claude-code
claude-code copied to clipboard
anthropics
How to avoid re-authenticating in docker container?
The suggested approach to use --dangerously-skip-permissions is to setup docker.
The https://docs.anthropic.com/en/docs/claude-code/security talks about usage with VSCode. But for those of us that do not use VSCode (IntelliJ user here) I would like to use CLI on claude in Docker and mount a directory to be seen from both my host and docker.
The mounting worked fine and I am able to start claude code in docker. However, each time I restart the container I have to re-auth with claude.
Is there a way to share the authentication from my host machine to Docker? I have been looking for some sort of auth file but have not found it.
The question would apply to how to do it on both MacOS and Linux as hosts.
Great question, I struggled with this too.
Making ~/.claude.json persist on host also did not do the trick for me. It stored auth, when I restart/rebuild container, it mounts it, but it still requires re-login.
I made a personal clone of Codex using Claude Code, and the way that I ended up solving this was:
- I mount ~/.claude and ~/.claude.json into the containers. (you want "bypassPermissionsModeAccepted": true in .claude.json if you want to use --dangerously-skip-permissions in headless mode)
- In my container startup script, I copy settings.json, .credentials.json, and .claude.json from the mounted volumes into place in the container and update their file permissions.
I do the same type of thing to get my github creds in there for gh usage.
For me, that's worked fine and I've never had to auth or deal with anything inside the containers. Of course in this case, each container only has the lifespan of whatever task it has been given to do, they are not sitting around for days or weeks.
possibly this relates to https://github.com/anthropics/claude-code/issues/1414 — so only using containers is possible, but mixing linux containers & mac causes deletions...
fyi, if all you need is sanboxing, bubblewrap is lightweight and stupid simple:
bwrap --bind / / --dev /dev \
--ro-bind "$HOME" "$HOME" \
--bind "$HOME/.claude" "$HOME/.claude" \
--bind "$HOME/.claude.json" "$HOME/.claude.json" \
--bind "$XDG_CACHE_HOME" "$XDG_CACHE_HOME" \
--bind "$PWD" "$PWD" \
claude --dangerously-skip-permissions
(maybe even worth mentioning in the docs?)
bwrap --bind / / --dev /dev
--ro-bind "$HOME" "$HOME"
--bind "$HOME/.claude" "$HOME/.claude"
--bind "$HOME/.claude.json" "$HOME/.claude.json"
--bind "$XDG_CACHE_HOME" "$XDG_CACHE_HOME"
--bind "$PWD" "$PWD"
claude --dangerously-skip-permissions
Can you explain? From my understanding you are mounting root with read/write using --bind / /? Thus your sandboxing does not make sense then?
But actually thanks for this hint, but I am on macos
Basically I need stuff like /dev, /tmp, /nix in RW, and I'm too lazy to figure out the exact list. Not exactly the right way to do it, but I don't really care if my root gets nuked, as long as my $HOME is safe (explicit RO binds to the right take precedence).
Besides, all the important stuff outside of $HOME should be safe because of file system permissions, as long as you're not running claude as root.
Mount the ~/.claude directory into your container and perform manual authentication the first time. Run claude login, open the OAuth URL in your browser, and paste the generated token back into Claude. This will create a ~/.claude/.credentials.json file. Keeping this file in place prevents repeated authentication.
Mount the
~/.claudedirectory into your container and perform manual authentication the first time. Runclaude login, open the OAuth URL in your browser, and paste the generated token back into Claude. This will create a~/.claude/.credentials.jsonfile. Keeping this file in place prevents repeated authentication.
fyi this works, unless you ever use claude on your mac outside of the container, which deletes the file https://github.com/anthropics/claude-code/issues/1414
This is an issue as well for me - i'm using the devcontainer.json and Dockerfile as a template to do the same claude config mounting, and I'm still having to login each time I rebuild - not a huge deal, but would like to understand how to fix it.
On a mac host with ubuntu on docker, using cursor as IDE.
What worked for me incase anyone else is facing this issue when using Claude code within devcontainers
inside your container set CLAUDE_CONFIG_DIR to point to some folder which is mounted from the host machine e.g., via docker-compose volumes
I am still trying to setup this cleanly. From my research to persist the authentication we need to mount: ~/.claude folder (that include .credentials.json) - not an issue ~.claude.json file - that is not possible if the file does not exist (docker automatically creates a folder) @mintuhouse, if we use CLAUDE_CONFIG_DIR, does the ~.claude.json file get stored there?
It works cleanly using CLAUDE_CONFIG_DIR to define a config folder Claude code saves .claude.json and .credentials.json plus few other config sub-folders in the location defined by the CLAUDE_CONFIG_DIR Creating a docker volume that mounts to this folder makes the settings persistent. That includes the authentication.
CLAUDE_CONFIG_DIR works best with Docker. I have created some examples in the README of https://github.com/nezhar/claude-container
one could also use the CLAUDE_CODE_OAUTH_TOKEN environment variable (claude setup-token), but then you can't use opus until #4085 is fixed
upd: ~apparently fixed in #5625~ I can't read, sorry
The CLAUDE_CONFIG_DIR approach mentioned above seems like a good approach for running Claude Code in Docker without needing to re-auth.
This issue has been automatically locked since it was closed and has not had any activity for 7 days. If you're experiencing a similar issue, please file a new issue and reference this one if it's relevant.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}