[BUG] Additional allowed domains setting not applied to Claude Code container network egress
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
Domains added to "Additional allowed domains" in claude.ai/settings/capabilities are not being included in the network egress allowlist for Claude Code sessions.
When attempting to access fastdl.mongodb.org (which was explicitly added to the allowlist), requests are blocked with 403 Forbidden and x-deny-reason: host_not_allowed.
The JWT token issued to Claude Code containers does not include the custom domains added via the settings UI - only the default "Package managers only" domains are present.
This is related to #11897 but represents a different scenario: explicit custom domains added by the user are not being respected, rather than "All domains" mode not working.
What Should Happen?
Domains added to "Additional allowed domains" should be included in the allowed_hosts claim of the JWT issued to Claude Code containers, allowing network access to those domains.
Error Messages/Logs
$ curl -I https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu2204-8.0.0.tgz
HTTP/1.1 403 Forbidden
x-deny-reason: host_not_allowed
content-length: 16
content-type: text/plain
date: Sun, 18 Jan 2026 21:51:52 GMT
server: envoy
connection: close
curl: (56) CONNECT tunnel failed, response 403
Steps to Reproduce
- Go to
claude.ai/settings/capabilities - Under "Code execution and file creation", ensure "Allow network egress" is enabled
- Set "Domain allowlist" to "Package managers only"
- In "Additional allowed domains", add
fastdl.mongodb.org - Verify the domain appears in the list below the input field
- Start a new Claude Code session (tried multiple fresh sessions)
- Run:
curl -I https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu2204-8.0.0.tgz - Observe: Request fails with
403 host_not_allowed
Claude Model
Opus
Is this a regression?
I don't know
Last Working Version
_No response_
Claude Code Version
Claude Code on the Web
Platform
Anthropic API
Operating System
Ubuntu/Debian Linux
Terminal/Shell
Non-interactive/CI environment
Additional Information
Use case: This blocks mongodb-memory-server from downloading MongoDB binaries for testing, which is a common pattern for Node.js/TypeScript projects using MongoDB.
Workaround attempted: Verified the domain was correctly saved in the UI, started multiple fresh Claude Code sessions - all sessions receive the same host_not_allowed error.
Technical detail: Inspecting the proxy configuration via verbose curl output shows the JWT's allowed_hosts claim contains only the default package manager domains, not the custom domain added via the UI.
Screenshot of settings:
The "Additional allowed domains" section clearly shows fastdl.mongodb.org in the list.
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗