[FEATURE] Per-project OAuth tokens for project-scoped MCP servers (multi-workspace support)
Problem
When installing the Slack MCP plugin with --scope project in two different projects (each needing a different Slack workspace), the OAuth token is stored globally in ~/.claude/.credentials.json under a single key. This means authenticating into one Slack workspace overwrites the token for the other — you can only be connected to one workspace at a time.
Steps to reproduce
cd project-a && claude plugin install slack --scope project→ authenticate into Workspace Acd project-b && claude plugin install slack --scope project→ authenticate into Workspace B- Return to project-a → Slack MCP is now authenticated against Workspace B, not A
Expected behavior
Project-scoped MCP servers (installed via claude plugin install --scope project or claude mcp add --scope project) should store OAuth credentials per-project, not globally. Each project should maintain its own OAuth token so that different workspaces/accounts can be used in different projects.
Current behavior
- OAuth credentials are stored in
~/.claude/.credentials.jsonunder a single key per server URL (e.g.,plugin:slack:slack|<hash>) - Only one token exists regardless of how many projects use the same MCP server
- Authenticating in one project overwrites the credential used by all other projects
Use case
Working on multiple projects that each connect to a different Slack workspace (e.g., one for a client workspace, one for an internal workspace). The MCP server config is correctly project-scoped, but the auth is not.
Proposed solution
- For project-scoped MCP servers, store OAuth tokens keyed by project path + server, not just server name/URL
- User-scoped MCP servers can continue to use global tokens (see #37776 for the inverse request)
- This would enable multi-workspace support for services like Slack where different projects need different accounts
Related issues
- #37776 — Inverse request: share OAuth tokens globally for user-scoped servers
This issue has 7 comments on GitHub. Read the full discussion on GitHub ↗