[BUG] issues #48806 and #44541 "OAuth token forbidden (403) — missing scope or org access"
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
Summary
After updating Claude Desktop to version 1.5354.0 on April 29, 2026, the Claude in Chrome bridge connection fails with OAuth token forbidden (403) - missing scope or org access. The Chrome extension works perfectly standalone in the browser, but Cowork sessions cannot connect to it.
What Should Happen?
Expected Behavior
Cowork session connects to the Chrome extension via the bridge and browser tools work normally (this was working before the update).
Error Messages/Logs
Actual Behavior
The bridge WebSocket connects to wss://bridge.claudeusercontent.com/chrome/ but is immediately rejected with HTTP 403.
Error from logs (%APPDATA%\Claude\logs\main.log):
[Claude in Chrome] Connecting to bridge: wss://bridge.claudeusercontent.com/chrome/a4d76241-7a8e-41ec-9197-2362ddedb96a
[Claude in Chrome] WebSocket connected, sending connect message
[warn] [Claude in Chrome] Bridge error: OAuth token forbidden (403) - missing scope or org access
[Claude in Chrome] Bridge connection closed (code: 1008, duration: 0ms)
Token scope details:
[oauth] looking up token for orgId=e8ac4c31-35a4-426c-a71e-ed845a4acc85,
cacheKey=89355bc3-cbfd-4382-905b-976645cad410:e8ac4c31-35a4-426c-a71e-ed845a4acc85:
https://api.anthropic.com:user:inference user:office
The token scopes are user:inference user:office. The Chrome bridge rejects this token.
What I've Already Tried (All Failed)
Reloading the Chrome extension (toggle off/on in chrome://extensions)
Restarting Chrome
Restarting Claude Desktop
Signing out and back into Claude Desktop (fresh OAuth token obtained, still 403)
Clearing Session Storage to force token refresh
Toggling Claude in Chrome connector off/on in Settings > Connectors
Full uninstall/reinstall of Claude Desktop
Steps to Reproduce
Bug Report: Claude in Chrome Bridge Failure in Cowork Mode After Desktop Update
Summary
After updating Claude Desktop to version 1.5354.0 on April 29, 2026, the Claude in Chrome bridge connection fails with OAuth token forbidden (403) - missing scope or org access. The Chrome extension works perfectly standalone in the browser, but Cowork sessions cannot connect to it.
Environment
- Claude Desktop Version: 1.5354.0 (MSIX, installed April 29, 2026)
- OS: Windows 11 (10.0.26200), CoreSingleLanguage, x64
- Chrome Extension Version: 1.0.69 (Claude in Chrome Beta)
- Chrome Extension ID: fcoeoabgfenejglbffodgkkbkcdhcgfn
- Plan: Pro ($21/month, active, last invoice April 23, 2026)
- Account Email: rafatawad81@gmail.com
Steps to Reproduce
- Update Claude Desktop to version 1.5354.0
- Open Chrome with Claude in Chrome extension installed and signed in
- Open a Cowork session
- Attempt any browser tool (e.g.,
tabs_context_mcp) - Connection fails with "Claude in Chrome is not connected"
Expected Behavior
Cowork session connects to the Chrome extension via the bridge and browser tools work normally (this was working before the update).
Actual Behavior
The bridge WebSocket connects to wss://bridge.claudeusercontent.com/chrome/ but is immediately rejected with HTTP 403.
Error from logs (%APPDATA%\Claude\logs\main.log):
[Claude in Chrome] Connecting to bridge: wss://bridge.claudeusercontent.com/chrome/a4d76241-7a8e-41ec-9197-2362ddedb96a
[Claude in Chrome] WebSocket connected, sending connect message
[warn] [Claude in Chrome] Bridge error: OAuth token forbidden (403) - missing scope or org access
[Claude in Chrome] Bridge connection closed (code: 1008, duration: 0ms)
Token scope details:
[oauth] looking up token for orgId=e8ac4c31-35a4-426c-a71e-ed845a4acc85,
cacheKey=89355bc3-cbfd-4382-905b-976645cad410:e8ac4c31-35a4-426c-a71e-ed845a4acc85:
https://api.anthropic.com:user:inference user:office
The token scopes are user:inference user:office. The Chrome bridge rejects this token.
What I've Already Tried (All Failed)
- Reloading the Chrome extension (toggle off/on in chrome://extensions)
- Restarting Chrome
- Restarting Claude Desktop
- Signing out and back into Claude Desktop (fresh OAuth token obtained, still 403)
- Clearing Session Storage to force token refresh
- Toggling Claude in Chrome connector off/on in Settings > Connectors
- Full uninstall/reinstall of Claude Desktop
Key Diagnostic Finding
Even after a full sign-out/sign-in cycle, the NEW token still gets 403:
[oauth] no cached token found for orgId=e8ac4c31-35a4-426c-a71e-ed845a4acc85
[oauth] performing fresh oauth exchange for orgId=e8ac4c31-35a4-426c-a71e-ed845a4acc85
[oauth] obtained new token for orgId=e8ac4c31-35a4-426c-a71e-ed845a4acc85, caching
...
[warn] [Claude in Chrome] Bridge error: OAuth token forbidden (403) - missing scope or org access
This confirms the issue is server-side, not a cached token problem.
Configuration Verified Correct
- Claude in Chrome connector: Enabled (Settings > Connectors)
- Allow all browser actions: ON (Settings > General)
- Computer use: Enabled
- Chrome Native Messaging Host: Registered (
com.anthropic.claude_browser_extensionin HKCU registry) - Native host executable exists:
%APPDATA%\Claude\ChromeNativeHost\chrome-native-host.exe - Extension ID in allowed_origins: Yes (
fcoeoabgfenejglbffodgkkbkcdhcgfn)
Related GitHub Issues
- #48806 - Claude in Chrome + Control Chrome Failures in Cowork Mode
- #44541 - Chrome Connection not possible with Cowork
- #41034 - Claude in Chrome - all sites blocked in Cowork mode (was working previously)
Request
Please investigate the server-side bridge authentication at bridge.claudeusercontent.com for this account. The OAuth token exchange works but the bridge rejects the token with 403, suggesting a missing scope that the desktop app should be requesting but isn't, or a server-side permission that needs to be granted for this account.
Claude Model
Not sure / Multiple models
Is this a regression?
Yes, this worked in a previous version
Last Working Version
_No response_
Claude Code Version
Claude Desktop Version: 1.5354.0 (MSIX, installed April 29, 2026)
Platform
Anthropic API
Operating System
Windows
Terminal/Shell
Windows Terminal
Additional Information
Bug Report: Claude in Chrome Bridge Failure in Cowork Mode After Desktop Update
Summary
After updating Claude Desktop to version 1.5354.0 on April 29, 2026, the Claude in Chrome bridge connection fails with OAuth token forbidden (403) - missing scope or org access. The Chrome extension works perfectly standalone in the browser, but Cowork sessions cannot connect to it.
Environment
- Claude Desktop Version: 1.5354.0 (MSIX, installed April 29, 2026)
- OS: Windows 11 (10.0.26200), CoreSingleLanguage, x64
- Chrome Extension Version: 1.0.69 (Claude in Chrome Beta)
- Chrome Extension ID: fcoeoabgfenejglbffodgkkbkcdhcgfn
- Plan: Pro ($21/month, active, last invoice April 23, 2026)
- Account Email: rafatawad81@gmail.com
Steps to Reproduce
- Update Claude Desktop to version 1.5354.0
- Open Chrome with Claude in Chrome extension installed and signed in
- Open a Cowork session
- Attempt any browser tool (e.g.,
tabs_context_mcp) - Connection fails with "Claude in Chrome is not connected"
Expected Behavior
Cowork session connects to the Chrome extension via the bridge and browser tools work normally (this was working before the update).
Actual Behavior
The bridge WebSocket connects to wss://bridge.claudeusercontent.com/chrome/ but is immediately rejected with HTTP 403.
Error from logs (%APPDATA%\Claude\logs\main.log):
[Claude in Chrome] Connecting to bridge: wss://bridge.claudeusercontent.com/chrome/a4d76241-7a8e-41ec-9197-2362ddedb96a
[Claude in Chrome] WebSocket connected, sending connect message
[warn] [Claude in Chrome] Bridge error: OAuth token forbidden (403) - missing scope or org access
[Claude in Chrome] Bridge connection closed (code: 1008, duration: 0ms)
Token scope details:
[oauth] looking up token for orgId=e8ac4c31-35a4-426c-a71e-ed845a4acc85,
cacheKey=89355bc3-cbfd-4382-905b-976645cad410:e8ac4c31-35a4-426c-a71e-ed845a4acc85:
https://api.anthropic.com:user:inference user:office
The token scopes are user:inference user:office. The Chrome bridge rejects this token.
What I've Already Tried (All Failed)
- Reloading the Chrome extension (toggle off/on in chrome://extensions)
- Restarting Chrome
- Restarting Claude Desktop
- Signing out and back into Claude Desktop (fresh OAuth token obtained, still 403)
- Clearing Session Storage to force token refresh
- Toggling Claude in Chrome connector off/on in Settings > Connectors
- Full uninstall/reinstall of Claude Desktop
Key Diagnostic Finding
Even after a full sign-out/sign-in cycle, the NEW token still gets 403:
[oauth] no cached token found for orgId=e8ac4c31-35a4-426c-a71e-ed845a4acc85
[oauth] performing fresh oauth exchange for orgId=e8ac4c31-35a4-426c-a71e-ed845a4acc85
[oauth] obtained new token for orgId=e8ac4c31-35a4-426c-a71e-ed845a4acc85, caching
...
[warn] [Claude in Chrome] Bridge error: OAuth token forbidden (403) - missing scope or org access
This confirms the issue is server-side, not a cached token problem.
Configuration Verified Correct
- Claude in Chrome connector: Enabled (Settings > Connectors)
- Allow all browser actions: ON (Settings > General)
- Computer use: Enabled
- Chrome Native Messaging Host: Registered (
com.anthropic.claude_browser_extensionin HKCU registry) - Native host executable exists:
%APPDATA%\Claude\ChromeNativeHost\chrome-native-host.exe - Extension ID in allowed_origins: Yes (
fcoeoabgfenejglbffodgkkbkcdhcgfn)
Related GitHub Issues
- #48806 - Claude in Chrome + Control Chrome Failures in Cowork Mode
- #44541 - Chrome Connection not possible with Cowork
- #41034 - Claude in Chrome - all sites blocked in Cowork mode (was working previously)
Request
Please investigate the server-side bridge authentication at bridge.claudeusercontent.com for this account. The OAuth token exchange works but the bridge rejects the token with 403, suggesting a missing scope that the desktop app should be requesting but isn't, or a server-side permission that needs to be granted for this account.
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗