You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have verified that this discussion would not be more appropriate as an issue in a specific repository
I have searched existing discussions to avoid duplicates
I was told to submit here by Claude support
"Our Engineering team has recommended submitting requests to our MCP GitHub Discussions. This allows them to track and provide updates for users to follow"
Discussion Topic
Description
The Claude API that is used when connecting an MCP server to Claude.ai returns an incorrect response when a user denies an authorization request. According to the OAuth 2.1 IETF DRAFT spec which is cited in the MCP authorization standards compliance section the MCP server should:
"If the resource owner denies the access request or if the request fails for reasons other than a missing or invalid redirect URI, the authorization server informs the client by adding the following parameters to the query component of the redirect URI as described by Appendix C.1:"
Actual Result
When you follow the spec and return the user to https://claude.ai/api/mcp/auth_callback?error=access_denied&state=TO2EUix-ggi9f0YV0rbTDHvZWUZrmHymhRB0YXpCdC8 the Claude API errors out saying it is looking for an access code:
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Model Context Protocol
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Pre-submission Checklist
I was told to submit here by Claude support
"Our Engineering team has recommended submitting requests to our MCP GitHub Discussions. This allows them to track and provide updates for users to follow"
Discussion Topic
Description
The Claude API that is used when connecting an MCP server to Claude.ai returns an incorrect response when a user denies an authorization request. According to the OAuth 2.1 IETF DRAFT spec which is cited in the MCP authorization standards compliance section the MCP server should:
"If the resource owner denies the access request or if the request fails for reasons other than a missing or invalid redirect URI, the authorization server informs the client by adding the following parameters to the query component of the redirect URI as described by Appendix C.1:"
Actual Result
When you follow the spec and return the user to
https://claude.ai/api/mcp/auth_callback?error=access_denied&state=TO2EUix-ggi9f0YV0rbTDHvZWUZrmHymhRB0YXpCdC8the Claude API errors out saying it is looking for an access code:{ "type": "error", "error": { "type": "invalid_request_error", "message": "code: Field required" }, "request_id": "req_011CTQ83NsafsTNNdTRXS5uz" }Expected Result
The Claude client shows an error to the user saying that the user denied access.
Beta Was this translation helpful? Give feedback.
All reactions