[FEATURE] Include `logo_uri` in Claude Code CIMD metadata document

Open 💬 0 comments Opened Apr 6, 2026 by btiernay

Preflight Checklist

  • [x] I have searched existing requests and this feature hasn't been requested yet
  • [x] This is a single feature request (not multiple features)

Problem Statement

Claude Code currently publishes a Client ID Metadata Document at:

The OAuth Client ID Metadata Document draft allows display metadata such as logo_uri, inherited from the OAuth Dynamic Client Registration metadata registry. The VS Code team recently tracked the same improvement for their CIMD document in microsoft/vscode#298300.

Specification references

<details>
<summary>Section 4.1 – Client Metadata</summary>

<https://drafts.oauth.net/draft-ietf-oauth-client-id-metadata-document/draft-ietf-oauth-client-id-metadata-document.html#section-4.1>
The client metadata values are the values defined in the OAuth Dynamic Client Registration Metadata OAuth Parameters registry.

The OAuth Dynamic Client Registration metadata registry includes logo_uri as defined by RFC 7591.

</details>

<details>
<summary>Section 6.5 – OAuth Phishing Attacks</summary>

<https://drafts.oauth.net/draft-ietf-oauth-client-id-metadata-document/draft-ietf-oauth-client-id-metadata-document.html#section-6.5>

Authorization servers SHOULD fetch the client_id metadata document provided in the authorization request in order to provide users with additional information about the request, such as the application name and logo.

</details>

<details>
<summary>Section 6.8 – Displaying Logos to End-Users</summary>

<https://drafts.oauth.net/draft-ietf-oauth-client-id-metadata-document/draft-ietf-oauth-client-id-metadata-document.html#section-6.8>

Authorization servers that wish to make use of the logo_uri property within the client metadata document SHOULD prefetch the file at logo_uri and cache it for the cache duration of the client metadata document.

</details>

Current Claude Code CIMD

Claude Code’s published metadata currently includes client_name, client_uri, redirect_uris, grant_types, response_types, and token_endpoint_auth_method, but does not include logo_uri.

Rationale

Including logo_uri in the Claude Code CIMD document would:

  • align with the CIMD draft and the DCR metadata registry
  • allow authorization servers to display recognizable Claude Code branding in OAuth consent screens
  • improve user trust when reviewing authorization requests
  • reduce ambiguity in consent prompts where a recognizable app logo helps users confirm what is requesting access

Proposed Solution

Proposed addition:

{
  "logo_uri": "https://claude.ai/images/claude_app_icon.png"
}
````

The value can remain static even if other portions of the CIMD document are updated independently.

<details>
<summary>Related discussion</summary>

Similar requests to include `logo_uri` in Client ID Metadata Documents:

* https://github.com/microsoft/vscode/issues/298300
* https://github.com/MCPJam/inspector/issues/1552
* https://github.com/evalstate/fast-agent/issues/710

</details>

### Alternative Solutions

_No response_

### Priority

Medium - Would be very helpful

### Feature Category

CLI commands and flags

### Use Case Example

_No response_

### Additional Context

_No response_

View original on GitHub ↗