Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.runlayer.com/llms.txt

Use this file to discover all available pages before exploring further.

Claude Cowork can export organization-wide OpenTelemetry logs directly to Runlayer. Use this setup when you want Cowork sessions to appear in Runlayer Sessions without installing a local hook or daemon on each user’s machine. Runlayer accepts Cowork OTLP logs at: 
https://<your-tenant>.runlayer.com/api/v1/hooks/cowork/otlp/v1/logs
For manual local payload tests, use the local app URL: 
http://localhost:3000/api/v1/hooks/cowork/otlp/v1/logs
Do not use localhost in Claude Cowork monitoring settings. Cowork exports from Anthropic’s VM, so localhost points at the Cowork environment, not your developer machine. To test with a real Cowork session against a local Runlayer stack, expose your local app through a reachable HTTPS tunnel and use that tunnel URL as the OTLP endpoint.

Requirements

  • Claude Team or Enterprise with Cowork monitoring access
  • Claude desktop app version 1.1.4173 or later
  • A Runlayer organization API key with the MCP Watch Scan role
  • Full session scanning enabled for Claude Cowork in Runlayer

Create the Runlayer API key

1

Open Organization API keys

In Runlayer, go to Settings -> Organization API keys.
2

Create a scoped key

Click Create Organization API Key, give it a name such as Claude Cowork OTLP, and select MCP Watch Scan.
3

Copy the key

Copy the generated rl_org_... value. Cowork uses this key in the OTLP header, and Runlayer rejects user API keys or org keys without the MCP Watch Scan role.

Enable Cowork in Runlayer

1

Open Full session scanning

In Runlayer, go to Settings -> General -> Full session scanning.
2

Enable the API

Turn on Full session scanning APIs.
3

Enable Claude Cowork

Under Hook clients, turn on Claude Cowork, then save the settings.

Configure Claude Cowork

In Claude admin settings, open Cowork monitoring settings and set:
FieldValue
OTLP endpointhttps://<your-tenant>.runlayer.com/api/v1/hooks/cowork/otlp/v1/logs
OTLP protocolhttp/protobuf recommended; http/json also works
OTLP headersAuthorization=Bearer rl_org_...
If your organization restricts Cowork network egress, allowlist your Runlayer tenant hostname, such as <your-tenant>.runlayer.com. Cowork exports telemetry from its VM, so blocked egress prevents events from reaching Runlayer. After saving the Cowork monitoring settings, start a new Cowork session. Cowork loads monitoring settings when a session starts, so already-running sessions do not pick up the new OTLP destination.

Verify in Runlayer

  1. Start a new Cowork session and submit a prompt.
  2. Open Sessions in Runlayer.
  3. Filter by client Claude Cowork.
You should see Cowork prompts, tool decisions, tool results, API requests, and API errors in the session timeline. Runlayer closes Cowork sessions automatically after they stop sending activity.

Troubleshooting

No Cowork sessions appear

  • Confirm Full session scanning APIs is on.
  • Confirm Claude Cowork is enabled under Hook clients.
  • Confirm the Cowork OTLP endpoint includes /api/v1/hooks/cowork/otlp/v1/logs.
  • Confirm the OTLP header uses an organization API key with MCP Watch Scan.
  • Start a new Cowork session after changing monitoring settings.
  • If Cowork egress allowlisting is enabled, allowlist your Runlayer tenant hostname.

Runlayer returns 403

Use an organization API key with the MCP Watch Scan role. Personal user API keys and org keys without that role are rejected for Cowork OTLP ingestion.

JSON or protobuf

Use http/protobuf for normal deployments. Use http/json when you need to inspect payloads while testing. Runlayer accepts both protocols on the same endpoint.