Rename "Clear authentication" to "Logout" for OAuth-authenticated MCP servers in /mcp

Open 💬 0 comments Opened Jul 10, 2026 by wbraynen

Feature request

In the /mcp menu, the action that deletes stored credentials for a server is labeled "Clear authentication".

For MCP servers authenticated via the standard OAuth flow (discovery, dynamic client registration, authorization code + PKCE, rotating refresh tokens), this action is semantically a logout: it ends an identity session by discarding the access and refresh tokens, and the next connection requires a fresh browser authorization. "Clear authentication" reads like flushing a cache rather than ending a session, and users looking for a way to "logout" of a server may not recognize it.

Suggestion: label the action "Logout" (one word) for OAuth-authenticated servers, or add it alongside the generic label. For servers using static bearer tokens or API keys, where no session exists, keeping "Clear authentication" makes sense.

Context: hit this while connecting Claude Code to a self-hosted OAuth-gated MCP server (Cloudflare Access in front of the authorize endpoint, RFC 7591 dynamic registration, PKCE, rotating refresh tokens). On shared machines, the identity bound at authorization time matters, and a clearly named "Logout" is the action users reach for when switching identities.

🤖 Generated with Claude Code

View original on GitHub ↗