Settings examples

Claude Code settings.json Examples for Teams

A useful settings.json is not a pile of preferences. It is a scoped contract for which tools can run, which hooks must fire, and which local convenience should stay private.

Quick Answer

Start with project settings for shared repo policy, keep personal overrides local, use permissions.allow/ask/deny for tool rules, put hooks under lifecycle event names, and keep command scaffolds in .claude/commands only when a legacy command is the right fit.

For: Engineering teams turning Claude Code policy into reviewable JSON instead of scattered local defaults.

Key facts

What this page establishes

  • Start with project settings for shared repo policy, keep personal overrides local, use permissions.allow/ask/deny for tool rules, put hooks under lifecycle event names, and keep command scaffolds in .claude/commands only when a legacy command is the right fit.
  • Audience: Engineering teams turning Claude Code policy into reviewable JSON instead of scattered local defaults.
  • Primary-source base: Claude Code settings, Configure permissions, Hooks reference.

Put shared policy in the shared settings scope

Claude Code settings resolve from multiple scopes. That is useful only when ownership is clear: managed settings for administrators, project settings for repo policy, user settings for personal defaults, and local settings for private overrides.

If a rule must apply to a team, do not hide it in one developer account. Commit the project setting or document the managed policy that owns it. If a rule only helps one workstation, keep it local.

Primary-source anchor: Anthropic documents settings scopes and separates managed, user, project, and local ownership.

Model permissions before adding convenience

Permission rules are easiest to review when the intent is visible. Put high-risk blocks in deny, put commands that should still require judgment in ask, and allow only boring commands that support the workflow.

Deny rules take precedence over ask and allow rules. That means a broad deny cannot be punched through with a narrower allow later, so avoid broad blocks unless you truly want an unconditional boundary.

Small permissions block
{
  "permissions": {
    "allow": ["Read", "Bash(npm test *)", "Bash(git diff *)"],
    "ask": ["Bash(npm run build)", "WebFetch(domain:docs.example.com)"],
    "deny": ["Read(//**/.env)", "Bash(rm -rf *)", "mcp__*"]
  }
}

Primary-source anchor: Anthropic documents deny, ask, and allow precedence plus file, Bash, MCP, and agent rule syntax.

Keep hook JSON close to the lifecycle event

Hook configuration has a predictable shape: event name, optional matcher group, then one or more hook handlers. Tool events can match tool names such as Bash, Edit, or Write. Stop-style events always fire and should not depend on a matcher.

The safest first examples are narrow: lint after edits, block risky shell commands before Bash runs, or require a final check before Stop. Keep hook scripts small enough for code review.

Current hook shape
{
  "hooks": {
    "PostToolUse": [
      {
        "matcher": "Edit|Write",
        "hooks": [
          {
            "type": "command",
            "command": "${CLAUDE_PROJECT_DIR}/.claude/hooks/lint-changed.sh"
          }
        ]
      }
    ],
    "Stop": [
      {
        "hooks": [
          {
            "type": "command",
            "command": "${CLAUDE_PROJECT_DIR}/.claude/hooks/require-checks.sh"
          }
        ]
      }
    ]
  }
}

Primary-source anchor: the hooks reference documents event names, matcher groups, handler fields, input/output, and decision control.

Treat command files as lightweight workflow entry points

Skills are the recommended reusable capability, but legacy files in .claude/commands still work and can be useful for short team commands. Keep them concise and explicit about allowed tools and expected evidence.

A command scaffold should include a description, argument hints, optional allowed tools, the task contract, and the verification command the user expects Claude to run.

.claude/commands/review.md shape
---
description: Review the active diff for regressions
argument-hint: "[focus area]"
allowed-tools: Read Grep Bash(git diff *) Bash(npm test *)
---

Review the active diff for $ARGUMENTS.
Return findings with file paths, severity, and test evidence.

Primary-source anchor: Anthropic documents skills frontmatter and notes that files under .claude/commands still work with the same frontmatter.

Use generators as starters, not policy substitutes

Generated settings should be reviewed like any other configuration. The free tools on this site produce valid starter blocks, but a team still needs to verify commands, paths, and trust boundaries in its own repository.

The right output is boring JSON or markdown that a reviewer can understand in one pass. Avoid opaque all-purpose settings that claim to solve security, hooks, and workflow design at the same time.

  • Review generated JSON before committing it.
  • Keep hook scripts in the repository and code review them.
  • Use deny rules for unconditional boundaries.
  • Use ask rules for operations that need human judgment.
  • Run Claude Code locally after adding settings to catch typos and startup warnings.

Primary Sources

These are the source pages used for factual claims on this article.

Anthropic

Configure permissions

Permission rule syntax, deny/ask/allow precedence, file rules, MCP rules, and agent rules.

Anthropic

Hooks reference

Hook lifecycle, event cadence, input/output shape, and advanced hook types.

Cite This Page

Claude Ships Code. "Claude Code settings.json Examples for Teams." Updated 2026-07-06. https://claudeshipscode-com.pages.dev/settings-json

Claude Ships Code. "Claude Code settings.json Examples for Teams." Updated 2026-07-06. https://claudeshipscode-com.pages.dev/settings-json

FAQ

Where should Claude Code settings.json live?

Use .claude/settings.json for shared project settings, .claude/settings.local.json for private repo-local overrides, user settings for personal defaults, and managed settings for organization policy.

Are .claude/commands files still supported?

Yes. Anthropic documents that files in .claude/commands still work, although skills are recommended for richer reusable workflows.