Claude Code settings
> ## Documentation Index > Fetch the complete documentation index at: https://code.claude.com/docs/llms.txt > Use this file to discover all available pages before exploring further.
Overview
Documentation Index
Fetch the complete documentation index at: https://code.claude.com/docs/llms.txt Use this file to discover all available pages before exploring further.
Claude Code settings
Configure Claude Code with global and project-level settings, and environment variables.
Claude Code offers a variety of settings to configure its behavior to meet your needs. You can configure Claude Code by running the /config command when using the interactive REPL, which opens a tabbed Settings interface where you can view status information and modify configuration options.
Configuration scopes
Claude Code uses a scope system to determine where configurations apply and who they're shared with. Understanding scopes helps you decide how to configure Claude Code for personal use, team collaboration, or enterprise deployment.
Available scopes
| Scope | Location | Who it affects | Shared with team? |
|---|---|---|---|
| Managed | Server-managed settings, plist / registry, or system-level managed-settings.json | All users on the machine | Yes (deployed by IT) |
| User | ~/.claude/ directory | You, across all projects | No |
| Project | .claude/ in repository | All collaborators on this repository | Yes (committed to git) |
| Local | .claude/settings.local.json | You, in this repository only | No (gitignored) |
When to use each scope
Managed scope is for:
- Security policies that must be enforced organization-wide
- Compliance requirements that can't be overridden
- Standardized configurations deployed by IT/DevOps
User scope is best for:
- Personal preferences you want everywhere (themes, editor settings)
- Tools and plugins you use across all projects
- API keys and authentication (stored securely)
Project scope is best for:
- Team-shared settings (permissions, hooks, MCP servers)
- Plugins the whole team should have
- Standardizing tooling across collaborators
Local scope is best for:
- Personal overrides for a specific project
- Testing configurations before sharing with the team
- Machine-specific settings that won't work for others
How scopes interact
When the same setting is configured in multiple scopes, more specific scopes take precedence:
- Managed (highest) - can't be overridden by anything
- Command line arguments - temporary session overrides
- Local - overrides project and user settings
- Project - overrides user settings
- User (lowest) - applies when nothing else specifies the setting
For example, if a permission is allowed in user settings but denied in project settings, the project setting takes precedence and the permission is blocked.
What uses scopes
Scopes apply to many Claude Code features:
| Feature | User location | Project location | Local location |
|---|---|---|---|
| Settings | ~/.claude/settings.json | .claude/settings.json | .claude/settings.local.json |
| Subagents | ~/.claude/agents/ | .claude/agents/ | None |
| MCP servers | ~/.claude.json | .mcp.json | ~/.claude.json (per-project) |
| Plugins | ~/.claude/settings.json | .claude/settings.json | .claude/settings.local.json |
| CLAUDE.md | ~/.claude/CLAUDE.md | CLAUDE.md or .claude/CLAUDE.md | CLAUDE.local.md |
Settings files
The settings.json file is the official mechanism for configuring Claude
Code through hierarchical settings:
-
User settings are defined in
~/.claude/settings.jsonand apply to all projects. -
Project settings are saved in your project directory:
.claude/settings.jsonfor settings that are checked into source control and shared with your team.claude/settings.local.jsonfor settings that are not checked in, useful for personal preferences and experimentation. Claude Code will configure git to ignore.claude/settings.local.jsonwhen it is created.
-
Managed settings: For organizations that need centralized control, Claude Code supports multiple delivery mechanisms for managed settings. All use the same JSON format and cannot be overridden by user or project settings:
-
Server-managed settings: delivered from Anthropic's servers via the Claude.ai admin console. See server-managed settings.
-
MDM/OS-level policies: delivered through native device management on macOS and Windows:
- macOS:
com.anthropic.claudecodemanaged preferences domain. The plist's top-level keys mirrormanaged-settings.json, with nested settings as dictionaries and arrays as plist arrays. Deploy via configuration profiles in Jamf, Iru (Kandji), or similar MDM tools. - Windows:
HKLM\\SOFTWARE\\Policies\\ClaudeCoderegistry key with aSettingsvalue (REG\_SZ or REG\_EXPAND\_SZ) containing JSON (deployed via Group Policy or Intune) - Windows (user-level):
HKCU\\SOFTWARE\\Policies\\ClaudeCode(lowest policy priority, only used when no admin-level source exists)
- macOS:
-
File-based:
managed-settings.jsonandmanaged-mcp.jsondeployed to system directories:-
macOS:
/Library/Application Support/ClaudeCode/ -
Linux and WSL:
/etc/claude-code/ -
Windows:
C:\\Program Files\\ClaudeCode\\The legacy Windows path
C:\\ProgramData\\ClaudeCode\\managed-settings.jsonis no longer supported as of v2.1.75. Administrators who deployed settings to that location must migrate files toC:\\Program Files\\ClaudeCode\\managed-settings.json.
File-based managed settings also support a drop-in directory at
managed-settings.d/in the same system directory alongsidemanaged-settings.json. This lets separate teams deploy independent policy fragments without coordinating edits to a single file.Following the systemd convention,
managed-settings.jsonis merged first as the base, then all*.jsonfiles in the drop-in directory are sorted alphabetically and merged on top. Later files override earlier ones for scalar values; arrays are concatenated and de-duplicated; objects are deep-merged. Hidden files starting with.are ignored.Use numeric prefixes to control merge order, for example
10-telemetry.jsonand20-security.json. -
See managed settings and Managed MCP configuration for details.
This repository includes starter deployment templates for Jamf, Iru (Kandji), Intune, and Group Policy. Use these as starting points and adjust them to fit your needs.
Managed deployments can also restrict plugin marketplace additions using
strictKnownMarketplaces. For more information, see Managed marketplace restrictions. -
-
Other configuration is stored in
~/.claude.json. This file contains your OAuth session, MCP server configurations for user and local scopes, per-project state (allowed tools, trust settings), and various caches. Project-scoped MCP servers are stored separately in.mcp.json.Claude Code automatically creates timestamped backups of configuration files and retains the five most recent backups to prevent data loss.
{
"$schema": "https://json.schemastore.org/claude-code-settings.json",
"permissions": {
"allow": [
"Bash(npm run lint)",
"Bash(npm run test *)",
"Read(~/.zshrc)"
],
"deny": [
"Bash(curl *)",
"Read(./.env)",
"Read(./.env.*)",
"Read(./secrets/**)"
]
},
"env": {
"CLAUDE_CODE_ENABLE_TELEMETRY": "1",
"OTEL_METRICS_EXPORTER": "otlp"
},
"companyAnnouncements": [
"Welcome to Acme Corp! Review our code guidelines at docs.acme.com",
"Reminder: Code reviews required for all PRs",
"New security policy in effect"
]
}
The $schema line in the example above points to the official JSON schema for Claude Code settings. Adding it to your settings.json enables autocomplete and inline validation in VS Code, Cursor, and any other editor that supports JSON schema validation.
The published schema is updated periodically and may not include settings added in the most recent CLI releases, so a validation warning on a recently documented field does not necessarily mean your configuration is invalid.
Available settings
settings.json supports a number of options:
| Key | Description | Example |
|---|---|---|
agent | Run the main thread as a named subagent. Applies that subagent's system prompt, tool restrictions, and model. See Invoke subagents explicitly | "code-reviewer" |
allowedChannelPlugins | (Managed settings only) Allowlist of channel plugins that may push messages. Replaces the default Anthropic allowlist when set. Undefined = fall back to the default, empty array = block all channel plugins. Requires channelsEnabled: true. See Restrict which channel plugins can run | [{ "marketplace": "claude-plugins-official", "plugin": "telegram" }] |
allowedHttpHookUrls | Allowlist of URL patterns that HTTP hooks may target. Supports * as a wildcard. When set, hooks with non-matching URLs are blocked. Undefined = no restriction, empty array = block all HTTP hooks. Arrays merge across settings sources. See Hook configuration | ["https://hooks.example.com/*"] |
allowedMcpServers | When set in managed-settings.json, allowlist of MCP servers users can configure. Undefined = no restrictions, empty array = lockdown. Applies to all scopes. Denylist takes precedence. See Managed MCP configuration | [{ "serverName": "github" }] |
allowManagedHooksOnly | (Managed settings only) Only managed hooks, SDK hooks, and hooks from plugins force-enabled in managed settings enabledPlugins are loaded. User, project, and all other plugin hooks are blocked. See Hook configuration | true |
allowManagedMcpServersOnly | (Managed settings only) Only allowedMcpServers from managed settings are respected. deniedMcpServers still merges from all sources. Users can still add MCP servers, but only the admin-defined allowlist applies. See Managed MCP configuration | true |