OAuth token auto-refresh broken in long-running --channels sessions

Resolved 💬 3 comments Opened Apr 8, 2026 by chenothy Closed Apr 11, 2026

Description

OAuth access tokens are not being auto-refreshed in long-running claude --channels sessions. The access token expires after ~8 hours, causing all MCP server connections (Notion, Linear, Figma, Gmail, etc.) to disconnect. The user must manually run /login to restore the session.

Environment

  • Claude Code version: 2.1.94 (also reproduced on 2.1.92)
  • OS: macOS (Darwin 25.4.0), Apple Silicon Mac mini
  • Auth method: Claude.ai OAuth (--claudeai)
  • Subscription: Max (5x rate limit tier)
  • Session type: claude --channels plugin:telegram@claude-plugins-official --dangerously-skip-permissions
  • Runtime: always-on via tmux

Steps to Reproduce

  1. Run claude --channels plugin:telegram@claude-plugins-official in a tmux session
  2. Authenticate via /login
  3. Wait ~8 hours without interacting via the CLI (messages come in via the Telegram channel plugin)
  4. Observe that MCP servers disconnect and the session becomes unresponsive to external services

Expected Behavior

The refresh token (present in ~/.claude/.credentials.json) should be used to silently obtain a new access token before the ~8-hour expiry window closes, keeping the session alive indefinitely.

Actual Behavior

  • Access token expires after ~8 hours
  • No auto-refresh occurs — expiresAt in credentials.json does not update
  • MCP servers (Notion, Linear, Figma, Gmail, Google Calendar, Slack) all disconnect
  • User must manually /login to get a new token
  • Running claude auth status does NOT trigger a refresh

Additional Context

  • The --channels mode is designed for long-running daemon-style usage, so token auto-refresh is critical
  • The refresh token IS present in the credentials file and has not been revoked
  • The OAuth refresh endpoint cannot be called externally (blocked by Cloudflare), so there is no workaround available from outside the CLI
  • This may be a regression — the user reports it worked without issues approximately one week prior (around v2.1.90/2.1.91)
  • Auto-updates (which install nightly around 8-9pm) also disrupt the session, compounding the problem

Workaround

None available. User must manually /login every ~8 hours. Setting up a cron to call the refresh endpoint externally fails due to Cloudflare protection.

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗