MCP /mcp menu does not show servers needing re-authentication after token revocation
Description
When an HTTP MCP server's OAuth session is revoked server-side (e.g., user revokes session from a settings page), Claude Code correctly detects the auth failure when a tool is called:
Error: MCP server "mantira" requires re-authorization (token expired)
However, the /mcp menu does not surface this server as needing authentication. The server either shows as "connected" or doesn't appear in the list of servers requiring auth action.
Expected behavior
After a tool call fails with an auth error (401 / token revoked / token expired), the /mcp menu should show the affected server as needing re-authentication, allowing the user to trigger the OAuth flow again without restarting Claude Code.
Steps to reproduce
- Configure an HTTP MCP server with OAuth 2.1 in
.mcp.json:
``json``
{
"mcpServers": {
"my-server": {
"type": "http",
"url": "https://example.com/api/mcp"
}
}
}
- Authenticate successfully via the OAuth flow
- Revoke the session server-side (e.g., set
revoked_aton the session record) - Attempt to use an MCP tool — observe the "requires re-authorization" error
- Open
/mcpmenu — the server does not appear as needing authentication
Environment
- Claude Code CLI
- MCP server using OAuth 2.1 with PKCE (spec-compliant)
- Server correctly returns 401 on revoked tokens and rejects refresh attempts
Workaround
Restarting Claude Code in the project directory forces a fresh connection attempt, which triggers the OAuth re-authorization flow.
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗