Cannot connect Asana MCP to Claude Code CLI — OAuth redirect_uri rejected

English Forum Developers & API
1

I’m trying to connect Asana’s MCP server (https//mcp.asana.com/v2/mcp) to Claude Code (Anthropic’s CLI tool for developers). The same Asana MCP connector works perfectly in Claude Desktop App, but fails in the CLI version.

The problem:

Claude Code CLI uses a local HTTP server for the OAuth callback (e.g. http//localhost:40128/callback). When the OAuth flow redirects to this URL, Asana rejects it with:

▎ invalid_request: The redirect_uri parameter does not match a valid url for the application.

This happens because Asana’s OAuth only accepts:

  • HTTPS URLs for web applications
  • urn:ietf:wg:oauth:2.0:oob for native/CLI applications

Asana does not allow http//localhost redirect URIs, which is the standard loopback redirect method for native apps per RFC 8252 - OAuth 2.0 for Native Apps .

What I’ve tried:

  1. Direct connection (type: “http” in .mcp.json) — fails with “Incompatible auth server: does not support dynamic client registration”
  2. Registered OAuth app in Asana Developer Console with http//localhost:40128/callback as redirect URI — Asana rejects the redirect_uri during authorization
  3. Using urn:ietf:wg:oauth:2.0:oob — the auth code is displayed in the browser, but Claude Code’s local server expects a callback and can’t receive it
  4. mcp-remote proxy (npx mcp-remote https//mcp.asana.com/v2/mcp) — same localhost redirect issue

Why it works in Claude Desktop but not Claude Code:

Claude Desktop uses a server-side OAuth flow with Anthropic’s pre-registered redirect URI (hosted by Anthropic). Claude Code CLI runs locally and needs a loopback redirect, which Asana blocks.

Environment:

  • Windows 11
  • Claude Code CLI (latest)
  • Claude Desktop App (latest) — Asana connector works here

Request:

Could Asana please support http//localhost (loopback) redirect URIs for OAuth apps? This is the standard method for native/desktop OAuth clients per RFC 8252 and is supported by most OAuth providers (Google, GitHub, Microsoft, etc.). Without it, developer CLI tools like Claude Code, Cursor, and similar cannot authenticate with Asana’s MCP server.

Alternatively, if there’s a way to use a Personal Access Token with the Asana MCP server instead of OAuth, that would also solve the problem for CLI use cases.

Remark: I removed the colon from https: because new are only allowed to post two links.

Cheers
Kai

2

Hey @Kai_Mysliwiec , thanks for the super clear write up, and welcome to the community!

You are right about today’s behavior. Asana OAuth apps accept https redirect URIs for web apps and urn:ietf:wg:oauth:2.0:oob for native apps. http localhost redirect URIs are not supported right now. That explains why Claude Desktop works and the CLI does not.

A couple ideas you can try today:

  1. If Anthropic can add an out of band fallback in the CLI, that would let you paste the auth code and complete the flow. You already tested OOB, but since the CLI expects a callback, this likely needs a change on their side.

  2. If you control a small https redirect helper on a domain you own, you could register that as the redirect URI, complete the code exchange server side, then hand the tokens to your local client securely. I know this is not ideal for quick CLI auth, but it can unblock development.

Please also add it to Product Feedback so others can upvote and we can track it publicly: https://forum.asana.com/c/forum-en/product-feedback/20

Using a Personal Access Token with the Asana MCP server. I am not aware of a supported way to use a PAT with the MCP server today. If that changes we will share an update in the Forum.

If you want us to take a closer look at your specific app setup, feel free to reach out to Support and include a link to your post, your app id, the exact redirect_uri you used, and an approximate timestamp for a failed attempt so we can check logs: https://help.asana.com/s/article/how-do-i-get-support-from-asana?language=en_US

Appreciate you raising this and calling out RFC 8252. I will also pass it along internally.

3

Thank you very much. I just created the product feedback

4

@Kai_Mysliwiec , could you please check if the exact redirect_uri param sent by Claude Code (including the port) fully matches the one registered in your Asana OAuth app?

I suspect it’s a port mismatch. Claude’s official MCP app instance does whitelist a few http://localhost uris but with different ports than 40128.

As a possible workaround, add the Asana connector via claude.ai/settings/connectors first (using Anthropic’s server-side OAuth). Once connected there, it should also automatically appear in Claude Code CLI (make sure ENABLE_CLAUDEAI_MCP_SERVERS is not disabled).

This appears to be currently the easiest way for many users. Anthropic suggests this approach here.

5

@Mikhail_Melikhov, The terminal version of Claude Code (TUI) launches a local server with a random port. That is the default behaviour for ephemeral webservices and I can’t configure it within Claude. I would need something like placeholder (*) for the port number.

Claude Desktop uses a webhook on an Anthropic server which forwards the data to Claud Desktop. For some reason I don’t know this is not available on the TUI version. That is the reason the Anthropc web site is referring to it.