Getting Started

Get Veto running in under 5 minutes. This guide covers creating an account, generating API keys, and connecting Claude Code.

1. Create an account

Sign up at dashboard.vetoapp.io/register. You'll be asked for:

• Email — used for login and notifications
• Password
• Organization name — your team or company name

After registration, you'll enter the setup wizard which walks you through the remaining steps.

2. Generate API keys

Veto uses two different types of API keys depending on your integration mode:

• Veto API key — for the Claude Code plugin (hook-based mode). Go to Settings → API Keys in the dashboard and create a new key.
• LiteLLM proxy key — for the proxy mode. Generated from the LLM Proxy section in the dashboard. This key authenticates Claude Code against the LiteLLM proxy.

Copy the key — it's only shown once.

3. Choose your integration

Option A: Claude Code Plugin (recommended for individuals)

The plugin hooks directly into Claude Code's permission system. Install it from the plugin marketplace:

Linux / macOS:

/plugin marketplace add damhau/veto-claude-plugin
/plugin install veto-linux

Windows:

/plugin marketplace add damhau/veto-claude-plugin
/plugin install veto-windows

Then run the setup command to configure your Veto API key and fail policy:

/veto:setup

See Installation → Plugin for details.

Option B: LLM Proxy (recommended for teams)

Enable the built-in LLM proxy from the dashboard. This enforces rules for everyone on the team without requiring individual plugin installs.

The proxy supports two modes:

• Passthrough — users keep their own LLM API keys; the proxy forwards their credentials to the upstream provider
• BYOK — the organization provides LLM API keys; all users share the org's keys via a virtual key

export ANTHROPIC_BASE_URL=https://proxy.vetoapp.io
# Passthrough mode: use your own Anthropic API key
export ANTHROPIC_API_KEY=your-anthropic-api-key
# BYOK mode: use the proxy key from the dashboard
export ANTHROPIC_API_KEY=your-proxy-key

See Installation → LLM Proxy for the full setup.

4. Start using Claude Code

Veto ships with a set of default rules out of the box — dangerous commands like rm -rf, sudo, and chmod 777 are already blocked, and read-only tools are allowed. You don't need to configure anything to get started.

Just use Claude Code as you normally would:

claude "list the files in this directory"

5. Review the Audit Log

Open the Audit Log in the dashboard to see every tool call, the rule that matched, and the decision (allowed or denied) — all in real time.

This gives you full visibility into what your agent is doing before you start fine-tuning rules.

6. Customize rules

Once you've seen the audit log and understand your workflow, head to Rules in the dashboard to adjust the defaults or add your own. For example, you might want to restrict writes to specific directories or block network access.

See Writing Rules for the full syntax and examples.

Next steps

• Writing Rules — full rule syntax and examples
• Architecture — understand the evaluation flow
• Troubleshooting — common issues and fixes