Hey, thanks for the report. This looks like an issue with the OAuth flow for Streamable HTTP servers on localhost. The logs show Cursor is trying to use OAuth (“Using OAuth scopes: mcp:connect”), but it fails on the POST request.
This is a known issue with HTTP-based MCP servers. Cursor doesn’t always open the browser correctly for OAuth auth. A similar case is described here: OAuth Browser Redirect Not Triggered for HTTP-based MCP Servers
To debug, I’ll need a bit more info:
- Can you share the full MCP logs? View > Output > select “MCP user-{your-server-name}” from the dropdown
- Do you see any errors in Developer Tools? Help > Toggle Developer Tools > Console tab
- What’s your config in
mcp.json? (feel free to mask sensitive data) - Does your localhost server require OAuth, or does it use simple header-based auth?
For now, try this workaround. If your server supports SSE transport instead of Streamable HTTP, or if you can pass auth via headers in mcp.json, it may help bypass the OAuth flow:
{
"mcpServers": {
"your-server": {
"url": "http://localhost:3000/mcp",
"headers": {
"Authorization": "Bearer your-token"
}
}
}
}