Config Hierarchy
Definition
The layered resolution order Claude Code uses to merge settings.json files from multiple scopes into one effective configuration, with higher-precedence scopes overriding conflicting keys from lower ones.
Key points
- Precedence high→low: Managed > CLI > Local > Project > User. Managed = MDM/enterprise policy (uneditable, cannot be overridden); CLI = command-line flags; Local =
.claude/settings.local.json(gitignored, personal); Project =.claude/settings.json(committed, shared); User =~/.claude/settings.json(all your projects). - Distinct from the global
~/.claude.jsonfile, which holds OAuth credentials, MCP registrations, and folder trust — not the same as Usersettings.json. - Common keys:
permissions{allow,deny,ask},hooks,model,env,cleanupPeriodDays(default 30),agent,autoMemoryEnabled,autoMemoryDirectory,claudeMd,claudeMdExcludes,effortLevel,outputStyle,sandbox.enabled,forceLoginMethod,viewMode,disableAllHooks. - Settings are merged, not wholesale-replaced: permission rules merge across all scopes rather than the top scope winning entirely.
- Hot-reload vs restart: permissions, hooks, and credentials hot-reload mid-session; changing
modeloroutputStylerequires a restart.
Why it matters for the exam
- D3 is 20% of scored content and the precedence chain is a favourite recall question — memorise Managed > CLI > Local > Project > User exactly (order and direction).
- Expect "which file wins?" scenarios (e.g. a project rule vs a local override, or an enterprise policy that a user cannot override).
Common gotchas
- Managed settings sit above CLI flags — a policy can block even a flag you pass.
~/.claude.json(global OAuth/MCP/trust) is not Usersettings.json; don't conflate them.- Rules merge, so a
denyin a lower scope still applies even if a higher scope hasallow— see Permissions Merge And Deny Beats Allow.
See also
Sources
Referenced by
Practice questions optional · AI
Generate fresh practice questions about this concept with AI. These are not vault-verified.