MCP OAuth - Claude Code
Pre-configured or dynamic OAuth for remote MCP servers.
MCP OAuth handles authentication for remote MCP servers without making you paste tokens by hand. Connect, authorize, and move on.
What it does
When you add a remote MCP server that supports OAuth, Claude Code walks you through the authorization flow in your browser. Tokens land in the secure credential store and get refreshed automatically. You can pre-configure credentials for shared MCP servers or let each user authenticate dynamically.
When to use it
- Remote MCP servers that manage user data (Gmail, calendar, CRM).
- Team deployments where individual auth is required.
- Any MCP server where a static API key isn't appropriate.
- Self-hosted MCP services that already speak OAuth.
Gotchas
- Not every MCP server supports OAuth. Static tokens are the fallback.
- Expired tokens fail silently until Claude retries the flow. Watch for "unauthorized" errors.
- Different MCP servers have different scopes. Grant the narrowest scope that works.
Official docs: https://code.claude.com/docs/en/mcp.md#authenticate-with-remote-mcp-servers
Technical content at the intersection of AI and development. Building with AI agents, Claude Code, and modern dev tools - then showing you exactly how it works.
Get the weekly deep dive
Tutorials on Claude Code, AI agents, and dev tools - delivered free every week.
Was this helpful?
