[BUG] Session rate-limit bucket stuck at 100% on OAuth token; survives /logout + /login; only fixed by deleting .credentials.json
What's wrong?
Claude Code CLI blocked all requests with You've hit your session limit · resets 4pm (Europe/Madrid) while actual account usage was far under the limit. The block applied to every model (including Haiku), yet the same account worked normally at the same time on claude.ai and in Claude Desktop's Code mode.
Key symptom: running /usage briefly rendered 100%, then refreshed to 0% — suggesting the enforcement path and the usage endpoint were reading different state. The enforcement appears to have been keyed to the CLI's OAuth token/session, whose server-side bucket was stuck at 100%, while account-level usage was genuinely low.
/logout followed by /login did not fix it — presumably because it refreshes the same token lineage, which inherits the stuck bucket.
Fix that worked
- Kill all
claudeprocesses - Delete
%USERPROFILE%\.claude\.credentials.json - Relaunch and complete a fresh OAuth login
Immediately unblocked after a fresh token grant. This workaround is not in the official troubleshooting docs.
Environment
- Claude Code v2.1.206, native install, Windows (PowerShell)
- Plan: Max 5x (
default_claude_max_5x),stripe_subscription, extra usage disabled at org level - No
ANTHROPIC_API_KEY/CLAUDE_CODE_OAUTH_TOKEN/ANTHROPIC_BASE_URLenv vars set (verified) - No
~/.claude/statsigdirectory present (GrowthBook flags in use) - Date/time of incident: 2026-07-10, ~afternoon (Europe/Madrid)
- Reset time shown: 4pm Europe/Madrid
Steps to reproduce (as observed)
- Use Claude Code CLI normally on a Max plan (heavy sessions, including Fable 5 usage in prior days)
- CLI begins returning
You've hit your session limiton every prompt, all models /usageflickers 100% → 0%; claude.ai usage page shows low usage; Desktop Code mode works on the same account/logout+/login— still blocked- Delete
.credentials.json, fresh login — unblocked
Expected behavior
- Rate-limit enforcement should be consistent with what
/usageand the account usage page report /logout+/loginshould be sufficient to clear any token-scoped stuck state- If a token-scoped bucket blocks requests,
/usageshould attribute it so users can diagnose
Related issues
#54750, #31367, #41084 (session shown exhausted despite low visible usage / reset not clearing / contradictory usage numbers)