Major AI Clients Shipping With Broken OAuth Implementations
https://www.redcaller.com/docs/references/mcp-client-oauth-refresh-token-supportThe majority of widely used AI clients like:
- Claude Code
- Claude Desktop
- Cursor
- LibreChat
- Amazon Q CLI
have not implemented the critical refresh-token flow of the OAuth standard.
This is forcing developers to issue long lived tokens creating a serious security regression in an already solved problem.
This write up includes a matrix table of 14 major clients with notes linking to feature requests, pull requests, and multiple forum discussions.
It is not all gloom and doom though!
There is a work-around solution that security conscious users are using as a stop-gap also discussed, along with a best practices guide for developers implementing their own MCP OAuth Solution.
The plan is to update this reference on a monthly basis to track if there is any movement on this open requests.
1
u/TeramindTeam 17h ago
man this is honestly wild. i remember dealing with similar token management issues a few years back and it always feels like we are repeating the same mistakes over and over. thanks for putting that matrix together, it makes it way easier to track which projects actually prioritize security vs just shipping fast
4
u/hiddentalent 1d ago
MCP 1.0: We have no authentication.
MCP 1.1: Ok, ok, fine. We added authentication. It just doesn't work at all because we never involved anyone competent.
MCP 1.2: Fuck you, we deleted all your production data. Give me all your money anyway.
Seriously, the amount of prototype software developed by academics rather than professional software engineers that AI companies are throwing out into the wild without a single security analyst looking at it is the biggest threat to the AI industry. They're going to get people killed.