[BUG] MCP need logo_uri, client_uri, tos_uri must be parsable
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
When I try to use Claude Code or Claude Desktop with my custom MCP server using OAuth (based on Ory Hydra), Claude does not send the logo_uri, client_uri, or tos_uri fields.
Hydra DCR responds with all of these values set to an empty string (""), but your validation requires these fields to be valid, parseable URLs. As a result, the MCP fails with URL validation errors for those fields.
What Should Happen?
This should happen when the client is created: Claude needs to send the client_uri, logo_uri, and tos_uri fields during client registration.
Error Messages/Logs
Error: [
{
validation: 'url',
code: 'invalid_string',
message: 'Invalid url',
path: ['client_uri'],
},
{
code: 'custom',
message: 'URL must be parseable',
fatal: true,
path: ['client_uri'],
},
{
validation: 'url',
code: 'invalid_string',
message: 'Invalid url',
path: ['logo_uri'],
},
{
code: 'custom',
message: 'URL must be parseable',
fatal: true,
path: ['logo_uri'],
},
{
validation: 'url',
code: 'invalid_string',
message: 'Invalid url',
path: ['tos_uri'],
},
{
code: 'custom',
message: 'URL must be parseable',
fatal: true,
path: ['tos_uri'],
},
]
Steps to Reproduce
- Deploy an Ory Hydra instance and enable Dynamic Client Registration (DCR).
- Configure the MCP server to use OAuth with Hydra, requiring client_uri, logo_uri, and tos_uri during client creation.
- Open Claude Code (or Claude Desktop) and attempt to authenticate with the MCP server.
- Observe that Claude does not send client_uri, logo_uri, or tos_uri, causing URL validation errors.
Claude Model
Not sure / Multiple models
Is this a regression?
No, this never worked
Last Working Version
_No response_
Claude Code Version
v2.0.65
Platform
Anthropic API
Operating System
Ubuntu/Debian Linux
Terminal/Shell
WSL (Windows Subsystem for Linux)
Additional Information
This is payload send by Claude code :
{
client_name: 'Claude Code (Organization name)',
redirect_uris: [ 'http://localhost:51777/callback' ],
grant_types: [ 'authorization_code', 'refresh_token' ],
response_types: [ 'code' ],
token_endpoint_auth_method: 'none'
}
And this is client returned by Hydra;
{
client_id: '144f6511-daf0-4ff8-81d6-c7ef21333396',
client_name: 'Claude Code (Organization name)',
redirect_uris: [ 'http://localhost:56933/callback' ],
grant_types: [ 'authorization_code', 'refresh_token' ],
response_types: [ 'code' ],
scope: 'mcp.discover mcp.read mcp.write offline_access offline openid profile email',
audience: [],
owner: '',
policy_uri: '',
allowed_cors_origins: [],
tos_uri: '',
client_uri: '',
logo_uri: '',
contacts: [],
client_secret_expires_at: 0,
subject_type: 'public',
jwks: {},
token_endpoint_auth_method: 'none',
userinfo_signed_response_alg: 'none',
created_at: '2025-12-11T14:38:51Z',
updated_at: '2025-12-11T14:38:51.062203Z',
metadata: {},
registration_access_token: 'redacted_token',
registration_client_uri: 'redacted_url',
skip_consent: false,
skip_logout_consent: null,
authorization_code_grant_access_token_lifespan: null,
authorization_code_grant_id_token_lifespan: null,
authorization_code_grant_refresh_token_lifespan: null,
client_credentials_grant_access_token_lifespan: null,
implicit_grant_access_token_lifespan: null,
implicit_grant_id_token_lifespan: null,
jwt_bearer_grant_access_token_lifespan: null,
refresh_token_grant_id_token_lifespan: null,
refresh_token_grant_access_token_lifespan: null,
refresh_token_grant_refresh_token_lifespan: null,
device_authorization_grant_id_token_lifespan: null,
device_authorization_grant_access_token_lifespan: null,
device_authorization_grant_refresh_token_lifespan: null
}This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗