OAuth token not refreshed/persisted to macOS Keychain, requiring re-login every session
Resolved 💬 3 comments Opened Mar 25, 2026 by nvvibes Closed Mar 28, 2026
Description
Claude Code requires re-authentication every time it's opened on macOS. The OAuth access token has a ~15 hour lifetime and the refresh token is not being used to persist a new access token back to Keychain.
Evidence
- macOS Keychain entry
Claude Code-credentialsexists with bothaccessTokenandrefreshToken - Keychain
cdat(created) andmdat(modified) timestamps are identical — the credential is written once and never updated - Access token
expiresAtis ~15 hours after creation - Keychain settings are fine (
no-timeout, no auto-lock) - Credential is readable via
security find-generic-password
Environment
- Claude Code version: 2.1.81
- macOS Darwin 24.6.0
- Subscription: Claude Max 5x (OAuth login)
- Keychain:
login.keychain-db
Expected behavior
The refresh token should be used to obtain a new access token before/when the current one expires, and the updated credential should be written back to Keychain so that login persists across sessions.
Actual behavior
Token expires after ~15 hours, refresh never fires (or result is never persisted), and user is prompted to log in again on next launch.
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗