[BUG]
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
Official MCP plugins OAuth callback fails with 404 - localhost callback server unreachable
Description
OAuth authentication for official Claude plugins (@claude-plugins-official) fails because the localhost callback server becomes unreachable before the OAuth redirect completes, resulting in a 404 error.
Affected Plugins
supabase@claude-plugins-officialasana@claude-plugins-official
(Likely affects all official plugins using OAuth redirect flow)
Environment
| Field | Value |
|-------|-------|
| macOS version | 26.2 (Build 25C56) |
| Claude Code version | 2.1.29 |
| Shell | zsh |
| Terminal | [fill in: Terminal.app / iTerm / Warp / etc.] |
Debugging Performed
| Check | Result |
|-------|--------|
| macOS Firewall | Disabled (State = 0) |
| Proxy settings | None configured |
| Network filtering tools | None installed (no Little Snitch, Lulu, etc.) |
| VPN | None |
Workaround Confirmation
The Supabase CLI (npx supabase login) works correctly because it uses a verification code flow rather than a redirect callback flow. This confirms the issue is specific to the MCP plugin's OAuth implementation, not the system or network.
Suggested Fix
Consider implementing one of these alternatives:
- Device code flow (like Supabase CLI) - display a code for users to enter manually
- Longer timeout on the callback server
- Token-based auth - allow users to provide personal access tokens via environment variables as an alternative to OAuth
What Should Happen?
The localhost callback server should remain active until the OAuth redirect completes and the token is exchanged.
Error Messages/Logs
The callback URL (e.g., `http://localhost:54321/callback`) returns a 404. The temporary server appears to terminate before the OAuth flow completes.
Steps to Reproduce
- Enable an official plugin that requires OAuth (e.g., Supabase or Asana) in
~/.claude/settings.json - Trigger an action that requires authentication
- Browser opens to the OAuth provider's login page
- Complete authentication as quickly as possible
- OAuth provider redirects to
localhost:<random-port>/callback - Result: 404 error - the callback server is no longer running
Claude Model
None
Is this a regression?
I don't know
Last Working Version
_No response_
Claude Code Version
2.1.29
Platform
Anthropic API
Operating System
macOS
Terminal/Shell
Terminal.app (macOS)
Additional Information
_No response_
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗