[BUG] OAuth token is dropped and requirement is ignored after MCP initialization failure
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
Once the Claude Desktop/claude.ai client gets an error response from tools/list during a remote MCP server initialization, the client stays in a broken state. It "forgets" the authentication and keeps sending initialize requests without an Authorize header. Such requests receive a 401 error with a WWW-Authenticate OAuth link that is supposed to fix the state, but the client does not follow the link. After a couple of minutes, it just repeats the same behavior. As a result, such an MCP server remains in a "disconnected" state for the user until they go to the connector settings and re-connect manually.
What Should Happen?
https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization
MCP clients MUST be able to parse WWW-Authenticate headers and respond appropriately to HTTP 401 Unauthorized responses from the MCP server.
- The client should not drop a valid authentication token once a request returned an error
- When getting a 401 response to
initializerequest, it should follow the link provided inWWW-Authenticateresponse header.
Error Messages/Logs
Steps to Reproduce
- Connect to a remote MCP server behind OAuth, authenticate
- Make it throw an error on tools/list, reload the client
- Make tools/list work on the server again, reload the client
Claude Model
None
Is this a regression?
Yes, this worked in a previous version
Last Working Version
_No response_
Claude Code Version
Claude 0.13.37 (bfd4ed) 2025-09-24T22:18:50.000Z
Platform
Anthropic API
Operating System
macOS
Terminal/Shell
Terminal.app (macOS)
Additional Information
_No response_
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗