Claude in Chrome: 'Invalid token or user mismatch' on Desktop app bridge connection
Resolved 💬 4 comments Opened Apr 8, 2026 by JohnHubble Closed May 27, 2026
Environment
- Claude Desktop app v1.1062.0 (macOS, Darwin 25.4.0)
- Claude Code v2.1.92 (subprocess within Desktop app)
- Chrome extension ID: fcoeoabgfenejglbffodgkkbkcdhcgfn
- macOS, personal workspace account
Problem
Claude in Chrome extension cannot connect from the Desktop app. The bridge repeatedly fails with "Invalid token or user mismatch" (WebSocket close code 1008).
What works
chromeExtensionEnabled: trueis set inclaude_desktop_config.json— bridge initializes- Native host binary runs correctly, socket created at
/tmp/claude-mcp-browser-bridge-cyberjack/{pid}.sock - Socket is connectable (verified with node
net.createConnection) - OAuth token is fresh (cache cleared, re-signed in to both Desktop and Chrome extension)
- Chrome extension is installed, enabled, and signed in
Logs
[Claude in Chrome] Connecting to bridge: wss://bridge.claudeusercontent.com/chrome/{userId}
[Claude in Chrome] WebSocket connected, sending connect message
[Claude in Chrome] Bridge error: Invalid token or user mismatch
[Claude in Chrome] Bridge connection closed (code: 1008, duration: 0ms)
This repeats on every retry attempt. The OAuth token scope is user:inference user:office.
What was tried
- Cleared OAuth token cache in
config.json— fresh token obtained, same error - Signed out and back in to Claude.app — same error
- Signed out and back in to Chrome extension — same error
- Set
tengu_copper_bridge: falsein.claude.json— overwritten back totrueon startup by GrowthBook - Restarted Chrome, Claude.app, and toggled extension multiple times
- Verified native host config points to correct binary
Likely cause
Based on GitHub issues #38068, #34990, and #32011 — the bridge server may require user:sessions:claude_code scope which is not included in the Desktop app's OAuth token request (only user:inference user:office). This may be related to org-level scope restrictions.
Related issues
- #38068 — OAuth scope mismatch
- #34990 — Business domain triggers org scope restrictions
- #32011 — Two root causes for bridge auth failure
- #27055 — Server-side stale state
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗