Remote OpenClaw Blog
Fix Claude Code OAuth Error 500: Causes and Solutions
5 min read ·
Claude Code OAuth error 500 occurs when the authentication handshake between your browser and the CLI fails during login. The most common fixes are updating Claude Code, clearing the cache at ~/.claude/cache, and starting a new conversation session.
What Causes OAuth Error 500
OAuth error 500 in Claude Code is a server-side authentication failure that occurs during the browser-to-CLI login redirect. Unlike a 401 (bad credentials) or 403 (forbidden) error, a 500 means the authentication server itself encountered an internal problem while processing your login request.
According to GitHub issue #20091, the most frequently reported causes include:
- Server-side issues at Anthropic during high-traffic periods
- Expired or corrupted OAuth tokens stored in the local cache
- OAuth callback timeout — the browser redirect takes too long and the CLI stops listening
- Browser extensions (especially privacy-focused ones) blocking the OAuth redirect URL
- Stale CLI sessions that hold outdated authentication state
The error is typically intermittent. If it happens once, retrying after a brief wait often resolves it. Persistent errors usually point to a cache corruption or version mismatch issue.
Error Messages You Might See
Claude Code displays several variations of the OAuth 500 error depending on where in the flow the failure occurs.
| Error Message | Likely Cause | First Step |
|---|---|---|
OAuth error 500: Internal Server Error | Anthropic server issue | Check status.claude.com |
Authentication failed: 500 | Cache corruption | Clear ~/.claude/cache |
Login timed out | Browser redirect blocked | Disable extensions, retry |
Failed to exchange auth code | OAuth callback failure | Update Claude Code |
As documented in GitHub issue #44266, the error message text can vary between Claude Code versions. The fixes below apply regardless of the exact wording.
Fix 1: Update Claude Code
Outdated versions of Claude Code are the most common cause of persistent OAuth errors. Anthropic frequently patches the authentication flow, and older versions may use deprecated OAuth endpoints that return 500 errors.
To update, run:
npm update -g @anthropic-ai/claude-codeAfter updating, close all terminal sessions and open a fresh one before attempting to log in again. The update replaces the OAuth client library and cached endpoint URLs that may be causing the failure.
For a complete walkthrough of Claude Code setup and configuration, see our Claude Code guide.
Marketplace
Free skills and AI personas for OpenClaw — browse the marketplace.
Browse the Marketplace →Fix 2: Clear Cache and Reset Session
Corrupted cache tokens are the second most common cause of OAuth 500 errors. Claude Code stores authentication tokens and session data in ~/.claude/cache. When these files become corrupted or reference expired tokens, the OAuth flow fails.
To clear the cache and reset:
rm -rf ~/.claude/cache
claude --reset-sessionThis removes all cached authentication data and forces Claude Code to start a fresh OAuth flow. You will need to log in again through your browser after running these commands.
If you are running Claude Code in an SSH or headless environment where browser-based OAuth is not available, consider using an API key directly instead of OAuth. Set the ANTHROPIC_API_KEY environment variable to bypass the browser login flow entirely.
Fix 3: Check Status and Use Alternatives
When the OAuth error is caused by an Anthropic server-side incident, no local fix will resolve it. Check status.claude.com for active incidents affecting the authentication service.
If the status page shows an active incident, your options are:
- Wait for the incident to be resolved (typically 15-60 minutes for authentication issues)
- Switch to API key authentication by setting
ANTHROPIC_API_KEYin your environment, which bypasses OAuth entirely - Use the Claude Dispatch approach to queue tasks and run them when the service recovers
For teams that cannot tolerate authentication downtime, using API keys as the primary authentication method avoids the OAuth flow entirely. This is especially relevant for CI/CD pipelines and automated workflows where browser-based login is impractical.
Limitations and Tradeoffs
Clearing the cache (rm -rf ~/.claude/cache) removes all stored session data, which means you lose any conversation history stored locally. If preserving conversation history is important, try the update and new session fixes first before clearing the cache.
Using API keys instead of OAuth trades convenience for reliability. API keys do not expire during a session, but they require manual rotation and carry security risks if exposed. Never commit API keys to version control or share them in chat.
Some OAuth 500 errors are caused by corporate firewalls or VPNs that interfere with the browser redirect. If you are on a corporate network, try connecting without the VPN to determine whether network-level blocking is the root cause.
Related Guides
Frequently Asked Questions
Why does Claude Code show OAuth error 500?
Claude Code shows OAuth error 500 when the authentication handshake between your browser and the CLI fails. Common causes include server-side issues at Anthropic, expired or corrupted cache tokens, OAuth callback timeouts, and browser extension interference with the redirect flow.
How do I fix Claude Code authentication?
Start by updating Claude Code to the latest version with npm update -g @anthropic-ai/claude-code. If the error persists, clear your cache with rm -rf ~/.claude/cache and start a new CLI session. Check status.claude.com for ongoing incidents. As a last resort, use an API key directly instead of OAuth.
Is Claude Code OAuth error a server issue?
Sometimes. OAuth error 500 can be caused by server-side problems at Anthropic. Check status.claude.com to see if there is an active incident. If the status page shows all systems operational, the issue is likely on your local machine — try clearing cache and restarting.