OAuth token expires daily, no way to re-auth over SSH — locked out for 6 days while traveling

Resolved 💬 4 comments Opened Mar 29, 2026 by gardel Closed May 10, 2026

Problem

I use Claude Code over SSH (Mosh from iPad to Mac via Tailscale) and have a Max 5x subscription. The OAuth access token expires roughly every 12-24 hours. When I'm physically at my Mac this is fine — Claude Code refreshes the token or I can re-run claude auth login in a browser.

But when traveling with only an iPad, there's no way to complete the OAuth browser flow remotely. I was locked out of Claude Code for 6 days on a recent trip because the token expired on day 1 and I had no way to re-authenticate.

This was completely unexpected. I didn't realize my access could just vanish overnight while away from my machine.

Current workaround

I've set up macOS Screen Sharing + RealVNC over Tailscale so I can remote into the Mac's desktop from my iPad and complete the OAuth flow through the browser. It works, but it's a lot of infrastructure for what should be a simple credential refresh.

What would help

Any of these would solve it:

  1. Longer-lived refresh tokens — if the refresh token lasted 30+ days and could renew silently without a browser, remote SSH usage would just work
  2. Headless re-auth flow — a claude auth login --headless or device-code flow that doesn't require a local browser (just a URL + code to enter on any device)
  3. Allow API key to use Max subscription billing — if I could generate a long-lived API key that drew from my Max plan instead of separate API billing, the problem disappears entirely

Environment

  • macOS (Mac Mini M4) as the Claude Code host
  • iPad connecting via Mosh over Tailscale
  • Max 5x subscription ($100/mo)
  • Claude Code CLI (latest)

🤖 Generated with Claude Code

View original on GitHub ↗

This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗