Skip to content
opencode
HomeDocs

Permissions

Control which actions require approval to run.

By default, OpenCode allows all operations without requiring explicit approval. You can configure this using the permission option.

opencode.json
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "edit": "allow",
    "bash": "ask",
    "webfetch": "deny"
  }
}

This lets you configure granular controls for the edit, bash, and webfetch tools.

  • "ask" — Prompt for approval before running the tool
  • "allow" — Allow all operations without approval
  • "deny" — Disable the tool

Tools

Currently, the permissions for the edit, bash, and webfetch tools can be configured through the permission option.

edit

Use the permission.edit key to control whether file editing operations require user approval.

opencode.json
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "edit": "ask"
  }
}

bash

You can use the permission.bash key to control whether bash commands as a whole need user approval.

opencode.json
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "bash": "ask"
  }
}

Or, you can target specific commands and set it to allow, ask, or deny.

opencode.json
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "bash": {
      "git push": "ask",
      "git status": "allow",
      "git diff": "allow",
      "npm run build": "allow",
      "ls": "allow",
      "pwd": "allow"
    }
  }
}

Wildcards

You can also use wildcards to manage permissions for specific bash commands.

For example, disable all Terraform commands.

opencode.json
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "bash": {
      "terraform *": "deny"
    }
  }
}

You can also use the * wildcard to manage permissions for all commands. For example, deny all commands except a couple of specific ones.

opencode.json
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "bash": {
      "*": "deny",
      "pwd": "allow",
      "git status": "ask"
    }
  }
}

Here a specific rule can override the * wildcard.

Glob patterns

The wildcard uses simple regex globbing patterns.

  • * matches zero or more of any character
  • ? matches exactly one character
  • All other characters match literally

webfetch

Use the permission.webfetch key to control whether the LLM can fetch web pages.

opencode.json
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "webfetch": "ask"
  }
}

Agents

You can also configure permissions per agent. Where the agent specific config overrides the global config. Learn more about agent permissions.

opencode.json
{
  "$schema": "https://opencode.ai/config.json",
  "permission": {
    "bash": {
      "git push": "ask"
    }
  },
  "agent": {
    "build": {
      "permission": {
        "bash": {
          "git push": "allow"
        }
      }
    }
  }
}

For example, here the build agent overrides the global bash permission to allow git push commands.

You can also configure permissions for agents in Markdown.

~/.config/opencode/agent/review.md
---
description: Code review without edits
mode: subagent
permission:
  edit: deny
  bash: ask
  webfetch: deny
---


Only analyze code and suggest changes.