Skip to main content

Govern Claude Code in 10 Minutes

This guide gets Claude Code running through Sequenceware with real policy enforcement.

1. Prerequisites (30 seconds)

  • Docker + Docker Compose
  • Claude Code installed and authenticated
  • Node.js 20+
docker --version
claude --version
node --version

Expected result:

  • docker --version and claude --version both work

Screenshot placeholder - prerequisites

2. Start Sequenceware (1 minute)

git clone https://github.com/nacorga/sequenceware.git
cd sequenceware
cp .env.example .env
SEED_DEMO_DATA=true docker compose up --build

Expected output:

  • Backend on http://localhost:3000
  • Dashboard on http://localhost:4200
[backend] Nest application successfully started
[frontend] Angular live development server is listening on localhost:4200

Screenshot placeholder - dashboard running

3. Get your API key (1 minute)

  1. Open http://localhost:4200.
  2. Sign in with demo credentials from .env:
    • Email: admin@demo.sequenceware.com
    • Password: demo-password-change-me
  3. Create an API key from the dashboard (Settings -> API Keys).

If your dashboard build does not expose API Key management yet, create one via API:

JWT_TOKEN=$(curl -s -X POST http://localhost:3000/auth/login \
  -H "Content-Type: application/json" \
  -d '{"email":"admin@demo.sequenceware.com","password":"demo-password-change-me"}' \
  | node -e "let b='';process.stdin.on('data',d=>b+=d);process.stdin.on('end',()=>process.stdout.write(JSON.parse(b).accessToken));")

curl -s -X POST http://localhost:3000/api-keys \
  -H "Authorization: Bearer $JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"name":"Claude Code Tutorial","agentId":"claude-code"}'

Expected output:

{
  "key": "acl_..."
}

Screenshot placeholder - API key creation

4. Install the CLI (30 seconds)

Preferred (published package):

npm install -g @sequenceware/cli

Local fallback (from this repository):

cd cli
npm install
npm run build
npm link
cd ..

Expected output:

sequenceware check

Screenshot placeholder - CLI install

5. Configure Claude Code (1 minute)

Create .sequenceware.json in your project root:

{
  "baseUrl": "http://localhost:3000",
  "apiKey": "acl_replace_with_your_key",
  "agentId": "claude-code"
}

Create or update .claude/settings.json:

{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": ".*",
        "command": "npx @sequenceware/cli check"
      }
    ]
  }
}

Expected output:

  • Claude Code now routes tool checks through Sequenceware before execution.

Screenshot placeholder - Claude settings

6. Test it (2 minutes)

Trigger a blocked scenario (git push --force) through the CLI check command:

echo '{"tool_input":{"command":"git push --force origin main"},"session_id":"tutorial-session-1","tool_name":"Bash"}' \
  | npx @sequenceware/cli check

echo "exit code: $?"

Expected output:

Sequenceware blocked this tool call: ...
exit code: 2

Then open http://localhost:4200/runs and confirm the blocked tool call is visible.

Screenshot placeholder - blocked tool call

7. Customize policies (2 minutes)

From the dashboard, open Policies and enable/disable coding-agent presets.

API fallback (admin JWT required):

# List policies
curl -s http://localhost:3000/policies \
  -H "Authorization: Bearer $JWT_TOKEN"

# Disable one policy by ID
curl -s -X PATCH http://localhost:3000/policies/<policyId> \
  -H "Authorization: Bearer $JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"enabled":false}'

Expected output:

  • New tool calls immediately reflect the updated policy behavior.

Screenshot placeholder - policy customization

8. What's next

/integrations/claude-code
/concepts/policies
/concepts/approvals
/sdk/overview

Expected output:

For additional integrations, see the Integrations index.

Screenshot placeholder - next steps