OAuth redirect_uri mismatch: client metadata declares localhost/callback but CLI uses localhost:8080/callback
Bug Description
When connecting to a third-party MCP server (answer-io) that validates the OAuth client metadata document, the OAuth flow fails because the redirect_uri used by Claude Code CLI does not match the redirect_uris declared in its own client metadata.
Client Metadata (CIMD)
https://claude.ai/oauth/claude-code-client-metadata declares:
{
"redirect_uris": ["http://localhost/callback", "http://127.0.0.1/callback"]
}
Actual Behavior
Claude Code CLI sends redirect_uri=http://localhost:8080/callback (with port 8080) in the OAuth authorization request, regardless of the --callback-port option.
Error from MCP Server
{"error":"invalid_request","error_description":"Redirect URI 'http://localhost:8080/callback' does not match CIMD redirect_uris."}
Steps to Reproduce
- Add an HTTP MCP server that validates redirect_uris against the CIMD:
````
claude mcp add --transport http --scope user answer-io https://mcp.answer-io.jp/mcp
- Attempt OAuth authentication
- The authorization URL contains
redirect_uri=http://localhost:8080/callback - The MCP server rejects it because the CIMD only lists port-less URIs
Expected Behavior
The redirect_uri in the OAuth flow should match one of the URIs declared in https://claude.ai/oauth/claude-code-client-metadata, e.g. http://localhost/callback.
Additional Notes
--callback-port 80option was also tried but had no effect — the CLI still used port 8080- Claude Code version: 2.1.89
- OS: Windows 11 Pro
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗