You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Explain OAuth client-registration failures during login (e.g. Figma 403) instead of leaking SDK JSON parse errors (#298)
`mcpc login` against a server that refuses Dynamic Client Registration
(e.g. Figma's remote MCP server, which returns a plain-text `403
Forbidden` for clients not on its allow-list) surfaced the SDK's raw
parse error (`HTTP 403: Invalid OAuth error response: SyntaxError: ...
Raw body: Forbidden`). Registration-phase failures are now rewritten
into actionable guidance pointing at `--client-id` /
`--client-metadata-url`.
- Registration phase is detected via the SDK's typed `OAuthError` plus a
`reachedAuthorization` flag; post-redirect errors pass through unchanged
- Allow-list wording only for 401/403 or OAuth-coded client rejections;
other registration failures (5xx outages, rejected metadata) are
reported honestly
- The server's underlying response stays visible in the message
(truncated), since `login` prints only `error.message`
Fixes#296, supersedes #297.
https://claude.ai/code/session_01AP2pmUcWvR8rNypXqNEqtk
---
_Generated by [Claude
Code](https://claude.ai/code/session_01AP2pmUcWvR8rNypXqNEqtk)_
Co-authored-by: Claude <noreply@anthropic.com>
Copy file name to clipboardExpand all lines: CHANGELOG.md
+4Lines changed: 4 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
7
7
8
8
## [Unreleased]
9
9
10
+
### Fixed
11
+
12
+
-`mcpc login` now explains OAuth client-registration failures with actionable guidance (use `--client-id` or `--client-metadata-url`) instead of surfacing a raw SDK JSON parse error. This affects servers that reject Dynamic Client Registration, such as Figma's remote MCP server, which only accepts an allow-list of approved clients.
0 commit comments