Artifacts — Publishing Live Interactive Work - Claude Code Documentation (June 2026)

Key Principle

An artifact publishes a session's work as a live, interactive single page to a private URL on claude.ai, updated in place as the session continues and shareable inside your org. It is a capture of work, not an application: one self-contained HTML/Markdown page, no backend, served under a strict CSP (Section: Artifacts).

Why This Matters

Some output is easier to look at or interact with than to read line by line — annotated diffs, charts, side-by-side options, interactive tuning controls, live-updating progress for long tasks. Without an artifact, such output collapses into scrollback text, losing structure and interactivity (Section: When to use). Reopen the most recent artifact with Ctrl+] (Section: Create / reopen).

Good Examples

First publish of a new artifact prompts for permission, then prints the URL and opens the browser:

Claude wants to publish "Deploy failures by service" (deploy-failures.html) to a private page on claude.ai

Republishing an already-approved artifact does not prompt again; Claude publishes to the same URL and open viewers see the update in place (Section: Update).

To update from a different session you must give Claude the artifact's URL — otherwise a new session creates a new artifact (Section: Update):

Update https://claude.ai/code/artifact/5fbea6f3-... with today's numbers.

Record design tokens where Claude can find them (CLAUDE.md or a theme file); precedence is your prompt > your design system > Claude's own choices (Section: Visual design / precedence).

Counterpoints

Strict CSP, no network, no backend. The page runs sandboxed: CSP blocks scripts, stylesheets, fonts, images from other hosts plus fetch, XHR, WebSocket. Claude inlines CSS/JS and embeds images as data URIs. A static page can't store form input, authenticate viewers, or call an API at view time (Section: Page constraints).
Single page only. Relative links don't resolve; multi-section content uses in-page anchors, not separate files. Source must be .html, .htm, or .md; rendered size must be 16 MiB or smaller (large embedded images are the usual cause of size-failed publishes) (Section: Page constraints).
Viewable, not co-edited. Viewers must sign in to claude.ai as members of the same publishing org — no option to share outside it. To share externally, ask Claude for the HTML file and share it directly (Section: Share — stops at your org).
Requires every availability condition. If one fails, Claude writes a local HTML file or says it can't publish: Team (on by default) or Enterprise (admin enables); signed in via /login (API key / gateway token / cloud-provider credentials cannot publish); Anthropic API only — not Bedrock, Vertex AI, or Foundry; CMEK / HIPAA / Zero Data Retention must not be enabled (Section: Availability).
Viewer allowlist. The viewer loads from a sandboxed *.claudeusercontent.com origin; if your org restricts outbound access, allowlist that domain alongside claude.ai or the viewer silently fails (p. 12, Network access requirements).

Key Commands & Config

# Reopen most recent artifact
Ctrl+]

# Disable artifacts for your own sessions (any of):
"disableArtifact": true            # settings file
CLAUDE_CODE_DISABLE_ARTIFACT=1     # env var
Artifact                           # add to permissions.deny
CLAUDE_CODE_ARTIFACT_AUTO_OPEN=0   # stop browser auto-open only

# Off by default in: Agent SDK, GitHub Action, MCP-server contexts,
# and when CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC is set

Admin controls (claude.ai admin settings, Team/Enterprise):

Settings > Claude Code > Capabilities  -> Artifacts toggle (org-wide)
Settings > Roles -> edit role -> Artifacts permission (Enterprise + RBAC)
Settings > Data & privacy controls     -> retention (private vs shared)

Audit & Compliance API (p. 11–13):

# Audit events: claude_artifact_*  (publish / share / delete)
GET    /v1/compliance/code/artifacts
GET    /v1/compliance/code/artifacts/{artifact_id}/versions/{version_id}
DELETE /v1/compliance/code/artifacts/{artifact_id}

Rules of Thumb

Use an artifact when output is more useful to look at or interact with than to read as terminal text.
A styled page costs more output tokens than the same content as text — prefer SVG / HTML+CSS over raster images, drop unneeded interactivity, summarize large datasets rather than inlining them (Section: Token cost).
If Claude writes a local HTML file with no link, the tool isn't enabled — check the availability gates.

Related References

Permissions & Layered Safety - permissions.deny, org policy gates
Context & Session Management - token cost and CLAUDE.md design-token precedence
Team Adoption — The Champion Role - sharing shareable demos within an org