Permissions and Access Control
Explore how Claude Code manages permissions to control access and tool usage safely in AI projects. Understand pattern syntax, precedence between allow and deny rules, and how to design minimal permission sets that follow the principle of least privilege. This lesson equips you to configure secure, production-ready Claude Code workflows by balancing automation with user approval for sensitive actions.
The permissions system is how Claude Code enforces access control at the harness level, independent of what Claude decides. When a tool call matches a deny pattern, Claude Code cancels it regardless of Claude’s reasoning. When it matches an allow pattern, it proceeds without prompting the user. For everything else, Claude Code pauses and asks. This lesson covers the pattern syntax, precedence rules, and the practical design of a minimal permission set for a production project. By the end of this lesson, we will be able to:
Write
allowanddenypatterns using the correct syntax for built-in tools.Explain the precedence rule when an
allowand adenypattern both match the same tool call.Identify what happens when a tool call matches neither
allownordeny.Design a permission set that follows the principle of least privilege.
Pattern syntax
Permission patterns use the form ToolName(argument-pattern). The tool name matches one of Claude Code’s built-in tools. The argument pattern is a glob applied to the relevant argument of that tool call. The built-in tools and their matchable arguments are:
Tool | Matched Argument | Example Pattern |
| The shell command string |
|
| The file path |
|
| The file path |
|
| The file path |
|
| The glob pattern argument |
|
| The search pattern |
|
| The URL |
|
| The search query |
|
Glob ...