[BUG] 401 Authentication Error — OAuth token rejected on all servers despite valid Max 20x subscription
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
[BUG] 401 Authentication Error — OAuth token rejected on all servers despite valid Max 20x subscription
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report
- [x] I am using the latest version of Claude Code
What's Wrong?
After working normally (including this morning), Claude Code suddenly started returning 401 authentication errors on every command, including /login, /logout, and claude login. This happens across all my servers (multiple VPS instances), ruling out a local configuration issue.
The welcome screen correctly identifies my account (name, email, organization, Max subscription), but every subsequent command fails with:
Please run /login · API Error: 401 {"type":"error","error":{"type":"authentication_error","message":"Invalid authentication credentials"},"request_id":"req_..."}
Environment
- Claude Code version: v2.1.107
- OS: Ubuntu 24 (multiple servers: Vultr Santiago, Contabo France/USA)
- Node.js: Latest LTS
- Subscription: Claude Max 20x (active, with plenty of usage available)
- Shell: Bash
- Connection: SSH (tested with MobaXterm, PuTTY, PowerShell SSH, VNC)
Steps to Reproduce
- Open SSH session to any server
- Run
claude - Welcome screen shows correctly: "Welcome back [name]!", Max subscription, correct email and organization
- Type any command → 401 error
- Try
/login→ 401 error - Try
claude logout→ 401 error - Try
claude login→ 401 error - Delete
~/.claude/.credentials.jsonand retry → same result - Repeat on a completely different server → same result
Additional Context
- This is NOT a paste/terminal issue. The 401 error occurs before even reaching the token paste step — the OAuth token stored server-side appears to be rejected.
- The problem started suddenly today (April 14, 2026) after working fine this morning.
- I successfully completed the OAuth browser flow multiple times, but even after generating fresh tokens, the 401 persists.
- There were related Anthropic outages on April 13 (Claude.ai down, login affected 15:31–16:19 UTC) and April 14 (degraded admin API endpoints 09:24–15:21 UTC). The timing suggests the outage may have corrupted or invalidated existing OAuth tokens.
- No
ANTHROPIC_API_KEYenvironment variable is set — purely OAuth authentication via Max subscription. ~/.claude/directory contains noauth*or.credentials*files, suggesting Linux OAuth storage may not be persisting correctly.
Troubleshooting Already Attempted
- [x]
claude logout+claude login— returns 401 - [x]
rm -f ~/.claude/.credentials.json— no effect - [x]
rm -rf ~/.claude/auth*— no files found - [x]
npm update -g @anthropic-ai/claude-code— updated to latest v2.1.107, same issue - [x]
unset ANTHROPIC_API_KEY— confirmed no API key conflict - [x] Tested on 5+ different servers — same behavior on all
- [x] Tested with multiple SSH clients (MobaXterm, PuTTY, PowerShell, VNC) — same result
- [x] Cleared
libsecretkeyring — no effect - [x] Used
expectto automate token paste — token sent but still rejected
What Should Happen
After completing the OAuth flow, Claude Code should accept the new token and authenticate API requests normally. The /login command should never itself return a 401 — it should always allow re-authentication.
Related Issues
- #44092 — Identical symptoms (welcome screen correct, all commands 401)
- #44930 — OAuth token expired, no recovery path
- #33811 — OAuth token expired, login/logout/all commands fail with 401
- #33879 — Same 401 loop, marked as duplicate
What Should Happen?
[BUG] 401 Authentication Error — OAuth token rejected on all servers despite valid Max 20x subscription
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report
- [x] I am using the latest version of Claude Code
What's Wrong?
After working normally (including this morning), Claude Code suddenly started returning 401 authentication errors on every command, including /login, /logout, and claude login. This happens across all my servers (multiple VPS instances), ruling out a local configuration issue.
The welcome screen correctly identifies my account (name, email, organization, Max subscription), but every subsequent command fails with:
Please run /login · API Error: 401 {"type":"error","error":{"type":"authentication_error","message":"Invalid authentication credentials"},"request_id":"req_..."}
Environment
- Claude Code version: v2.1.107
- OS: Ubuntu 24 (multiple servers: Vultr Santiago, Contabo France/USA)
- Node.js: Latest LTS
- Subscription: Claude Max 20x (active, with plenty of usage available)
- Shell: Bash
- Connection: SSH (tested with MobaXterm, PuTTY, PowerShell SSH, VNC)
Steps to Reproduce
- Open SSH session to any server
- Run
claude - Welcome screen shows correctly: "Welcome back [name]!", Max subscription, correct email and organization
- Type any command → 401 error
- Try
/login→ 401 error - Try
claude logout→ 401 error - Try
claude login→ 401 error - Delete
~/.claude/.credentials.jsonand retry → same result - Repeat on a completely different server → same result
Additional Context
- This is NOT a paste/terminal issue. The 401 error occurs before even reaching the token paste step — the OAuth token stored server-side appears to be rejected.
- The problem started suddenly today (April 14, 2026) after working fine this morning.
- I successfully completed the OAuth browser flow multiple times, but even after generating fresh tokens, the 401 persists.
- There were related Anthropic outages on April 13 (Claude.ai down, login affected 15:31–16:19 UTC) and April 14 (degraded admin API endpoints 09:24–15:21 UTC). The timing suggests the outage may have corrupted or invalidated existing OAuth tokens.
- No
ANTHROPIC_API_KEYenvironment variable is set — purely OAuth authentication via Max subscription. ~/.claude/directory contains noauth*or.credentials*files, suggesting Linux OAuth storage may not be persisting correctly.
Troubleshooting Already Attempted
- [x]
claude logout+claude login— returns 401 - [x]
rm -f ~/.claude/.credentials.json— no effect - [x]
rm -rf ~/.claude/auth*— no files found - [x]
npm update -g @anthropic-ai/claude-code— updated to latest v2.1.107, same issue - [x]
unset ANTHROPIC_API_KEY— confirmed no API key conflict - [x] Tested on 5+ different servers — same behavior on all
- [x] Tested with multiple SSH clients (MobaXterm, PuTTY, PowerShell, VNC) — same result
- [x] Cleared
libsecretkeyring — no effect - [x] Used
expectto automate token paste — token sent but still rejected
What Should Happen
After completing the OAuth flow, Claude Code should accept the new token and authenticate API requests normally. The /login command should never itself return a 401 — it should always allow re-authentication.
Related Issues
- #44092 — Identical symptoms (welcome screen correct, all commands 401)
- #44930 — OAuth token expired, no recovery path
- #33811 — OAuth token expired, login/logout/all commands fail with 401
- #33879 — Same 401 loop, marked as duplicate
Error Messages/Logs
Steps to Reproduce
[BUG] 401 Authentication Error — OAuth token rejected on all servers despite valid Max 20x subscription
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report
- [x] I am using the latest version of Claude Code
What's Wrong?
After working normally (including this morning), Claude Code suddenly started returning 401 authentication errors on every command, including /login, /logout, and claude login. This happens across all my servers (multiple VPS instances), ruling out a local configuration issue.
The welcome screen correctly identifies my account (name, email, organization, Max subscription), but every subsequent command fails with:
Please run /login · API Error: 401 {"type":"error","error":{"type":"authentication_error","message":"Invalid authentication credentials"},"request_id":"req_..."}
Environment
- Claude Code version: v2.1.107
- OS: Ubuntu 24 (multiple servers: Vultr Santiago, Contabo France/USA)
- Node.js: Latest LTS
- Subscription: Claude Max 20x (active, with plenty of usage available)
- Shell: Bash
- Connection: SSH (tested with MobaXterm, PuTTY, PowerShell SSH, VNC)
Steps to Reproduce
- Open SSH session to any server
- Run
claude - Welcome screen shows correctly: "Welcome back [name]!", Max subscription, correct email and organization
- Type any command → 401 error
- Try
/login→ 401 error - Try
claude logout→ 401 error - Try
claude login→ 401 error - Delete
~/.claude/.credentials.jsonand retry → same result - Repeat on a completely different server → same result
Additional Context
- This is NOT a paste/terminal issue. The 401 error occurs before even reaching the token paste step — the OAuth token stored server-side appears to be rejected.
- The problem started suddenly today (April 14, 2026) after working fine this morning.
- I successfully completed the OAuth browser flow multiple times, but even after generating fresh tokens, the 401 persists.
- There were related Anthropic outages on April 13 (Claude.ai down, login affected 15:31–16:19 UTC) and April 14 (degraded admin API endpoints 09:24–15:21 UTC). The timing suggests the outage may have corrupted or invalidated existing OAuth tokens.
- No
ANTHROPIC_API_KEYenvironment variable is set — purely OAuth authentication via Max subscription. ~/.claude/directory contains noauth*or.credentials*files, suggesting Linux OAuth storage may not be persisting correctly.
Troubleshooting Already Attempted
- [x]
claude logout+claude login— returns 401 - [x]
rm -f ~/.claude/.credentials.json— no effect - [x]
rm -rf ~/.claude/auth*— no files found - [x]
npm update -g @anthropic-ai/claude-code— updated to latest v2.1.107, same issue - [x]
unset ANTHROPIC_API_KEY— confirmed no API key conflict - [x] Tested on 5+ different servers — same behavior on all
- [x] Tested with multiple SSH clients (MobaXterm, PuTTY, PowerShell, VNC) — same result
- [x] Cleared
libsecretkeyring — no effect - [x] Used
expectto automate token paste — token sent but still rejected
What Should Happen
After completing the OAuth flow, Claude Code should accept the new token and authenticate API requests normally. The /login command should never itself return a 401 — it should always allow re-authentication.
Related Issues
- #44092 — Identical symptoms (welcome screen correct, all commands 401)
- #44930 — OAuth token expired, no recovery path
- #33811 — OAuth token expired, login/logout/all commands fail with 401
- #33879 — Same 401 loop, marked as duplicate
Claude Model
Not sure / Multiple models
Is this a regression?
I don't know
Last Working Version
_No response_
Claude Code Version
Claude Code v2.1.107
Platform
Anthropic API
Operating System
Ubuntu/Debian Linux
Terminal/Shell
PowerShell
Additional Information
_No response_
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗