Managing Claude's Permissions
You’re in control! Claude asks permission before doing anything significant, and you can manage exactly what Claude is allowed to do.
How permissions work
Section titled “How permissions work”Permission prompts
Section titled “Permission prompts”When Claude needs to do something new, you’ll see a permission request:
🔒 Permission RequestClaude wants to: Run commandCommand: npm install expressDirectory: /home/myproject
[Allow Once] [Always Allow] [Deny]Your choices
Section titled “Your choices”Allow Once ✅
- Permits this specific action
- Claude has to ask again next time
- Good for trying things out
Always Allow 🟢
- Allows this type of action going forward
- Speeds up your workflow
- You can revoke later
Deny ❌
- Blocks the action
- Claude will suggest alternatives
- Keeps you in control
Permission types
Section titled “Permission types”File operations
Section titled “File operations”Claude may ask to:
- Read files in new directories
- Create files in specific locations
- Modify existing files
- Delete files (rare, always asks)
Command execution
Section titled “Command execution”Permissions for:
- Running build commands
- Installing packages
- Starting servers
- System operations
Web access
Section titled “Web access”Controls for:
- Fetching documentation
- Searching for solutions
- Accessing specific domains
- Reading web content
Managing permissions
Section titled “Managing permissions”Current permissions
Section titled “Current permissions”See what Claude can do:
- Look for the 🔒 icon in chat
- Tap to see active permissions
- Review allowed actions
Revoking permissions
Section titled “Revoking permissions”Changed your mind? Easy:
- Tap the permission indicator
- Select permissions to revoke
- Claude loses that access immediately
Permission modes
Section titled “Permission modes”Default mode 🟡
- Claude asks for each new action
- Most secure option
- Recommended for sensitive projects
Permissive mode 🟢
- Claude has broader access
- Fewer interruptions
- Good for trusted projects
Restricted mode 🔴
- Claude can only read and respond
- No file or command access
- Maximum security
Smart permission features
Section titled “Smart permission features”Contextual requests
Section titled “Contextual requests”Claude only asks for what’s needed:
- Working on frontend? Won’t ask about backend files
- Debugging? May need to run diagnostic commands
- Writing docs? Mainly needs read access
Grouped permissions
Section titled “Grouped permissions”Similar actions group together:
- “Allow reading all JavaScript files”
- “Allow running npm commands”
- “Allow editing files in src/ folder”
Temporary permissions
Section titled “Temporary permissions”Some permissions auto-expire:
- “Allow for this session”
- “Allow for 1 hour”
- “Allow for this conversation”
Common permission scenarios
Section titled “Common permission scenarios”Starting a new project
Section titled “Starting a new project”Claude might ask to:
- Create project folders
- Write initial files
- Install dependencies
- Run setup commands
Debugging existing code
Section titled “Debugging existing code”Permissions needed:
- Read error logs
- View related files
- Run diagnostic commands
- Edit buggy code
Learning and exploring
Section titled “Learning and exploring”Minimal permissions:
- Read files to understand
- Maybe run safe commands
- No editing needed
Security best practices
Section titled “Security best practices”Be selective
Section titled “Be selective”- Only grant what’s needed
- Start with “Allow Once”
- Upgrade to “Always Allow” when comfortable
Project-based permissions
Section titled “Project-based permissions”Different projects, different rules:
- Personal projects: More permissive
- Work projects: More restrictive
- Learning projects: Balanced approach
Sensitive areas
Section titled “Sensitive areas”Be extra careful with:
- System directories
- Configuration files
- Database access
- Production code
Understanding Claude’s access
Section titled “Understanding Claude’s access”What Claude sees
Section titled “What Claude sees”- Only files you discuss or share
- Only directories you approve
- Only commands you permit
- Only your current space
What Claude can’t do
Section titled “What Claude can’t do”- Access other apps
- Modify system settings
- See your personal files
- Access without permission
Transparency
Section titled “Transparency”Claude always shows:
- What action is needed
- Why it’s helpful
- What will happen
- Any risks involved
Permission indicators
Section titled “Permission indicators”Look for these symbols:
🟢 Active permission
- Claude can perform this action
- Previously approved by you
🟡 Pending request
- Waiting for your decision
- Action paused until approved
🔴 Denied action
- You said no to this
- Claude works around it
🔒 Restricted mode
- Limited capabilities active
- Maximum security engaged
Quick permission tips
Section titled “Quick permission tips”For new users
Section titled “For new users”- Start restrictive
- Grant permissions as needed
- Build trust over time
- Learn what each permission does
For power users
Section titled “For power users”- Set up permission groups
- Use “Always Allow” for common tasks
- Create project-specific rules
- Streamline your workflow
For sensitive work
Section titled “For sensitive work”- Use restricted mode
- Grant minimal permissions
- Review actions carefully
- Revoke when done
Troubleshooting permissions
Section titled “Troubleshooting permissions””Claude can’t do that”
Section titled “”Claude can’t do that””- Check if permission was denied
- Look for the 🔒 indicator
- Grant necessary permission
- Try the action again
”Too many permission requests”
Section titled “”Too many permission requests””- Consider “Always Allow” for common actions
- Group similar permissions
- Switch to permissive mode for trusted projects
”Accidentally allowed something”
Section titled “”Accidentally allowed something””- Revoke immediately via 🔒 menu
- Claude loses access instantly
- No harm done!
Next steps
Section titled “Next steps”Ready for advanced Claude usage?