Anthropic adds Claude Code Artifacts: live, shared HTML dashboards inside enterprise workspaces

Anthropic just turned a Claude Code session into something teams can actually use: Artifacts for Claude Team and Enterprise. The update converts a user’s work during a Claude Code run into a custom HTML webpage that refreshes in place at the same URL as Claude Code continues, letting teammates watch progress in real time and share the output internally.

Here is the part that matters for enterprise buyers. Instead of screenshots or delayed status updates, Artifacts produce a live, interactive, shareable web view and attach a version history to each update. That means an engineer and their stakeholders can track the agent’s progress, and teammates can roll back or review earlier versions on desktop or mobile. And because these pages are generated inside Claude Code’s workflow, Anthropic positions it as a bridge between deep engineering work and the non-technical stakeholders who typically struggle to interpret it.

To understand why this is a big deal, it helps to know what Claude Code was already trying to solve. Claude Code runs where engineering work happens, but communicating outcomes often happens somewhere else: a ticket, a doc, a slide deck, or a manually updated diagram. Anthropic’s Artifacts act like a translation layer built directly from the unbroken context of a user’s session. The agent uses the local repository codebase, connected monitoring tools, and conversational reasoning to spin up specialized web pages. The payoff is that engineers do not need to wire up extra infrastructure or build and maintain a separate UI just to explain what the agent is doing.

These Artifacts are also intentionally not “applications” in the traditional enterprise software sense. Anthropic’s new documentation is blunt about the constraint: "An artifact is a capture of work, not an application". Each Artifact is a single, self-contained HTML page capped at a rendered size of 16 MiB. The page is wrapped in a strict Content Security Policy (CSP) designed to block external network requests. In practice, that means it cannot load external scripts, fonts, or stylesheets, and fetch, XHR, and WebSocket calls are blocked. All CSS and JavaScript must be inlined, and images must be embedded as data URIs.

This is where the product philosophy shows up clearly. Artifacts cannot store form input, call an API at view time, or serve multiple routes. OpenAI, in contrast, is moving toward a more durable “workspace hosting” model in its own enterprise push. VentureBeat notes that Anthropic’s Artifacts update lands more than two weeks after OpenAI’s Codex platform release of “Sites,” which offers an enterprise hosting feature that looks similar on the surface but differs on architecture and intent.

According to OpenAI’s developer documentation, Codex Sites is designed as a platform-as-a-service that generates durable, full-stack web applications. Sites hosts projects that output as Cloudflare Worker-compatible ES modules, and it supports persistent backend infrastructure, including automatic wiring up of “D1” relational databases for structured data and “R2” object storage for file uploads. Sites also supports public sign-ins, integrates with external identity providers, and includes highly specific access controls for workspace groups. It uses a two-stage publishing process: creating a reviewable candidate linked to a Git commit before deploying to production. In short, the Sites direction is toward replacing internal SaaS tools.

Anthropic’s direction is narrower on purpose. By keeping Artifacts anchored to ephemeral, highly secure technical workflows, Anthropic aims to replace “whiteboard diagrams, manual bug walkthroughs, and status reports” with secure, self-updating visual tools that do not leak live data outside the corporate boundary. That security stance matters because these outputs sit at the nexus of proprietary company data and live codebases. It is also why both vendors are leaning into closed, proprietary licensing rather than open-source models. The source notes that neither Claude Code Artifacts nor Codex Sites can be independently forked or hosted by enterprise customers, because they rely on vendor-managed rendering engines and integration nodes.

Access control and enterprise governance are built into the rollout plans. Anthropic ensures artifacts are private to their author by default and cannot be made public to the broader internet. When an engineer shares a link, it is viewable exclusively by authenticated members of their specific organization, with system administrators retaining authority through org-level toggles, role-based scoping, and explicit retention policies, plus oversight via a centralized compliance API.

OpenAI takes a similarly gated approach with Codex Sites, rolling it out primarily for ChatGPT Business and Enterprise workspaces. Admins must explicitly enable Sites via role-based access control for enterprise tiers. OpenAI’s model is described as slightly more granular: when sharing a deployed URL, an engineer can restrict access to themselves and workspace admins, open it to all active users in the workspace, or limit access to custom user groups. OpenAI also provides a dedicated Sites panel to manage runtime environment variables and secrets securely, so keys do not have to be committed to local source files.

The market subtext here is straightforward: AI-generated work is moving up the chain from developer-only artifacts to stakeholder-facing surfaces. Boris Cherny, the Lead and creator of Claude Code, shared that he has been using Artifacts for “visual explanations of tricky code, system diagrams, quick previews of a few animation options, data analyses and dashboards” he shares with the team, calling them “a game changer” for how he works with Claude.

Executives should treat this update as a signal, not just a feature checkbox. Anthropic is betting that secure, live, versioned, shareable outputs will be the fastest path to internal adoption, while OpenAI is betting that AI will earn enterprise trust by becoming a more complete hosting layer with persistent infrastructure and production-like publishing. The strategic stakes for every operator and board are the same: which model best fits how your organization wants AI work to be reviewed, governed, and operationalized without turning compliance into a full-time job.