[FEATURE] Using JWT token from MCP OAuth with Hooks

Resolved 💬 3 comments Opened Feb 13, 2026 by liukatkat Closed Mar 14, 2026

Preflight Checklist

  • [x] I have searched existing requests and this feature hasn't been requested yet
  • [x] This is a single feature request (not multiple features)

Problem Statement

I’m building hooks that call API endpoints requiring authentication. While the existing OAuth flow for MCP servers is well-designed, it currently doesn’t work for hooks.

This means hooks need their own separate OAuth flow, even when they’re accessing the same APIs as the MCP server. Having multiple OAuth flows for the same integration adds complexity for developers and users. It would be much cleaner if hooks and MCP servers could use a single shared OAuth flow.

As to why hooks need to access the same APIs as the MCP server, hooks is deterministic and calling MCP tools isn't, and there are some MCP tools/ endpoints (e.g. security scans) that I want to call deterministically.

Proposed Solution

Ideally, both MCP server requests and hooks could share a single, unified OAuth flow. But if we can somehow extract the auth token from the MCP flow so that it can be used in hooks (maybe passed in as one of the hook inputs), that would be ok too.

Alternative Solutions

Another way to approach this is to let hooks call MCP tools: https://github.com/anthropics/claude-code/issues/4274, and we only need to authenticate once when connecting to the MCP server.

Priority

Critical - Blocking my work

Feature Category

MCP server integration

Use Case Example

  1. I have an MCP server and a set of hooks in a plugin. The MCP server is a remote server with OAuth. The hooks call API endpoints that also take in the JWT token you get via the MCP OAuth.
  2. With this feature, I can have the hooks call API endpoints without going through a separate auth flow.

Additional Context

_No response_

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗