[BUG] Claude.ai and mcp-remote ignore `registration_endpoint` from OAuth discovery document, calling hardcoded `/register` instead of `/oauth/register`

Resolved 💬 4 comments Opened Mar 20, 2026 by ccamusso Closed Apr 21, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

When connecting to a remote MCP server that declares a non-root OAuth
registration path in its discovery document (e.g. /oauth/register),
both mcp-remote and Claude.ai browser interface fail to connect.

The client correctly fetches the OAuth discovery document from
/.well-known/oauth-authorization-server and finds the
registration_endpoint field, but then ignores it. Instead of calling
the declared URL, it constructs a hardcoded /register path on the
issuer base URL, which returns HTTP 404.

This violates RFC 8414 (OAuth 2.0 Authorization Server Metadata), which
requires clients to use the registration_endpoint value from the
discovery document when present.

The same MCP server connects and authenticates successfully with
ChatGPT, confirming full spec compliance on the server side and that
the issue is on the client side.

What Should Happen?

The client should read the registration_endpoint field from the OAuth
discovery document and use that exact URL to register the client
dynamically, as required by RFC 7591 (OAuth 2.0 Dynamic Client
Registration) and RFC 8414.

In this specific case, the correct registration URL is:
https://www.app.fattura24.com/s2/oauth/register

This endpoint is fully functional. A direct call returns a valid
client_id:

curl -X POST https://www.app.fattura24.com/s2/oauth/register \
  -H "Content-Type: application/json" \
  -d '{
    "redirect_uris": ["http://localhost:13246/callback"],
    "client_name": "mcp-remote-test",
    "grant_types": ["authorization_code"],
    "response_types": ["code"],
    "token_endpoint_auth_method": "none",
    "scope": "mcp"
  }'

Expected response:

{
  "client_id": "f24_67f1ee5524754764813f7db76cbee7fb",
  "client_id_issued_at": 1774026058,
  "client_name": "mcp-remote-test",
  "redirect_uris": ["http://localhost:13246/callback"],
  "grant_types": ["authorization_code", "refresh_token"],
  "response_types": ["code"],
  "token_endpoint_auth_method": "none"
}

Error Messages/Logs

**mcp-remote terminal output:**

[31494] Discovering OAuth server configuration...
[31494] Discovered authorization server: https://www.app.fattura24.com/s2
[31494] Connecting to remote server: https://www.app.fattura24.com/s2/mcp
[31494] Using transport strategy: http-first
[31494] Received error (status unknown): HTTP 404: Invalid OAuth error 
response: SyntaxError: Unexpected token '<', "<html><hea"... is not 
valid JSON. Raw body: <html>...<h1>HTTP Status 404 - /register</h1>...
[31494] Recursively reconnecting for reason: falling-back-to-alternate-transport
[31494] Connecting to remote server: https://www.app.fattura24.com/s2/mcp
[31494] Using transport strategy: sse-only
[31494] Connection error: ServerError: HTTP 404: Invalid OAuth error 
response [...]
[31494] Fatal error: ServerError: HTTP 404 [...]


**Claude.ai browser error:**

Couldn't reach the MCP server. You can check the server URL and verify 
the server is running. If this persists, share this reference with 
support: "ofid_9c28a14675ce5f23"


**Claude Desktop App error:**

Couldn't reach the MCP server. You can check the server URL and verify 
the server is running. If this persists, share this reference with 
support: "ofid_8e598390d66eb8ce"

Steps to Reproduce

  1. Set up a remote MCP server with OAuth, where the registration

endpoint is at a non-root path (e.g. /oauth/register instead of
/register), and declare it correctly in the discovery document at
/.well-known/oauth-authorization-server

  1. Verify the discovery document is accessible and returns the correct

registration_endpoint:
https://www.app.fattura24.com/s2/.well-known/oauth-authorization-server

   {
     "issuer": "https://www.app.fattura24.com/s2",
     "authorization_endpoint": "https://www.app.fattura24.com/s2/oauth/authorize",
     "token_endpoint": "https://www.app.fattura24.com/s2/oauth/token",
     "registration_endpoint": "https://www.app.fattura24.com/s2/oauth/register",
     "response_types_supported": ["code"],
     "grant_types_supported": ["authorization_code", "refresh_token"],
     "code_challenge_methods_supported": ["S256"],
     "token_endpoint_auth_methods_supported": ["none"],
     "scopes_supported": ["mcp"]
   }
  1. Try to connect via mcp-remote:
   npx mcp-remote https://www.app.fattura24.com/s2/mcp
  1. Observe that mcp-remote calls /register instead of

/oauth/register, receiving HTTP 404

  1. Try to connect the same server via Claude.ai browser interface or

Claude Desktop App — both fail with the errors shown above

Environment:

  • mcp-remote: 0.1.38
  • Node.js: v22.14.0
  • macOS (Apple Silicon)
  • Also reproduced via Claude.ai browser interface

Claude Model

None

Is this a regression?

Yes, this worked in a previous version

Last Working Version

_No response_

Claude Code Version

Claude 1.1.7714 (3bd6f6)

Platform

Anthropic API

Operating System

macOS

Terminal/Shell

Terminal.app (macOS)

Additional Information

_No response_

View original on GitHub ↗

This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗