[Bug] OAuth timeout (15s) too short for auth flow with Cloudflare challenge + logout redirect on Windows

Resolved 💬 5 comments Opened Mar 11, 2026 by tec-alan Closed Apr 9, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

claude auth login consistently fails with OAuth error: timeout of 15000ms exceeded. The browser-based OAuth flow takes far longer than the 15-second timeout due to a Cloudflare challenge, a logout/re-auth redirect, and slow callback page load times. Total elapsed time from flow start to callback completion is ~37 seconds.

Note: This was captured during the "Elevated errors on Claude.ai" incident on Mar 11, 2026 (status.anthropic.com), but the 15s timeout is too short even under normal conditions when Cloudflare challenges are involved.

Root cause from HAR + console log analysis:

  1. Browser opens claude.ai/oauth/authorize — loads normally (~1s)
  2. Server issues a logout + re-auth redirect (/logout?returnTo=...) even though user is already logged in
  3. Cloudflare challenge fires (cdn-cgi/challenge-platform/h/g/jsd/oneshot/...) — delays page interactivity
  4. After clicking "Authorize," redirect to localhost:{port}/callback succeeds with valid auth code
  5. Callback page onContentLoad takes ~10.8 seconds
  6. Also observed: GET chat_conversations_v2 returns 500 Internal Server Error
  7. Sometimes the authorize page loads as a blank page (Cloudflare challenge blocks rendering)

What Should Happen?

OAuth flow should complete successfully within the timeout window. The 15-second timeout should account for the actual server-side redirect chain, or the flow should avoid the unnecessary logout/re-auth cycle when the user already has a valid session.

Error Messages/Logs

OAuth error: timeout of 15000ms exceeded

Steps to Reproduce

  1. Be logged into claude.ai in the browser (Team plan)
  2. Run claude auth login from PowerShell
  3. Browser opens the OAuth authorize URL
  4. Page may appear blank initially (Cloudflare challenge)
  5. Click "Authorize" when the button appears
  6. Claude Code reports OAuth error: timeout of 15000ms exceeded
  7. Repeat — sometimes works on 2nd-4th attempt if the Cloudflare challenge is cached

Claude Model

None

Is this a regression?

Yes, this worked in a previous version

Last Working Version

2.1.72 (Claude Code)

Claude Code Version

2.1.72 (Claude Code)

Platform

Anthropic API

Operating System

Windows

Terminal/Shell

PowerShell

Additional Information

Suggested fixes:

  • Increase OAuth timeout to 30-60 seconds
  • Avoid the logout/re-auth redirect when user already has a valid session
  • Surface a better error message than "timeout of 15000ms exceeded"

Workaround: Setting ANTHROPIC_API_KEY environment variable bypasses OAuth entirely. Retrying can eventually succeed if the Cloudflare challenge gets cached.

Key timestamps from HAR:

  • Auth flow initiated: 15:52:25 UTC
  • Page reload/retry: 15:52:31 UTC
  • Callback received (with valid code): 15:53:02 UTC
  • Callback page onContentLoad: 10,856ms

See also: #32970 and #32968 (related auth issues)

Attached: HAR file and browser console log from "Get Help" dialog.

platform.claude.com-1773244440159.log

platform.claude.com.har.zip

View original on GitHub ↗

This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗