[BUG] Claude in Chrome extension auth loop — re-authenticates every ~30s (PermissionManager-BqJmxUlR.js / mcpPermissions-X6RKG-4F.js)
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code / Claude in Chrome
What's Wrong?
Claude in Chrome extension is stuck in a continuous auth/permission loop. Every ~30 seconds the extension re-authenticates and reconnects its websocket, generating constant background traffic from PermissionManager and mcpPermissions modules, even when the extension is idle and no tools are being invoked.
DevTools Network panel (with the extension's side panel open) shows a repeating pattern every ~30s:
GET /profile→ 200 (fetch, ~0.6 kB) — initiated byPermissionManager-BqJmxUlR.js:3GET /batch→ 200 (fetch, ~0.2 kB) — initiated byPermissionManager-BqJmxUlR.js:3GET /token→ 200 (fetch, ~0.9 kB) — initiated byPermissionManager-BqJmxUlR.js:3- WebSocket reconnect to
ff2f45b4-578a-47b0-ad80-4e79f67c1b95→ 101 — initiated bymcpPermissions-X6RKG-4F.js:1
Observed: 39 requests / 105 kB transferred / 245 kB resources within ~110 seconds of idle.
The loop reproduces:
- Across browsers (Chrome, Edge)
- Across networks (home WiFi, mobile hotspot)
- Across machines (different physical computers)
- In a fresh Chrome profile
- After clearing all cookies for
claude.aiandclaudeusercontent.com - After reinstalling the extension
- After signing out all devices and back in
Isolation testing confirms claude.ai web auth itself is healthy (no loop on web). The loop is specific to the extension's auth token issuance flow.
Steps to Reproduce
- Sign in to
claude.aion a Max plan account - Install Claude in Chrome extension and connect
- Open the side panel
- Open DevTools → Network tab on the extension's panel
- Leave it idle and observe the repeating profile / batch / token / websocket pattern every ~30s
Environment
- Plan: Max
- Started: May 8, 2026
- Browsers tested: Chrome (latest), Edge (latest)
- OS: Windows
- Extension files (hashed builds):
PermissionManager-BqJmxUlR.js,mcpPermissions-X6RKG-4F.js - Web claude.ai: works normally, no loop
- Cowork was used the night before the issue started — possibly relevant to extension token state
What I Investigated
The PermissionManager-*.js and mcpPermissions-*.js modules have a recurring history of permission-state bugs across builds:
- #21772 —
mcpPermissions-D8RnuVb0.js(extension fails to connect) - #30356 —
PermissionManager-Dh53JkTm.js+mcpPermissions-D-cKe6e4.js(permissionMode read from bridge message instead of persistent storage; PermissionManager not instantiated when mode is"ask") - #50157 —
mcpPermissions-D7Rkh1yL.js(navigation blocked despite allow setting) - #51273 — navigate tool blocked since v2.1.111
The build hashes I'm seeing (BqJmxUlR, X6RKG-4F) are newer than any of the above, suggesting this may be a regression in the latest extension/web build.
Given the symptom (token re-issuance every 30s with no user action) and the file involved (PermissionManager), the likely root cause is a token-lifetime / refresh-storage mismatch where the extension's auth state is treated as expired immediately after issuance — possibly related to the same persistent-storage bug pattern documented in #30356, but on the auth path instead of the permission path.
Expected Behavior
Extension auth token should persist for its full lifetime; PermissionManager should not re-issue credentials and reconnect the websocket on a 30-second interval while idle.
Actual Behavior
Continuous re-authentication and websocket reconnect every ~30 seconds, generating constant background traffic and (per support testing) blocking the paid Claude in Chrome use case.
Support Reference
A support ticket has been opened from account wasinngansathil1212@gmail.com with full troubleshooting history. Filing here additionally because the file-hash pattern points at a code-level regression rather than per-account state.
Thanks.
This issue has 6 comments on GitHub. Read the full discussion on GitHub ↗