Thanks for the report @Sanjesh_Malviya!
This is a known issue we’re tracking. When Cursor connects to a remote MCP server, it probes for OAuth discovery metadata (e.g. .well-known endpoints). If the server (or an API gateway/proxy in front of it) returns a non-JSON response to those probes (e.g., a standard HTML 404 page), Cursor’s JSON parser fails rather than handling it gracefully and continuing the connection.
This has been confirmed across a few related reports:
- Remote MCP with expired bearer token triggers misleading OAuth error
- MCP headers config ignored when server has OAuth discovery
- Cursor MCP client probes OAuth even when server signals OAuth unavailable
We’re tracking this internally and working on making the OAuth discovery probing more resilient!
Could you share your MCP configuration for this server (with any secrets redacted)? Specifically, are you using just a url, or do you also have a headers block with an Authorization header?