various caches. Project-scoped MCP servers are stored separately in `.mcp.json`.
28 103
29```JSON Example settings.json theme={null}104```JSON Example settings.json theme={null}
30{105{
58`settings.json` supports a number of options:133`settings.json` supports a number of options:
59 134
60| Key | Description | Example |135| Key | Description | Example |
61| :--------------------------- | :--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :---------------------------------------------------------------------- |136| :--------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | :---------------------------------------------------------------------- |
62| `apiKeyHelper` | Custom script, to be executed in `/bin/sh`, to generate an auth value. This value will be sent as `X-Api-Key` and `Authorization: Bearer` headers for model requests | `/bin/generate_temp_api_key.sh` |137| `apiKeyHelper` | Custom script, to be executed in `/bin/sh`, to generate an auth value. This value will be sent as `X-Api-Key` and `Authorization: Bearer` headers for model requests | `/bin/generate_temp_api_key.sh` |
63| `cleanupPeriodDays` | How long to locally retain chat transcripts based on last activity date (default: 30 days) | `20` |138| `cleanupPeriodDays` | Sessions inactive for longer than this period are deleted at startup. Setting to `0` immediately deletes all sessions. (default: 30 days) | `20` |
64| `companyAnnouncements` | Announcement to display to users at startup. If multiple announcements are provided, they will be cycled through at random. | `["Welcome to Acme Corp! Review our code guidelines at docs.acme.com"]` |139| `companyAnnouncements` | Announcement to display to users at startup. If multiple announcements are provided, they will be cycled through at random. | `["Welcome to Acme Corp! Review our code guidelines at docs.acme.com"]` |
65| `env` | Environment variables that will be applied to every session | `{"FOO": "bar"}` |140| `env` | Environment variables that will be applied to every session | `{"FOO": "bar"}` |
66| `includeCoAuthoredBy` | Whether to include the `co-authored-by Claude` byline in git commits and pull requests (default: `true`) | `false` |141| `attribution` | Customize attribution for git commits and pull requests. See [Attribution settings](#attribution-settings) | `{"commit": "🤖 Generated with Claude Code", "pr": ""}` |
142| `includeCoAuthoredBy` | **Deprecated**: Use `attribution` instead. Whether to include the `co-authored-by Claude` byline in git commits and pull requests (default: `true`) | `false` |
67| `permissions` | See table below for structure of permissions. | |143| `permissions` | See table below for structure of permissions. | |
68| `hooks` | Configure custom commands to run before or after tool executions. See [hooks documentation](/en/hooks) | `{"PreToolUse": {"Bash": "echo 'Running command...'"}}` |144| `hooks` | Configure custom commands to run before or after tool executions. See [hooks documentation](/en/hooks) | `{"PreToolUse": {"Bash": "echo 'Running command...'"}}` |
69| `disableAllHooks` | Disable all [hooks](/en/hooks) | `true` |145| `disableAllHooks` | Disable all [hooks](/en/hooks) | `true` |
146| `allowManagedHooksOnly` | (Managed settings only) Prevent loading of user, project, and plugin hooks. Only allows managed hooks and SDK hooks. See [Hook configuration](#hook-configuration) | `true` |
70| `model` | Override the default model to use for Claude Code | `"claude-sonnet-4-5-20250929"` |147| `model` | Override the default model to use for Claude Code | `"claude-sonnet-4-5-20250929"` |
71| `statusLine` | Configure a custom status line to display context. See [statusLine documentation](/en/statusline) | `{"type": "command", "command": "~/.claude/statusline.sh"}` |148| `otelHeadersHelper` | Script to generate dynamic OpenTelemetry headers. Runs at startup and periodically (see [Dynamic headers](/en/monitoring-usage#dynamic-headers)) | `/bin/generate_otel_headers.sh` |
149| `statusLine` | Configure a custom status line to display context. See [`statusLine` documentation](/en/statusline) | `{"type": "command", "command": "~/.claude/statusline.sh"}` |
150| `fileSuggestion` | Configure a custom script for `@` file autocomplete. See [File suggestion settings](#file-suggestion-settings) | `{"type": "command", "command": "~/.claude/file-suggestion.sh"}` |
151| `respectGitignore` | Control whether the `@` file picker respects `.gitignore` patterns. When `true` (default), files matching `.gitignore` patterns are excluded from suggestions | `false` |
72| `outputStyle` | Configure an output style to adjust the system prompt. See [output styles documentation](/en/output-styles) | `"Explanatory"` |152| `outputStyle` | Configure an output style to adjust the system prompt. See [output styles documentation](/en/output-styles) | `"Explanatory"` |
73| `forceLoginMethod` | Use `claudeai` to restrict login to Claude.ai accounts, `console` to restrict login to Claude Console (API usage billing) accounts | `claudeai` |153| `forceLoginMethod` | Use `claudeai` to restrict login to Claude.ai accounts, `console` to restrict login to Claude Console (API usage billing) accounts | `claudeai` |
74| `forceLoginOrgUUID` | Specify the UUID of an organization to automatically select it during login, bypassing the organization selection step. Requires `forceLoginMethod` to be set | `"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"` |154| `forceLoginOrgUUID` | Specify the UUID of an organization to automatically select it during login, bypassing the organization selection step. Requires `forceLoginMethod` to be set | `"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"` |
75| `enableAllProjectMcpServers` | Automatically approve all MCP servers defined in project `.mcp.json` files | `true` |155| `enableAllProjectMcpServers` | Automatically approve all MCP servers defined in project `.mcp.json` files | `true` |
76| `enabledMcpjsonServers` | List of specific MCP servers from `.mcp.json` files to approve | `["memory", "github"]` |156| `enabledMcpjsonServers` | List of specific MCP servers from `.mcp.json` files to approve | `["memory", "github"]` |
77| `disabledMcpjsonServers` | List of specific MCP servers from `.mcp.json` files to reject | `["filesystem"]` |157| `disabledMcpjsonServers` | List of specific MCP servers from `.mcp.json` files to reject | `["filesystem"]` |
78| `allowedMcpServers` | When set in managed-settings.json, allowlist of MCP servers users can configure. Undefined = no restrictions, empty array = lockdown. Applies to all scopes. Denylist takes precedence. See [Enterprise MCP configuration](/en/mcp#enterprise-mcp-configuration) | `[{ "serverName": "github" }]` |158| `allowedMcpServers` | When set in managed-settings.json, allowlist of MCP servers users can configure. Undefined = no restrictions, empty array = lockdown. Applies to all scopes. Denylist takes precedence. See [Managed MCP configuration](/en/mcp#managed-mcp-configuration) | `[{ "serverName": "github" }]` |
79| `deniedMcpServers` | When set in managed-settings.json, denylist of MCP servers that are explicitly blocked. Applies to all scopes including enterprise servers. Denylist takes precedence over allowlist. See [Enterprise MCP configuration](/en/mcp#enterprise-mcp-configuration) | `[{ "serverName": "filesystem" }]` |159| `deniedMcpServers` | When set in managed-settings.json, denylist of MCP servers that are explicitly blocked. Applies to all scopes including managed servers. Denylist takes precedence over allowlist. See [Managed MCP configuration](/en/mcp#managed-mcp-configuration) | `[{ "serverName": "filesystem" }]` |
160| `strictKnownMarketplaces` | When set in managed-settings.json, allowlist of plugin marketplaces users can add. Undefined = no restrictions, empty array = lockdown. Applies to marketplace additions only. See [Managed marketplace restrictions](/en/plugin-marketplaces#managed-marketplace-restrictions) | `[{ "source": "github", "repo": "acme-corp/plugins" }]` |
80| `awsAuthRefresh` | Custom script that modifies the `.aws` directory (see [advanced credential configuration](/en/amazon-bedrock#advanced-credential-configuration)) | `aws sso login --profile myprofile` |161| `awsAuthRefresh` | Custom script that modifies the `.aws` directory (see [advanced credential configuration](/en/amazon-bedrock#advanced-credential-configuration)) | `aws sso login --profile myprofile` |
81| `awsCredentialExport` | Custom script that outputs JSON with AWS credentials (see [advanced credential configuration](/en/amazon-bedrock#advanced-credential-configuration)) | `/bin/generate_aws_grant.sh` |162| `awsCredentialExport` | Custom script that outputs JSON with AWS credentials (see [advanced credential configuration](/en/amazon-bedrock#advanced-credential-configuration)) | `/bin/generate_aws_grant.sh` |
163| `alwaysThinkingEnabled` | Enable [extended thinking](/en/common-workflows#use-extended-thinking-thinking-mode) by default for all sessions. Typically configured via the `/config` command rather than editing directly | `true` |
164| `plansDirectory` | Customize where plan files are stored. Path is relative to project root. Default: `~/.claude/plans` | `"./plans"` |
165| `showTurnDuration` | Show turn duration messages after responses (e.g., "Cooked for 1m 6s"). Set to `false` to hide these messages | `true` |
166| `language` | Configure Claude's preferred response language (e.g., `"japanese"`, `"spanish"`, `"french"`). Claude will respond in this language by default | `"japanese"` |
167| `autoUpdatesChannel` | Release channel to follow for updates. Use `"stable"` for a version that is typically about one week old and skips versions with major regressions, or `"latest"` (default) for the most recent release | `"stable"` |
168| `spinnerTipsEnabled` | Show tips in the spinner while Claude is working. Set to `false` to disable tips (default: `true`) | `false` |
169| `terminalProgressBarEnabled` | Enable the terminal progress bar that shows progress in supported terminals like Windows Terminal and iTerm2 (default: `true`) | `false` |
82 170
83### Permission settings171### Permission settings
84 172
85| Keys | Description | Example |173| Keys | Description | Example |
86| :----------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | :--------------------------------------------------------------------- |174| :----------------------------- | :--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :--------------------------------------------------------------------- |
87| `allow` | Array of [permission rules](/en/iam#configuring-permissions) to allow tool use. **Note:** Bash rules use prefix matching, not regex | `[ "Bash(git diff:*)" ]` |175| `allow` | Array of permission rules to allow tool use. See [Permission rule syntax](#permission-rule-syntax) below for pattern matching details | `[ "Bash(git diff:*)" ]` |
88| `ask` | Array of [permission rules](/en/iam#configuring-permissions) to ask for confirmation upon tool use. | `[ "Bash(git push:*)" ]` |176| `ask` | Array of permission rules to ask for confirmation upon tool use. See [Permission rule syntax](#permission-rule-syntax) below | `[ "Bash(git push:*)" ]` |
89| `deny` | Array of [permission rules](/en/iam#configuring-permissions) to deny tool use. Use this to also exclude sensitive files from Claude Code access. **Note:** Bash patterns are prefix matches and can be bypassed (see [Bash permission limitations](/en/iam#tool-specific-permission-rules)) | `[ "WebFetch", "Bash(curl:*)", "Read(./.env)", "Read(./secrets/**)" ]` |177| `deny` | Array of permission rules to deny tool use. Use this to exclude sensitive files from Claude Code access. See [Permission rule syntax](#permission-rule-syntax) and [Bash permission limitations](/en/iam#tool-specific-permission-rules) | `[ "WebFetch", "Bash(curl:*)", "Read(./.env)", "Read(./secrets/**)" ]` |
90| `additionalDirectories` | Additional [working directories](/en/iam#working-directories) that Claude has access to | `[ "../docs/" ]` |178| `additionalDirectories` | Additional [working directories](/en/iam#working-directories) that Claude has access to | `[ "../docs/" ]` |
91| `defaultMode` | Default [permission mode](/en/iam#permission-modes) when opening Claude Code | `"acceptEdits"` |179| `defaultMode` | Default [permission mode](/en/iam#permission-modes) when opening Claude Code | `"acceptEdits"` |
92| `disableBypassPermissionsMode` | Set to `"disable"` to prevent `bypassPermissions` mode from being activated. This disables the `--dangerously-skip-permissions` command-line flag. See [managed policy settings](/en/iam#enterprise-managed-policy-settings) | `"disable"` |180| `disableBypassPermissionsMode` | Set to `"disable"` to prevent `bypassPermissions` mode from being activated. This disables the `--dangerously-skip-permissions` command-line flag. See [managed settings](/en/iam#managed-settings) | `"disable"` |
181
182### Permission rule syntax
183
184Permission rules follow the format `Tool` or `Tool(specifier)`. Understanding the syntax helps you write rules that match exactly what you intend.
185
186#### Rule evaluation order
187
188When multiple rules could match the same tool use, rules are evaluated in this order:
189
1901. **Deny** rules are checked first
1912. **Ask** rules are checked second
1923. **Allow** rules are checked last
193
194The first matching rule determines the behavior. This means deny rules always take precedence over allow rules, even if both match the same command.
195
196#### Matching all uses of a tool
197
198To match all uses of a tool, use just the tool name without parentheses:
199
200| Rule | Effect |
201| :--------- | :--------------------------------- |
202| `Bash` | Matches **all** Bash commands |
203| `WebFetch` | Matches **all** web fetch requests |
204| `Read` | Matches **all** file reads |
205
206`Bash(*)` is equivalent to `Bash` and matches all Bash commands. Both syntaxes can be used interchangeably.
207
208#### Using specifiers for fine-grained control
209
210Add a specifier in parentheses to match specific tool uses:
211
212| Rule | Effect |
213| :----------------------------- | :------------------------------------------------------- |
214| `Bash(npm run build)` | Matches the exact command `npm run build` |
215| `Read(./.env)` | Matches reading the `.env` file in the current directory |
216| `WebFetch(domain:example.com)` | Matches fetch requests to example.com |
217
218#### Wildcard patterns
219
220Two wildcard syntaxes are available for Bash rules:
221
222| Wildcard | Position | Behavior | Example |
223| :------- | :------------------ | :----------------------------------------------------------------------------------------------- | :------------------------------------------- |
224| `:*` | End of pattern only | **Prefix matching** with word boundary. The prefix must be followed by a space or end-of-string. | `Bash(ls:*)` matches `ls -la` but not `lsof` |
225| `*` | Anywhere in pattern | **Glob matching** with no word boundary. Matches any sequence of characters at that position. | `Bash(ls*)` matches both `ls -la` and `lsof` |
226
227**Prefix matching with `:*`**
228
229The `:*` suffix matches any command that starts with the specified prefix. This works with multi-word commands. The following configuration allows npm and git commit commands while blocking git push and rm -rf:
230
231```json theme={null}
232{
233 "permissions": {
234 "allow": [
235 "Bash(npm run:*)",
236 "Bash(git commit:*)",
237 "Bash(docker compose:*)"
238 ],
239 "deny": [
240 "Bash(git push:*)",
241 "Bash(rm -rf:*)"
242 ]
243 }
244}
245```
246
247**Glob matching with `*`**
248
249The `*` wildcard can appear at the beginning, middle, or end of a pattern. The following configuration allows any git command targeting main (like `git checkout main`, `git merge main`) and any version check command (like `node --version`, `npm --version`):
250
251```json theme={null}
252{
253 "permissions": {
254 "allow": [
255 "Bash(git * main)",
256 "Bash(* --version)"
257 ]
258 }
259}
260```
261
262<Warning>
263 Bash permission patterns that try to constrain command arguments are fragile. For example, `Bash(curl http://github.com/:*)` intends to restrict curl to GitHub URLs, but won't match `curl -X GET http://github.com/...` (flags before URL), `curl https://github.com/...` (different protocol), or commands using shell variables. Do not rely on argument-constraining patterns as a security boundary. See [Bash permission limitations](/en/iam#tool-specific-permission-rules) for alternatives.
264</Warning>
265
266For detailed information about tool-specific permission patterns—including Read, Edit, WebFetch, MCP, Task rules, and Bash permission limitations—see [Tool-specific permission rules](/en/iam#tool-specific-permission-rules).
93 267
94### Sandbox settings268### Sandbox settings
95 269
99 273
100| Keys | Description | Example |274| Keys | Description | Example |
101| :-------------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------------------------ |275| :-------------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------------------------ |
102| `enabled` | Enable bash sandboxing (macOS/Linux only). Default: false | `true` |276| `enabled` | Enable bash sandboxing (macOS, Linux, and WSL2). Default: false | `true` |
103| `autoAllowBashIfSandboxed` | Auto-approve bash commands when sandboxed. Default: true | `true` |277| `autoAllowBashIfSandboxed` | Auto-approve bash commands when sandboxed. Default: true | `true` |
104| `excludedCommands` | Commands that should run outside of the sandbox | `["git", "docker"]` |278| `excludedCommands` | Commands that should run outside of the sandbox | `["git", "docker"]` |
105| `allowUnsandboxedCommands` | Allow commands to run outside the sandbox via the `dangerouslyDisableSandbox` parameter. When set to `false`, the `dangerouslyDisableSandbox` escape hatch is completely disabled and all commands must run sandboxed (or be in `excludedCommands`). Useful for enterprise policies that require strict sandboxing. Default: true | `false` |279| `allowUnsandboxedCommands` | Allow commands to run outside the sandbox via the `dangerouslyDisableSandbox` parameter. When set to `false`, the `dangerouslyDisableSandbox` escape hatch is completely disabled and all commands must run sandboxed (or be in `excludedCommands`). Useful for enterprise policies that require strict sandboxing. Default: true | `false` |
106| `network.allowUnixSockets` | Unix socket paths accessible in sandbox (for SSH agents, etc.) | `["~/.ssh/agent-socket"]` |280| `network.allowUnixSockets` | Unix socket paths accessible in sandbox (for SSH agents, etc.) | `["~/.ssh/agent-socket"]` |
107| `network.allowLocalBinding` | Allow binding to localhost ports (MacOS only). Default: false | `true` |281| `network.allowLocalBinding` | Allow binding to localhost ports (macOS only). Default: false | `true` |
108| `network.httpProxyPort` | HTTP proxy port used if you wish to bring your own proxy. If not specified, Claude will run its own proxy. | `8080` |282| `network.httpProxyPort` | HTTP proxy port used if you wish to bring your own proxy. If not specified, Claude will run its own proxy. | `8080` |
109| `network.socksProxyPort` | SOCKS5 proxy port used if you wish to bring your own proxy. If not specified, Claude will run its own proxy. | `8081` |283| `network.socksProxyPort` | SOCKS5 proxy port used if you wish to bring your own proxy. If not specified, Claude will run its own proxy. | `8081` |
110| `enableWeakerNestedSandbox` | Enable weaker sandbox for unprivileged Docker environments (Linux only). **Reduces security.** Default: false | `true` |284| `enableWeakerNestedSandbox` | Enable weaker sandbox for unprivileged Docker environments (Linux and WSL2 only). **Reduces security.** Default: false | `true` |
111 285
112**Configuration example:**286**Configuration example:**
113 287
133}307}
134```308```
135 309
136**Filesystem access** is controlled via Read/Edit permissions:310**Filesystem and network restrictions** use standard permission rules:
311
312* Use `Read` deny rules to block Claude from reading specific files or directories
313* Use `Edit` allow rules to let Claude write to directories beyond the current working directory
314* Use `Edit` deny rules to block writes to specific paths
315* Use `WebFetch` allow/deny rules to control which network domains Claude can access
316
317### Attribution settings
318
319Claude Code adds attribution to git commits and pull requests. These are configured separately:
320
321* Commits use [git trailers](https://git-scm.com/docs/git-interpret-trailers) (like `Co-Authored-By`) by default, which can be customized or disabled
322* Pull request descriptions are plain text
323
324| Keys | Description |
325| :------- | :----------------------------------------------------------------------------------------- |
326| `commit` | Attribution for git commits, including any trailers. Empty string hides commit attribution |
327| `pr` | Attribution for pull request descriptions. Empty string hides pull request attribution |
328
329**Default commit attribution:**
330
331```
332🤖 Generated with [Claude Code](https://claude.com/claude-code)
333
334 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
335```
336
337**Default pull request attribution:**
338
339```
340🤖 Generated with [Claude Code](https://claude.com/claude-code)
341```
342
343**Example:**
344
345```json theme={null}
346{
347 "attribution": {
348 "commit": "Generated with AI\n\nCo-Authored-By: AI <ai@example.com>",
349 "pr": ""
350 }
351}
352```
353
354<Note>
355 The `attribution` setting takes precedence over the deprecated `includeCoAuthoredBy` setting. To hide all attribution, set `commit` and `pr` to empty strings.
356</Note>
357
358### File suggestion settings
359
360Configure a custom command for `@` file path autocomplete. The built-in file suggestion uses fast filesystem traversal, but large monorepos may benefit from project-specific indexing such as a pre-built file index or custom tooling.
361
362```json theme={null}
363{
364 "fileSuggestion": {
365 "type": "command",
366 "command": "~/.claude/file-suggestion.sh"
367 }
368}
369```
370
371The command runs with the same environment variables as [hooks](/en/hooks), including `CLAUDE_PROJECT_DIR`. It receives JSON via stdin with a `query` field:
372
373```json theme={null}
374{"query": "src/comp"}
375```
376
377Output newline-separated file paths to stdout (currently limited to 15):
378
379```
380src/components/Button.tsx
381src/components/Modal.tsx
382src/components/Form.tsx
383```
384
385**Example:**
386
387```bash theme={null}
388#!/bin/bash
389query=$(cat | jq -r '.query')
390your-repo-file-index --query "$query" | head -20
391```
392
393### Hook configuration
394
395**Managed settings only**: Controls which hooks are allowed to run. This setting can only be configured in [managed settings](#settings-files) and provides administrators with strict control over hook execution.
137 396
138* Read deny rules block file reads in sandbox397**Behavior when `allowManagedHooksOnly` is `true`:**
139* Edit allow rules permit file writes (in addition to the defaults, e.g. the current working directory)
140* Edit deny rules block writes within allowed paths
141 398
142**Network access** is controlled via WebFetch permissions:399* Managed hooks and SDK hooks are loaded
400* User hooks, project hooks, and plugin hooks are blocked
143 401
144* WebFetch allow rules permit network domains402**Configuration:**
145* WebFetch deny rules block network domains403
404```json theme={null}
405{
406 "allowManagedHooksOnly": true
407}
408```
146 409
147### Settings precedence410### Settings precedence
148 411
149Settings are applied in order of precedence (highest to lowest):412Settings apply in order of precedence. From highest to lowest:
150 413
1511. **Enterprise managed policies** (`managed-settings.json`)4141. **Managed settings** (`managed-settings.json`)
152 * Deployed by IT/DevOps415 * Policies deployed by IT/DevOps to system directories
153 * Cannot be overridden416 * Cannot be overridden by user or project settings
154 417
1552. **Command line arguments**4182. **Command line arguments**
156 * Temporary overrides for a specific session419 * Temporary overrides for a specific session
1645. **User settings** (`~/.claude/settings.json`)4275. **User settings** (`~/.claude/settings.json`)
165 * Personal global settings428 * Personal global settings
166 429
167This hierarchy ensures that enterprise security policies are always enforced while still allowing teams and individuals to customize their experience.430This hierarchy ensures that organizational policies are always enforced while still allowing teams and individuals to customize their experience.
431
432For example, if your user settings allow `Bash(npm run:*)` but a project's shared settings deny it, the project setting takes precedence and the command is blocked.
168 433
169### Key points about the configuration system434### Key points about the configuration system
170 435
171* **Memory files (CLAUDE.md)**: Contain instructions and context that Claude loads at startup436* **Memory files (`CLAUDE.md`)**: Contain instructions and context that Claude loads at startup
172* **Settings files (JSON)**: Configure permissions, environment variables, and tool behavior437* **Settings files (JSON)**: Configure permissions, environment variables, and tool behavior
173* **Slash commands**: Custom commands that can be invoked during a session with `/command-name`438* **Skills**: Custom prompts that can be invoked with `/skill-name` or loaded by Claude automatically
174* **MCP servers**: Extend Claude Code with additional tools and integrations439* **MCP servers**: Extend Claude Code with additional tools and integrations
175* **Precedence**: Higher-level configurations (Enterprise) override lower-level ones (User/Project)440* **Precedence**: Higher-level configurations (Managed) override lower-level ones (User/Project)
176* **Inheritance**: Settings are merged, with more specific settings adding to or overriding broader ones441* **Inheritance**: Settings are merged, with more specific settings adding to or overriding broader ones
177 442
178### System prompt availability443### System prompt
179 444
180<Note>445Claude Code's internal system prompt is not published. To add custom instructions, use `CLAUDE.md` files or the `--append-system-prompt` flag.
181 Unlike for claude.ai, we do not publish Claude Code's internal system prompt on this website. Use CLAUDE.md files or `--append-system-prompt` to add custom instructions to Claude Code's behavior.
182</Note>
183 446
184### Excluding sensitive files447### Excluding sensitive files
185 448
186To prevent Claude Code from accessing files containing sensitive information (e.g., API keys, secrets, environment files), use the `permissions.deny` setting in your `.claude/settings.json` file:449To prevent Claude Code from accessing files containing sensitive information like API keys, secrets, and environment files, use the `permissions.deny` setting in your `.claude/settings.json` file:
187 450
188```json theme={null}451```json theme={null}
189{452{
199}462}
200```463```
201 464
202This replaces the deprecated `ignorePatterns` configuration. Files matching these patterns will be completely invisible to Claude Code, preventing any accidental exposure of sensitive data.465This replaces the deprecated `ignorePatterns` configuration. Files matching these patterns are excluded from file discovery and search results, and read operations on these files are denied.
203 466
204## Subagent configuration467## Subagent configuration
205 468
212 475
213## Plugin configuration476## Plugin configuration
214 477
215Claude Code supports a plugin system that lets you extend functionality with custom commands, agents, hooks, and MCP servers. Plugins are distributed through marketplaces and can be configured at both user and repository levels.478Claude Code supports a plugin system that lets you extend functionality with skills, agents, hooks, and MCP servers. Plugins are distributed through marketplaces and can be configured at both user and repository levels.
216 479
217### Plugin settings480### Plugin settings
218 481
221```json theme={null}484```json theme={null}
222{485{
223 "enabledPlugins": {486 "enabledPlugins": {
224 "formatter@company-tools": true,487 "formatter@acme-tools": true,
225 "deployer@company-tools": true,488 "deployer@acme-tools": true,
226 "analyzer@security-plugins": false489 "analyzer@security-plugins": false
227 },490 },
228 "extraKnownMarketplaces": {491 "extraKnownMarketplaces": {
229 "company-tools": {492 "acme-tools": {
230 "source": "github",493 "source": "github",
231 "repo": "company/claude-plugins"494 "repo": "acme-corp/claude-plugins"
232 }495 }
233 }496 }
234}497}
272```json theme={null}535```json theme={null}
273{536{
274 "extraKnownMarketplaces": {537 "extraKnownMarketplaces": {
275 "company-tools": {538 "acme-tools": {
276 "source": {539 "source": {
277 "source": "github",540 "source": "github",
278 "repo": "company-org/claude-plugins"541 "repo": "acme-corp/claude-plugins"
279 }542 }
280 },543 },
281 "security-plugins": {544 "security-plugins": {
282 "source": {545 "source": {
283 "source": "git",546 "source": "git",
284 "url": "https://git.company.com/security/plugins.git"547 "url": "https://git.example.com/security/plugins.git"
285 }548 }
286 }549 }
287 }550 }
293* `github`: GitHub repository (uses `repo`)556* `github`: GitHub repository (uses `repo`)
294* `git`: Any git URL (uses `url`)557* `git`: Any git URL (uses `url`)
295* `directory`: Local filesystem path (uses `path`, for development only)558* `directory`: Local filesystem path (uses `path`, for development only)
559* `hostPattern`: regex pattern to match marketplace hosts (uses `hostPattern`)
560
561#### `strictKnownMarketplaces`
562
563**Managed settings only**: Controls which plugin marketplaces users are allowed to add. This setting can only be configured in [`managed-settings.json`](/en/iam#managed-settings) and provides administrators with strict control over marketplace sources.
564
565**Managed settings file locations**:
566
567* **macOS**: `/Library/Application Support/ClaudeCode/managed-settings.json`
568* **Linux and WSL**: `/etc/claude-code/managed-settings.json`
569* **Windows**: `C:\Program Files\ClaudeCode\managed-settings.json`
570
571**Key characteristics**:
572
573* Only available in managed settings (`managed-settings.json`)
574* Cannot be overridden by user or project settings (highest precedence)
575* Enforced BEFORE network/filesystem operations (blocked sources never execute)
576* Uses exact matching for source specifications (including `ref`, `path` for git sources), except `hostPattern`, which uses regex matching
577
578**Allowlist behavior**:
579
580* `undefined` (default): No restrictions - users can add any marketplace
581* Empty array `[]`: Complete lockdown - users cannot add any new marketplaces
582* List of sources: Users can only add marketplaces that match exactly
583
584**All supported source types**:
585
586The allowlist supports seven marketplace source types. Most sources use exact matching, while `hostPattern` uses regex matching against the marketplace host.
587
5881. **GitHub repositories**:
589
590```json theme={null}
591{ "source": "github", "repo": "acme-corp/approved-plugins" }
592{ "source": "github", "repo": "acme-corp/security-tools", "ref": "v2.0" }
593{ "source": "github", "repo": "acme-corp/plugins", "ref": "main", "path": "marketplace" }
594```
595
596Fields: `repo` (required), `ref` (optional: branch/tag/SHA), `path` (optional: subdirectory)
597
5982. **Git repositories**:
599
600```json theme={null}
601{ "source": "git", "url": "https://gitlab.example.com/tools/plugins.git" }
602{ "source": "git", "url": "https://bitbucket.org/acme-corp/plugins.git", "ref": "production" }
603{ "source": "git", "url": "ssh://git@git.example.com/plugins.git", "ref": "v3.1", "path": "approved" }
604```
605
606Fields: `url` (required), `ref` (optional: branch/tag/SHA), `path` (optional: subdirectory)
607
6083. **URL-based marketplaces**:
609
610```json theme={null}
611{ "source": "url", "url": "https://plugins.example.com/marketplace.json" }
612{ "source": "url", "url": "https://cdn.example.com/marketplace.json", "headers": { "Authorization": "Bearer ${TOKEN}" } }
613```
614
615Fields: `url` (required), `headers` (optional: HTTP headers for authenticated access)
616
617<Note>
618 URL-based marketplaces only download the `marketplace.json` file. They do not download plugin files from the server. Plugins in URL-based marketplaces must use external sources (GitHub, npm, or git URLs) rather than relative paths. For plugins with relative paths, use a Git-based marketplace instead. See [Troubleshooting](/en/plugin-marketplaces#plugins-with-relative-paths-fail-in-url-based-marketplaces) for details.
619</Note>
620
6214. **NPM packages**:
622
623```json theme={null}
624{ "source": "npm", "package": "@acme-corp/claude-plugins" }
625{ "source": "npm", "package": "@acme-corp/approved-marketplace" }
626```
627
628Fields: `package` (required, supports scoped packages)
629
6305. **File paths**:
631
632```json theme={null}
633{ "source": "file", "path": "/usr/local/share/claude/acme-marketplace.json" }
634{ "source": "file", "path": "/opt/acme-corp/plugins/marketplace.json" }
635```
636
637Fields: `path` (required: absolute path to marketplace.json file)
638
6396. **Directory paths**:
640
641```json theme={null}
642{ "source": "directory", "path": "/usr/local/share/claude/acme-plugins" }
643{ "source": "directory", "path": "/opt/acme-corp/approved-marketplaces" }
644```
645
646Fields: `path` (required: absolute path to directory containing `.claude-plugin/marketplace.json`)
647
6487. **Host pattern matching**:
649
650```json theme={null}
651{ "source": "hostPattern", "hostPattern": "^github\\.example\\.com$" }
652{ "source": "hostPattern", "hostPattern": "^gitlab\\.internal\\.example\\.com$" }
653```
654
655Fields: `hostPattern` (required: regex pattern to match against the marketplace host)
656
657Use host pattern matching when you want to allow all marketplaces from a specific host without enumerating each repository individually. This is useful for organizations with internal GitHub Enterprise or GitLab servers where developers create their own marketplaces.
658
659Host extraction by source type:
660
661* `github`: always matches against `github.com`
662* `git`: extracts hostname from the URL (supports both HTTPS and SSH formats)
663* `url`: extracts hostname from the URL
664* `npm`, `file`, `directory`: not supported for host pattern matching
665
666**Configuration examples**:
667
668Example: allow specific marketplaces only:
669
670```json theme={null}
671{
672 "strictKnownMarketplaces": [
673 {
674 "source": "github",
675 "repo": "acme-corp/approved-plugins"
676 },
677 {
678 "source": "github",
679 "repo": "acme-corp/security-tools",
680 "ref": "v2.0"
681 },
682 {
683 "source": "url",
684 "url": "https://plugins.example.com/marketplace.json"
685 },
686 {
687 "source": "npm",
688 "package": "@acme-corp/compliance-plugins"
689 }
690 ]
691}
692```
693
694Example - Disable all marketplace additions:
695
696```json theme={null}
697{
698 "strictKnownMarketplaces": []
699}
700```
701
702Example: allow all marketplaces from an internal git server:
703
704```json theme={null}
705{
706 "strictKnownMarketplaces": [
707 {
708 "source": "hostPattern",
709 "hostPattern": "^github\\.example\\.com$"
710 }
711 ]
712}
713```
714
715**Exact matching requirements**:
716
717Marketplace sources must match **exactly** for a user's addition to be allowed. For git-based sources (`github` and `git`), this includes all optional fields:
718
719* The `repo` or `url` must match exactly
720* The `ref` field must match exactly (or both be undefined)
721* The `path` field must match exactly (or both be undefined)
722
723Examples of sources that **do NOT match**:
724
725```json theme={null}
726// These are DIFFERENT sources:
727{ "source": "github", "repo": "acme-corp/plugins" }
728{ "source": "github", "repo": "acme-corp/plugins", "ref": "main" }
729
730// These are also DIFFERENT:
731{ "source": "github", "repo": "acme-corp/plugins", "path": "marketplace" }
732{ "source": "github", "repo": "acme-corp/plugins" }
733```
734
735**Comparison with `extraKnownMarketplaces`**:
736
737| Aspect | `strictKnownMarketplaces` | `extraKnownMarketplaces` |
738| --------------------- | ------------------------------------ | ------------------------------------ |
739| **Purpose** | Organizational policy enforcement | Team convenience |
740| **Settings file** | `managed-settings.json` only | Any settings file |
741| **Behavior** | Blocks non-allowlisted additions | Auto-installs missing marketplaces |
742| **When enforced** | Before network/filesystem operations | After user trust prompt |
743| **Can be overridden** | No (highest precedence) | Yes (by higher precedence settings) |
744| **Source format** | Direct source object | Named marketplace with nested source |
745| **Use case** | Compliance, security restrictions | Onboarding, standardization |
746
747**Format difference**:
748
749`strictKnownMarketplaces` uses direct source objects:
750
751```json theme={null}
752{
753 "strictKnownMarketplaces": [
754 { "source": "github", "repo": "acme-corp/plugins" }
755 ]
756}
757```
758
759`extraKnownMarketplaces` requires named marketplaces:
760
761```json theme={null}
762{
763 "extraKnownMarketplaces": {
764 "acme-tools": {
765 "source": { "source": "github", "repo": "acme-corp/plugins" }
766 }
767 }
768}
769```
770
771**Important notes**:
772
773* Restrictions are checked BEFORE any network requests or filesystem operations
774* When blocked, users see clear error messages indicating the source is blocked by managed policy
775* The restriction applies only to adding NEW marketplaces; previously installed marketplaces remain accessible
776* Managed settings have the highest precedence and cannot be overridden
777
778See [Managed marketplace restrictions](/en/plugin-marketplaces#managed-marketplace-restrictions) for user-facing documentation.
296 779
297### Managing plugins780### Managing plugins
298 781
315</Note>798</Note>
316 799
317| Variable | Purpose |800| Variable | Purpose |
318| :----------------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |801| :-------------------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
319| `ANTHROPIC_API_KEY` | API key sent as `X-Api-Key` header, typically for the Claude SDK (for interactive usage, run `/login`) |802| `ANTHROPIC_API_KEY` | API key sent as `X-Api-Key` header, typically for the Claude SDK (for interactive usage, run `/login`) |
320| `ANTHROPIC_AUTH_TOKEN` | Custom value for the `Authorization` header (the value you set here will be prefixed with `Bearer `) |803| `ANTHROPIC_AUTH_TOKEN` | Custom value for the `Authorization` header (the value you set here will be prefixed with `Bearer `) |
321| `ANTHROPIC_CUSTOM_HEADERS` | Custom headers you want to add to the request (in `Name: Value` format) |804| `ANTHROPIC_CUSTOM_HEADERS` | Custom headers you want to add to the request (in `Name: Value` format) |
323| `ANTHROPIC_DEFAULT_OPUS_MODEL` | See [Model configuration](/en/model-config#environment-variables) |806| `ANTHROPIC_DEFAULT_OPUS_MODEL` | See [Model configuration](/en/model-config#environment-variables) |
324| `ANTHROPIC_DEFAULT_SONNET_MODEL` | See [Model configuration](/en/model-config#environment-variables) |807| `ANTHROPIC_DEFAULT_SONNET_MODEL` | See [Model configuration](/en/model-config#environment-variables) |
325| `ANTHROPIC_FOUNDRY_API_KEY` | API key for Microsoft Foundry authentication (see [Microsoft Foundry](/en/microsoft-foundry)) |808| `ANTHROPIC_FOUNDRY_API_KEY` | API key for Microsoft Foundry authentication (see [Microsoft Foundry](/en/microsoft-foundry)) |
809| `ANTHROPIC_FOUNDRY_BASE_URL` | Full base URL for the Foundry resource (for example, `https://my-resource.services.ai.azure.com/anthropic`). Alternative to `ANTHROPIC_FOUNDRY_RESOURCE` (see [Microsoft Foundry](/en/microsoft-foundry)) |
810| `ANTHROPIC_FOUNDRY_RESOURCE` | Foundry resource name (for example, `my-resource`). Required if `ANTHROPIC_FOUNDRY_BASE_URL` is not set (see [Microsoft Foundry](/en/microsoft-foundry)) |
326| `ANTHROPIC_MODEL` | Name of the model setting to use (see [Model Configuration](/en/model-config#environment-variables)) |811| `ANTHROPIC_MODEL` | Name of the model setting to use (see [Model Configuration](/en/model-config#environment-variables)) |
327| `ANTHROPIC_SMALL_FAST_MODEL` | \[DEPRECATED] Name of [Haiku-class model for background tasks](/en/costs) |812| `ANTHROPIC_SMALL_FAST_MODEL` | \[DEPRECATED] Name of [Haiku-class model for background tasks](/en/costs) |
328| `ANTHROPIC_SMALL_FAST_MODEL_AWS_REGION` | Override AWS region for the Haiku-class model when using Bedrock |813| `ANTHROPIC_SMALL_FAST_MODEL_AWS_REGION` | Override AWS region for the Haiku-class model when using Bedrock |
330| `BASH_DEFAULT_TIMEOUT_MS` | Default timeout for long-running bash commands |815| `BASH_DEFAULT_TIMEOUT_MS` | Default timeout for long-running bash commands |
331| `BASH_MAX_OUTPUT_LENGTH` | Maximum number of characters in bash outputs before they are middle-truncated |816| `BASH_MAX_OUTPUT_LENGTH` | Maximum number of characters in bash outputs before they are middle-truncated |
332| `BASH_MAX_TIMEOUT_MS` | Maximum timeout the model can set for long-running bash commands |817| `BASH_MAX_TIMEOUT_MS` | Maximum timeout the model can set for long-running bash commands |
818| `CLAUDE_AUTOCOMPACT_PCT_OVERRIDE` | Set the percentage of context capacity (1-100) at which auto-compaction triggers. By default, auto-compaction triggers at approximately 95% capacity. Use lower values like `50` to compact earlier. Values above the default threshold have no effect. Applies to both main conversations and subagents. This percentage aligns with the `context_window.used_percentage` field available in [status line](/en/statusline) |
333| `CLAUDE_BASH_MAINTAIN_PROJECT_WORKING_DIR` | Return to the original working directory after each Bash command |819| `CLAUDE_BASH_MAINTAIN_PROJECT_WORKING_DIR` | Return to the original working directory after each Bash command |
334| `CLAUDE_CODE_API_KEY_HELPER_TTL_MS` | Interval in milliseconds at which credentials should be refreshed (when using `apiKeyHelper`) |820| `CLAUDE_CODE_API_KEY_HELPER_TTL_MS` | Interval in milliseconds at which credentials should be refreshed (when using `apiKeyHelper`) |
335| `CLAUDE_CODE_CLIENT_CERT` | Path to client certificate file for mTLS authentication |821| `CLAUDE_CODE_CLIENT_CERT` | Path to client certificate file for mTLS authentication |
336| `CLAUDE_CODE_CLIENT_KEY_PASSPHRASE` | Passphrase for encrypted CLAUDE\_CODE\_CLIENT\_KEY (optional) |822| `CLAUDE_CODE_CLIENT_KEY_PASSPHRASE` | Passphrase for encrypted CLAUDE\_CODE\_CLIENT\_KEY (optional) |
337| `CLAUDE_CODE_CLIENT_KEY` | Path to client private key file for mTLS authentication |823| `CLAUDE_CODE_CLIENT_KEY` | Path to client private key file for mTLS authentication |
338| `CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS` | Set to `1` to disable Anthropic API-specific `anthropic-beta` headers. Use this if experiencing issues like "Unexpected value(s) for the `anthropic-beta` header" when using an LLM gateway with third-party providers |824| `CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS` | Set to `1` to disable Anthropic API-specific `anthropic-beta` headers. Use this if experiencing issues like "Unexpected value(s) for the `anthropic-beta` header" when using an LLM gateway with third-party providers |
825| `CLAUDE_CODE_DISABLE_BACKGROUND_TASKS` | Set to `1` to disable all background task functionality, including the `run_in_background` parameter on Bash and subagent tools, auto-backgrounding, and the Ctrl+B shortcut |
826| `CLAUDE_CODE_EXIT_AFTER_STOP_DELAY` | Time in milliseconds to wait after the query loop becomes idle before automatically exiting. Useful for automated workflows and scripts using SDK mode |
827| `CLAUDE_CODE_PROXY_RESOLVES_HOSTS` | Set to `true` to allow the proxy to perform DNS resolution instead of the caller. Opt-in for environments where the proxy should handle hostname resolution |
828| `CLAUDE_CODE_TASK_LIST_ID` | Share a task list across sessions. Set the same ID in multiple Claude Code instances to coordinate on a shared task list. See [Task list](/en/interactive-mode#task-list) |
829| `CLAUDE_CODE_TMPDIR` | Override the temp directory used for internal temp files. Claude Code appends `/claude/` to this path. Default: `/tmp` on Unix/macOS, `os.tmpdir()` on Windows |
339| `CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC` | Equivalent of setting `DISABLE_AUTOUPDATER`, `DISABLE_BUG_COMMAND`, `DISABLE_ERROR_REPORTING`, and `DISABLE_TELEMETRY` |830| `CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC` | Equivalent of setting `DISABLE_AUTOUPDATER`, `DISABLE_BUG_COMMAND`, `DISABLE_ERROR_REPORTING`, and `DISABLE_TELEMETRY` |
340| `CLAUDE_CODE_DISABLE_TERMINAL_TITLE` | Set to `1` to disable automatic terminal title updates based on conversation context |831| `CLAUDE_CODE_DISABLE_TERMINAL_TITLE` | Set to `1` to disable automatic terminal title updates based on conversation context |
832| `CLAUDE_CODE_ENABLE_TASKS` | Set to `false` to temporarily revert to the previous TODO list instead of the task tracking system. Default: `true`. See [Task list](/en/interactive-mode#task-list) |
833| `CLAUDE_CODE_ENABLE_TELEMETRY` | Set to `1` to enable OpenTelemetry data collection for metrics and logging. Required before configuring OTel exporters. See [Monitoring](/en/monitoring-usage) |
834| `CLAUDE_CODE_FILE_READ_MAX_OUTPUT_TOKENS` | Override the default token limit for file reads. Useful when you need to read larger files in full |
835| `CLAUDE_CODE_HIDE_ACCOUNT_INFO` | Set to `1` to hide your email address and organization name from the Claude Code UI. Useful when streaming or recording |
341| `CLAUDE_CODE_IDE_SKIP_AUTO_INSTALL` | Skip auto-installation of IDE extensions |836| `CLAUDE_CODE_IDE_SKIP_AUTO_INSTALL` | Skip auto-installation of IDE extensions |
342| `CLAUDE_CODE_MAX_OUTPUT_TOKENS` | Set the maximum number of output tokens for most requests |837| `CLAUDE_CODE_MAX_OUTPUT_TOKENS` | Set the maximum number of output tokens for most requests. Default: 32,000. Maximum: 64,000. Increasing this value reduces the effective context window available before [auto-compaction](/en/costs#reduce-token-usage) triggers. |
343| `CLAUDE_CODE_SKIP_BEDROCK_AUTH` | Skip AWS authentication for Bedrock (e.g. when using an LLM gateway) |838| `CLAUDE_CODE_OTEL_HEADERS_HELPER_DEBOUNCE_MS` | Interval for refreshing dynamic OpenTelemetry headers in milliseconds (default: 1740000 / 29 minutes). See [Dynamic headers](/en/monitoring-usage#dynamic-headers) |
344| `CLAUDE_CODE_SKIP_FOUNDRY_AUTH` | Skip Azure authentication for Microsoft Foundry (e.g. when using an LLM gateway) |839| `CLAUDE_CODE_SHELL` | Override automatic shell detection. Useful when your login shell differs from your preferred working shell (for example, `bash` vs `zsh`) |
345| `CLAUDE_CODE_SKIP_VERTEX_AUTH` | Skip Google authentication for Vertex (e.g. when using an LLM gateway) |840| `CLAUDE_CODE_SHELL_PREFIX` | Command prefix to wrap all bash commands (for example, for logging or auditing). Example: `/path/to/logger.sh` will execute `/path/to/logger.sh <command>` |
841| `CLAUDE_CODE_SKIP_BEDROCK_AUTH` | Skip AWS authentication for Bedrock (for example, when using an LLM gateway) |
842| `CLAUDE_CODE_SKIP_FOUNDRY_AUTH` | Skip Azure authentication for Microsoft Foundry (for example, when using an LLM gateway) |
843| `CLAUDE_CODE_SKIP_VERTEX_AUTH` | Skip Google authentication for Vertex (for example, when using an LLM gateway) |
346| `CLAUDE_CODE_SUBAGENT_MODEL` | See [Model configuration](/en/model-config) |844| `CLAUDE_CODE_SUBAGENT_MODEL` | See [Model configuration](/en/model-config) |
347| `CLAUDE_CODE_USE_BEDROCK` | Use [Bedrock](/en/amazon-bedrock) |845| `CLAUDE_CODE_USE_BEDROCK` | Use [Bedrock](/en/amazon-bedrock) |
348| `CLAUDE_CODE_USE_FOUNDRY` | Use [Microsoft Foundry](/en/microsoft-foundry) |846| `CLAUDE_CODE_USE_FOUNDRY` | Use [Microsoft Foundry](/en/microsoft-foundry) |
349| `CLAUDE_CODE_USE_VERTEX` | Use [Vertex](/en/google-vertex-ai) |847| `CLAUDE_CODE_USE_VERTEX` | Use [Vertex](/en/google-vertex-ai) |
848| `CLAUDE_CONFIG_DIR` | Customize where Claude Code stores its configuration and data files |
350| `DISABLE_AUTOUPDATER` | Set to `1` to disable automatic updates. |849| `DISABLE_AUTOUPDATER` | Set to `1` to disable automatic updates. |
351| `DISABLE_BUG_COMMAND` | Set to `1` to disable the `/bug` command |850| `DISABLE_BUG_COMMAND` | Set to `1` to disable the `/bug` command |
352| `DISABLE_COST_WARNINGS` | Set to `1` to disable cost warning messages |851| `DISABLE_COST_WARNINGS` | Set to `1` to disable cost warning messages |
353| `DISABLE_ERROR_REPORTING` | Set to `1` to opt out of Sentry error reporting |852| `DISABLE_ERROR_REPORTING` | Set to `1` to opt out of Sentry error reporting |
853| `DISABLE_INSTALLATION_CHECKS` | Set to `1` to disable installation warnings. Use only when manually managing the installation location, as this can mask issues with standard installations |
354| `DISABLE_NON_ESSENTIAL_MODEL_CALLS` | Set to `1` to disable model calls for non-critical paths like flavor text |854| `DISABLE_NON_ESSENTIAL_MODEL_CALLS` | Set to `1` to disable model calls for non-critical paths like flavor text |
355| `DISABLE_PROMPT_CACHING` | Set to `1` to disable prompt caching for all models (takes precedence over per-model settings) |855| `DISABLE_PROMPT_CACHING` | Set to `1` to disable prompt caching for all models (takes precedence over per-model settings) |
356| `DISABLE_PROMPT_CACHING_HAIKU` | Set to `1` to disable prompt caching for Haiku models |856| `DISABLE_PROMPT_CACHING_HAIKU` | Set to `1` to disable prompt caching for Haiku models |
357| `DISABLE_PROMPT_CACHING_OPUS` | Set to `1` to disable prompt caching for Opus models |857| `DISABLE_PROMPT_CACHING_OPUS` | Set to `1` to disable prompt caching for Opus models |
358| `DISABLE_PROMPT_CACHING_SONNET` | Set to `1` to disable prompt caching for Sonnet models |858| `DISABLE_PROMPT_CACHING_SONNET` | Set to `1` to disable prompt caching for Sonnet models |
359| `DISABLE_TELEMETRY` | Set to `1` to opt out of Statsig telemetry (note that Statsig events do not include user data like code, file paths, or bash commands) |859| `DISABLE_TELEMETRY` | Set to `1` to opt out of Statsig telemetry (note that Statsig events do not include user data like code, file paths, or bash commands) |
860| `ENABLE_TOOL_SEARCH` | Controls [MCP tool search](/en/mcp#scale-with-mcp-tool-search). Values: `auto` (default, enables at 10% context), `auto:N` (custom threshold, e.g., `auto:5` for 5%), `true` (always on), `false` (disabled) |
861| `FORCE_AUTOUPDATE_PLUGINS` | Set to `true` to force plugin auto-updates even when the main auto-updater is disabled via `DISABLE_AUTOUPDATER` |
360| `HTTP_PROXY` | Specify HTTP proxy server for network connections |862| `HTTP_PROXY` | Specify HTTP proxy server for network connections |
361| `HTTPS_PROXY` | Specify HTTPS proxy server for network connections |863| `HTTPS_PROXY` | Specify HTTPS proxy server for network connections |
864| `IS_DEMO` | Set to `true` to enable demo mode: hides email and organization from the UI, skips onboarding, and hides internal commands. Useful for streaming or recording sessions |
362| `MAX_MCP_OUTPUT_TOKENS` | Maximum number of tokens allowed in MCP tool responses. Claude Code displays a warning when output exceeds 10,000 tokens (default: 25000) |865| `MAX_MCP_OUTPUT_TOKENS` | Maximum number of tokens allowed in MCP tool responses. Claude Code displays a warning when output exceeds 10,000 tokens (default: 25000) |
363| `MAX_THINKING_TOKENS` | Enable [extended thinking](https://docs.claude.com/en/docs/build-with-claude/extended-thinking) and set the token budget for the thinking process. Extended thinking improves performance on complex reasoning and coding tasks but impacts [prompt caching efficiency](https://docs.claude.com/en/docs/build-with-claude/prompt-caching#caching-with-thinking-blocks). Disabled by default. |866| `MAX_THINKING_TOKENS` | Override the [extended thinking](https://docs.claude.com/en/docs/build-with-claude/extended-thinking) token budget. Thinking is enabled at max budget (31,999 tokens) by default. Use this to limit the budget (for example, `MAX_THINKING_TOKENS=10000`) or disable thinking entirely (`MAX_THINKING_TOKENS=0`). Extended thinking improves performance on complex reasoning and coding tasks but impacts [prompt caching efficiency](https://docs.claude.com/en/docs/build-with-claude/prompt-caching#caching-with-thinking-blocks). |
364| `MCP_TIMEOUT` | Timeout in milliseconds for MCP server startup |867| `MCP_TIMEOUT` | Timeout in milliseconds for MCP server startup |
365| `MCP_TOOL_TIMEOUT` | Timeout in milliseconds for MCP tool execution |868| `MCP_TOOL_TIMEOUT` | Timeout in milliseconds for MCP tool execution |
366| `NO_PROXY` | List of domains and IPs to which requests will be directly issued, bypassing proxy |869| `NO_PROXY` | List of domains and IPs to which requests will be directly issued, bypassing proxy |
367| `SLASH_COMMAND_TOOL_CHAR_BUDGET` | Maximum number of characters for slash command metadata shown to [SlashCommand tool](/en/slash-commands#slashcommand-tool) (default: 15000) |870| `SLASH_COMMAND_TOOL_CHAR_BUDGET` | Maximum number of characters for skill metadata shown to the [Skill tool](/en/skills#control-who-invokes-a-skill) (default: 15000). Legacy name kept for backwards compatibility. |
368| `USE_BUILTIN_RIPGREP` | Set to `0` to use system-installed `rg` intead of `rg` included with Claude Code |871| `USE_BUILTIN_RIPGREP` | Set to `0` to use system-installed `rg` instead of `rg` included with Claude Code |
369| `VERTEX_REGION_CLAUDE_3_5_HAIKU` | Override region for Claude 3.5 Haiku when using Vertex AI |872| `VERTEX_REGION_CLAUDE_3_5_HAIKU` | Override region for Claude 3.5 Haiku when using Vertex AI |
370| `VERTEX_REGION_CLAUDE_3_7_SONNET` | Override region for Claude 3.7 Sonnet when using Vertex AI |873| `VERTEX_REGION_CLAUDE_3_7_SONNET` | Override region for Claude 3.7 Sonnet when using Vertex AI |
371| `VERTEX_REGION_CLAUDE_4_0_OPUS` | Override region for Claude 4.0 Opus when using Vertex AI |874| `VERTEX_REGION_CLAUDE_4_0_OPUS` | Override region for Claude 4.0 Opus when using Vertex AI |
377Claude Code has access to a set of powerful tools that help it understand and modify your codebase:880Claude Code has access to a set of powerful tools that help it understand and modify your codebase:
378 881
379| Tool | Description | Permission Required |882| Tool | Description | Permission Required |
380| :------------------ | :--------------------------------------------------------------------------------- | :------------------ |883| :------------------ | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------------------ |
381| **AskUserQuestion** | Asks the user multiple choice questions to gather information or clarify ambiguity | No |884| **AskUserQuestion** | Asks multiple-choice questions to gather requirements or clarify ambiguity | No |
382| **Bash** | Executes shell commands in your environment | Yes |885| **Bash** | Executes shell commands in your environment (see [Bash tool behavior](#bash-tool-behavior) below) | Yes |
383| **BashOutput** | Retrieves output from a background bash shell | No |886| **TaskOutput** | Retrieves output from a background task (bash shell or subagent) | No |
384| **Edit** | Makes targeted edits to specific files | Yes |887| **Edit** | Makes targeted edits to specific files | Yes |
385| **ExitPlanMode** | Prompts the user to exit plan mode and start coding | Yes |888| **ExitPlanMode** | Prompts the user to exit plan mode and start coding | Yes |
386| **Glob** | Finds files based on pattern matching | No |889| **Glob** | Finds files based on pattern matching | No |
387| **Grep** | Searches for patterns in file contents | No |890| **Grep** | Searches for patterns in file contents | No |
388| **KillShell** | Kills a running background bash shell by its ID | No |891| **KillShell** | Kills a running background bash shell by its ID | No |
892| **MCPSearch** | Searches for and loads MCP tools when [tool search](/en/mcp#scale-with-mcp-tool-search) is enabled | No |
389| **NotebookEdit** | Modifies Jupyter notebook cells | Yes |893| **NotebookEdit** | Modifies Jupyter notebook cells | Yes |
390| **Read** | Reads the contents of files | No |894| **Read** | Reads the contents of files | No |
391| **Skill** | Executes a skill within the main conversation | Yes |895| **Skill** | Executes a [skill](/en/skills#control-who-invokes-a-skill) within the main conversation | Yes |
392| **SlashCommand** | Runs a [custom slash command](/en/slash-commands#slashcommand-tool) | Yes |
393| **Task** | Runs a sub-agent to handle complex, multi-step tasks | No |896| **Task** | Runs a sub-agent to handle complex, multi-step tasks | No |
394| **TodoWrite** | Creates and manages structured task lists | No |897| **TaskCreate** | Creates a new task in the task list | No |
898| **TaskGet** | Retrieves full details for a specific task | No |
899| **TaskList** | Lists all tasks with their current status | No |
900| **TaskUpdate** | Updates task status, dependencies, or details | No |
395| **WebFetch** | Fetches content from a specified URL | Yes |901| **WebFetch** | Fetches content from a specified URL | Yes |
396| **WebSearch** | Performs web searches with domain filtering | Yes |902| **WebSearch** | Performs web searches with domain filtering | Yes |
397| **Write** | Creates or overwrites files | Yes |903| **Write** | Creates or overwrites files | Yes |
904| **LSP** | Code intelligence via language servers. Reports type errors and warnings automatically after file edits. Also supports navigation operations: jump to definitions, find references, get type info, list symbols, find implementations, trace call hierarchies. Requires a [code intelligence plugin](/en/discover-plugins#code-intelligence) and its language server binary | No |
398 905
399Permission rules can be configured using `/allowed-tools` or in [permission settings](/en/settings#available-settings). Also see [Tool-specific permission rules](/en/iam#tool-specific-permission-rules).906Permission rules can be configured using `/allowed-tools` or in [permission settings](/en/settings#available-settings). Also see [Tool-specific permission rules](/en/iam#tool-specific-permission-rules).
400 907
908### Bash tool behavior
909
910The Bash tool executes shell commands with the following persistence behavior:
911
912* **Working directory persists**: When Claude changes the working directory (for example, `cd /path/to/dir`), subsequent Bash commands will execute in that directory. You can use `CLAUDE_BASH_MAINTAIN_PROJECT_WORKING_DIR=1` to reset to the project directory after each command.
913* **Environment variables do NOT persist**: Environment variables set in one Bash command (for example, `export MY_VAR=value`) are **not** available in subsequent Bash commands. Each Bash command runs in a fresh shell environment.
914
915To make environment variables available in Bash commands, you have **three options**:
916
917**Option 1: Activate environment before starting Claude Code** (simplest approach)
918
919Activate your virtual environment in your terminal before launching Claude Code:
920
921```bash theme={null}
922conda activate myenv
923# or: source /path/to/venv/bin/activate
924claude
925```
926
927This works for shell environments but environment variables set within Claude's Bash commands will not persist between commands.
928
929**Option 2: Set CLAUDE\_ENV\_FILE before starting Claude Code** (persistent environment setup)
930
931Export the path to a shell script containing your environment setup:
932
933```bash theme={null}
934export CLAUDE_ENV_FILE=/path/to/env-setup.sh
935claude
936```
937
938Where `/path/to/env-setup.sh` contains:
939
940```bash theme={null}
941conda activate myenv
942# or: source /path/to/venv/bin/activate
943# or: export MY_VAR=value
944```
945
946Claude Code will source this file before each Bash command, making the environment persistent across all commands.
947
948**Option 3: Use a SessionStart hook** (project-specific configuration)
949
950Configure in `.claude/settings.json`:
951
952```json theme={null}
953{
954 "hooks": {
955 "SessionStart": [{
956 "matcher": "startup",
957 "hooks": [{
958 "type": "command",
959 "command": "echo 'conda activate myenv' >> \"$CLAUDE_ENV_FILE\""
960 }]
961 }]
962 }
963}
964```
965
966The hook writes to `$CLAUDE_ENV_FILE`, which is then sourced before each Bash command. This is ideal for team-shared project configurations.
967
968See [SessionStart hooks](/en/hooks#persisting-environment-variables) for more details on Option 3.
969
401### Extending tools with hooks970### Extending tools with hooks
402 971
403You can run custom commands before or after any tool executes using972You can run custom commands before or after any tool executes using
409 978
410## See also979## See also
411 980
412* [Identity and Access Management](/en/iam#configuring-permissions) - Learn about Claude Code's permission system981* [Identity and Access Management](/en/iam#configuring-permissions) - Permission system overview and how allow/ask/deny rules interact
413* [IAM and access control](/en/iam#enterprise-managed-policy-settings) - Enterprise policy management982* [Tool-specific permission rules](/en/iam#tool-specific-permission-rules) - Detailed patterns for Bash, Read, Edit, WebFetch, MCP, and Task tools, including security limitations
414* [Troubleshooting](/en/troubleshooting#auto-updater-issues) - Solutions for common configuration issues983* [Managed settings](/en/iam#managed-settings) - Managed policy configuration for organizations
984* [Troubleshooting](/en/troubleshooting) - Solutions for common configuration issues
