#Anthropic OAuth 403 error

1 messages · Page 1 of 1 (latest)

vast fern
#

After getting errors about “rate limit”, I found out using the “models” command, that there is an error with the oauth, I’m seeing this rrror message for anthropic oauth/token: error: HTTP 403: OAuth token does not meet scope requirement user:profile

steel dirgeBOT
# vast fern After getting errors about “rate limit”, I found out using the “models” command,...

This OAuth 403 error typically means your Anthropic token is missing the required user:profile scope.

To fix this:

  1. Go to your Anthropic Console
  2. Navigate to API Keys or OAuth Applications
  3. Check your OAuth app settings and ensure the user:profile scope is enabled
  4. Generate a new access token with the correct scopes
  5. Update your Clawdbot config with the new token

In your clawdbot.json, make sure the Anthropic provider config has a valid token with proper scopes:

{
  "anthropic": {
    "apiKey": "your-new-token-here"
# 
  }
}

If you set this up through OAuth flow (not a manual API key), you may need to re-authenticate to get a token with all required scopes.

Let me know if that resolves it! 🦐

vast fern
#

I used the OAuth method and not API Key, to use my subscription. How can I grant this OAuth the user:profile scope?

steel dirgeBOT
# vast fern I used the OAuth method and not API Key, to use my subscription. How can I grant...

The user:profile scope is typically required for OAuth flows that need to verify subscription access. A few questions to help diagnose:

  1. What type of Anthropic account/subscription do you have? (Free, Pro, Team, Enterprise?)

  2. What OAuth flow are you using? Are you setting this up through:

    • Clawdbot's built-in OAuth flow (clawdbot configure anthropic)?
    • A custom OAuth application you registered with Anthropic?

The issue: Standard OAuth for Anthropic API access is designed for applications acting on behalf of users, not for personal subscription access. For personal subscriptions, direct API keys from console.anthropic.com are the standard approach.

Quick solution: Instead of OAuth, try:

  1. Go to console.anthropic.com
  2. Create a new API Key
  3. Use that directly in your Clawdbot config under anthropic.apiKey

If you must use OAuth (e.g., for Team/Enterprise), you may need to register an OAuth application through Anthropic's developer portal and ensure it requests the correct scopes.

#

What's your setup? 🦐

vast fern
#
  1. Pro plan
  2. Yes, the anthropic configure
    I don’t want to use the API Key because I would need to add budget instead of using my subscription
steel dirgeBOT
# vast fern 1. Pro plan 2. Yes, the anthropic configure I don’t want to use the API Key bec...

Based on my investigation of the code, here's what's happening:

The Issue: claude setup-token creates an OAuth token that works for inference but may not include the user:profile scope required for the usage API endpoint.

Good news: Clawdbot already has a fallback mechanism! If you set either of these environment variables, it will use your Claude.ai web session instead:

  1. Option A - Session Key (preferred):

    export CLAUDE_AI_SESSION_KEY="sk-ant-web-..."

    Get this from your browser cookies on claude.ai (look for sessionKey)

  2. Option B - Full Cookie:

    export CLAUDE_WEB_COOKIE="cookie: sessionKey=sk-ant-web-..."