Claude Code’s OAuth Login Bug on macOS, and How I Got Around It

I ran claude auth login on macOS and hit a wall. Not a permissions issue, not expired credentials. The OAuth flow itself was broken for Max subscribers.

When you run the login command, Claude Code generates an OAuth URL pointing to platform.claude.com. If you are on a Max or Pro plan (not API), there is a banner that says “Have a Pro or Max plan? Login with your chat account instead” and redirects you to claude.ai. During that redirect, the redirect_uri parameter gets mangled. It goes from:

https://platform.claude.com/oauth/code/callback

to:

https:/platform.claude.com/oauth/code/callback

One missing slash. Authorization fails with:

Redirect URI https:/platform.claude.com/oauth/code/callback is not supported by client.

Digging Into the URL

The OAuth URL that claude auth login generates has a returnTo parameter with the actual authorization endpoint encoded inside it. I decoded that, pulled out the real claude.ai/oauth/authorize URL, and rebuilt it to bypass platform.claude.com entirely.

The key was swapping the redirect_uri to http://localhost:62426/callback, which is how CLI OAuth is supposed to work anyway. The CLI spins up a local server to catch the callback. There is no reason for it to bounce through the platform domain first.

Visited the rebuilt URL directly in the browser. Authorization succeeded first try. The redirect_uri stayed intact because there was no cross-domain redirect to break it.

What is Actually Broken

The bug is in the URL encoding during the platform.claude.com to claude.ai handoff. When the platform redirects to the chat login flow, it drops a slash from the redirect URI. I confirmed this across multiple fresh claude auth login runs. The code_challenge and state parameters changed each time (proving fresh attempts), but the mangled URI was consistent.

The workaround is straightforward: skip the middleman. Go directly to claude.ai/oauth/authorize with the correct parameters and a localhost callback URI. The platform redirect is unnecessary for CLI authentication.

If You Hit This

If you are a Max or Pro subscriber getting this error on macOS:

  1. Run claude auth login and copy the URL it gives you
  2. Decode the returnTo parameter (URL decode it, or ask any LLM to do it)
  3. Rebuild it as a direct claude.ai/oauth/authorize request with redirect_uri=http://localhost:<port>/callback
  4. Visit that URL in your browser while the CLI is waiting

Leave a Reply

Your email address will not be published. Required fields are marked *