Why does Claude Code say 'installation failed' but then 'installation complete'?

This contradictory message almost always means a stale lock file exists from a previous interrupted install. The installer aborts due to the lock but then partially completes a different step, giving you two contradictory status messages. Remove the lock file at ~/.local/state/claude/locks/ and reinstall.

I get claude: command not found even after a successful install. What's wrong?

Your terminal session hasn't loaded the updated PATH that the installer added to your shell config. Open a new terminal window, or run source ~/.zshrc (or ~/.bashrc on Linux). If that doesn't work, confirm that npm's global bin directory is actually in your PATH.

Do I need sudo to install Claude Code?

No — and using sudo will likely cause more problems. Set your npm global directory to a user-owned path with npm config set prefix ~/.npm-global, add that to your PATH, and then install without sudo.

Claude Code installation fails with a TLS/SSL error. How do I fix it?

This happens in corporate environments that use SSL inspection. Export your company's CA certificate path: export NODE_EXTRA_CA_CERTS=/path/to/ca.pem. Your IT team can provide the certificate file.

The Claude Code installer just hangs and never completes. What's happening?

A hanging installer almost always means a network block. The installer downloads from storage.googleapis.com. Set your proxy with export HTTPS_PROXY=http://your-proxy:port and retry, or ask IT to whitelist that domain.

I'm on Windows. Should I use npm or the curl installer?

Use PowerShell with npm install -g @anthropic-ai/claude-code. Don't use Git Bash; it lacks TTY support and will cause raw mode errors. If you're in WSL, use the curl installer within your Linux environment.

How do I know if Claude Code installed correctly?

Run claude --version to confirm the binary is accessible, then run claude doctor for a full diagnostic report. Both should return clean results with no errors before you start using the tool in a real project.

Claude Code Session Expired Fix: Login & Auth Errors (2026)

Q: Why does Claude Code keep saying the session expired?

This happens when your authentication token becomes invalid, expired, or corrupted. It can also be caused by macOS keychain locks, VPN interference, or OAuth callback timeouts.

Q: How do I reconnect Claude Code?

The fastest way to reconnect is to sign out, clear your cached credentials using 'rm -rf ~/.claude/cache', and then complete the full login flow again.

Q: What is an OAuth callback timeout?

It occurs when the browser takes longer than 60 seconds to pass the authentication token back to the CLI, often due to too many open tabs or a slow network connection.

June 1, 2026 by

aliakram

🔑 Quick Answer: What Is the Claude Code Session Expired Error?

When you see a "session expired" error, your authentication token is no longer valid. Claude Code uses a

browser-based OAuth flow — when that token expires or becomes corrupted, requests are rejected.

Fastest fix: Sign out → Clear cached credentials → Authenticate again.

Most common causes: expired tokens, network interruptions, account changes, corrupted local auth data,

macOS keychain issues, or OAuth callback timeouts.

1. What Is the Claude Code Session Expired Error?

The Claude Code session expired error appears when Claude Code can no longer verify your login session with Anthropic's authentication system. Claude Code uses a browser-based OAuth flow: the CLI opens a browser window, you authenticate, and the browser redirects a token back to the CLI. When that token expires, becomes corrupted, or the OAuth callback fails, you lose access entirely.

When this happens, Claude Code loses the ability to:

Send requests to Anthropic's API
Authenticate your account and validate permissions
Access Claude services and sync subscriptions
Generate code or use AI features in VS Code
Connect through the CLI

📌 Official Source — Anthropic Support

According to Anthropic's official troubleshooting documentation, login errors are most commonly

caused by VPN usage, browser extensions, or cached cookies. Their recommended first steps are:

disable your VPN, turn off browser extensions, and clear cache/cookies. Always check

status.claude.com to rule out a service-wide incident before troubleshooting locally.

2. Why Does This Error Happen? (All Root Causes)

Multiple factors can trigger a Claude Code session expired or login failed error. Understanding the root cause helps you apply the right fix faster.

2.1 OAuth Callback Timeout (Most Common)

Claude Code's authentication relies on a browser-based OAuth flow. The CLI opens a browser, you log in, and the browser sends a token back to the CLI — but only within a ~60-second window. Common failure points include:

Too many browser tabs slowing down the redirect
The browser not returning focus to the CLI in time
Slow network connections exceeding the callback timeout

Fix: Close extra browser tabs, retry the login, or use an API key to bypass OAuth entirely.

2.2 Expired Authentication Tokens

Most login systems use temporary access tokens with built-in expiry. When the token expires, Claude Code rejects all requests and prompts re-authentication. This is the most frequent cause of random logouts during active sessions.

2.3 Cached Credential Corruption

Stored authentication data in ~/.claude/cache or the macOS keychain can become corrupted after:

System crashes or forced shutdowns
Interrupted updates or disk write errors
SSH sessions where the macOS keychain was locked

Corrupted credentials create repeated login loops that won't resolve without clearing the cache.

2.4 macOS Keychain Issues (Platform-Specific)

Claude Code stores credentials in the macOS keychain by default. When the keychain is locked which happens automatically in SSH sessions or after system sleep Claude Code cannot read or write credentials. This causes a silent authentication failure that looks identical to a token expiry.

security unlock-keychain ~/Library/Keychains/login.keychain-db

2.5 DNS Resolution Failures

If your machine cannot resolve claude.ai or auth.anthropic.com, the OAuth flow is blocked before it even begins. This is common in corporate environments with strict DNS filtering or split-horizon DNS configurations.

nslookup claude.ainslookup auth.anthropic.com

2.6 Account Changes

Password changes, email updates, subscription modifications, or MFA changes invalidate existing sessions. After any account change on the Anthropic website, all existing Claude Code sessions become invalid and require reauthentication.

2.7 Network & Proxy Interruptions

Claude Code continuously validates authentication. These network conditions can interrupt token validation:

VPN instability or reconnections
Corporate firewalls blocking Anthropic authentication endpoints
Proxy misconfigurations or TLS inspection interfering with tokens
DNS failures or high packet loss

2.8 Google SSO Issues

Google SSO login has known intermittent issues where the browser redirect completes but the CLI does not receive the token. If you use Google to sign in and authentication consistently fails, switch to email/password login as a workaround.

2.9 Outdated Claude Code Versions

Older Claude Code releases may use deprecated authentication flows that are no longer supported. Always update before troubleshooting authentication failures.

2.10 Anthropic Server-Side Issues

Occasionally, Anthropic's infrastructure experiences elevated errors or capacity constraints. Before spending time on local troubleshooting, verify the service status:

status.anthropic.com — official status page
status.claude.com — Claude-specific status
Anthropic Discord and X/Twitter for real-time community reports

3. Common Error Messages Explained

Use this reference table to identify your specific error and its severity:

Error Message	Meaning	Severity	Recommended Fix
Session Expired	Authentication token expired	Medium	Re-login
Authentication Failed	Login verification failed	High	Reauthenticate
Invalid Credentials	Stored credentials rejected	High	Clear cache
Login Session Expired	Session timeout reached	Medium	Sign in again
Unauthorized Request	Token invalid	High	Refresh credentials
Failed Authentication	Auth system rejected request	High	Reconnect account
Token Expired	Access token no longer valid	Medium	Generate new session
Sign In Required	No valid authentication detected	Low	Login again
OAuth callback timeout	CLI stopped listening for redirect	Medium	Close tabs & retry
Keychain access denied	macOS keychain locked (SSH/sleep)	High	Unlock keychain
Error 500 during login	Server-side issue at Anthropic	High	Check status page

4. Quick Fix Checklist (Try These First)

Before attempting advanced solutions, run through this checklist. Most users resolve the problem here:

Restart Claude Code
Sign out and sign back in
Verify internet connectivity (ping anthropic.com)
Disable VPN temporarily
Update Claude Code to the latest version
Update VS Code (if using the extension)
Restart your computer
Check Anthropic account access via the website
Clear cached authentication data (~/.claude/cache)
Check status.anthropic.com for active incidents
Try email/password login if Google SSO is failing

5. Step-by-Step Fixes

1.	Reauthenticate Claude Code (Start Here) Replaces your expired token with a fresh authentication session. Use whenever 'session expired' or 'login expired' appears.

Steps:

Open Claude Code and sign out
Close Claude Code completely
Reopen and complete the full login flow
Verify connection is restored

2.	Clear Cached Credentials Removes damaged authentication files that cause repeated login loops.

rm -rf ~/.claude/cache

Then restart Claude Code and log in again. This forces Claude to generate fresh authentication data.

3.	Unlock macOS Keychain (macOS Only) Required when running in SSH sessions or after system sleep — the keychain is locked by default.

security unlock-keychain ~/Library/Keychains/login.keychain-db

After unlocking, retry authentication. If the issue persists in headless/SSH environments, use API key authentication instead (Fix #8).

4.	Fix DNS Resolution Issues Checks whether authentication endpoints are reachable from your machine.

nslookup claude.ainslookup auth.anthropic.comping anthropic.com

If DNS resolution fails, switch to Google DNS (8.8.8.8) or Cloudflare DNS (1.1.1.1) and retry. In corporate environments, contact your network administrator to whitelist Anthropic authentication endpoints.

5.	Verify Anthropic Account Access Confirms the issue is local, not an account-level problem.

Steps:

Sign in at anthropic.com through your browser
Confirm subscription is active
Verify MFA/2FA completion
Check for any security alerts or account flags

If browser login fails, Claude Code will also fail — resolve the account issue first.

6.	Update Claude Code Authentication bugs are frequently patched in updates. Always update before deeper troubleshooting

npm update -g @anthropic-ai/claude-code# or check your package manager for the latest version

7.	Fix VS Code Extension Issues Use when authentication fails only inside VS Code but works in the CLI.

Steps:

Disable the Claude extension in VS Code
Restart VS Code
Clear extension storage data
Reinstall the Claude extension
Sign in again

Also check for conflicting extensions: authentication managers, proxy extensions, security tools, or workspace sync tools can interfere.

8.	Use API Key Authentication (Bypass OAuth) The most reliable method for automated workflows, SSH environments, and CI/CD pipelines.

export ANTHROPIC_API_KEY=your_api_key_here# Add to ~/.bashrc or ~/.zshrc to persist

API key authentication bypasses the OAuth browser flow entirely, eliminating callback timeouts, keychain issues, and DNS-related failures. Get your key from console.anthropic.com.

9.	Resolve Proxy and Firewall Issues Required in corporate networks that intercept or block Anthropic authentication endpoints.

Diagnostics:

Temporarily disconnect VPN and retry authentication
Switch to a mobile hotspot to isolate network filtering
Ask IT to whitelist auth.anthropic.com and claude.ai
Check if TLS inspection is stripping authentication headers

6. Advanced CLI Troubleshooting

For developers using terminal-based workflows, these commands provide deeper diagnostics.

Check Authentication Status

claude auth status

Look for: expired sessions, invalid credentials, or missing tokens.

Check Environment Variables

env | grep ANTHROPIC

Verify correct values, no duplicates, and no obsolete or conflicting tokens.

Full Reauthentication via CLI

claude logoutclaude login

Clear All Auth Data and Retry

claude logoutrm -rf ~/.claude/cacheclaude login

7. Authentication Diagnostics

Use this table to match your symptoms to the most likely cause:

Symptom	Likely Cause	Recommended Fix
Random logout during active session	Token expiration	Reauthenticate
Stuck in login loop	Corrupted credentials / cache	Clear ~/.claude/cache
Unauthorized error on requests	Invalid or expired token	Log out and log in
'Keychain access denied' on macOS	Keychain locked in SSH/sleep	Run security unlock-keychain
Browser opens but CLI says 'timed out'	OAuth callback timeout	Close tabs, retry, or use API key
Google SSO completes but login fails	Google auth redirect issue	Switch to email/password login
DNS resolution hangs indefinitely	DNS filtering or misconfiguration	Check nslookup, switch DNS
Works in CLI but not VS Code	Extension auth corruption	Reinstall Claude extension
Works on hotspot but not office network	Corporate firewall/proxy	Contact IT, whitelist endpoints
Authentication fails after account change	Password/MFA change invalidates session	Reauthenticate from scratch
Error 500 during login	Anthropic server-side issue	Check status.anthropic.com

8. VS Code-Specific Authentication Fixes

Some users experience authentication failures exclusively inside VS Code while the CLI works fine. This points to extension-level issues rather than token or network problems.

Clear VS Code Extension Storage

VS Code sometimes stores damaged authentication tokens in its extension storage directory. Clearing this forces a fresh credential fetch.

Close VS Code completely
Navigate to the VS Code extensions directory
Remove Claude-related storage data
Restart VS Code and reauthenticate

Disable Conflicting Extensions

The following extension types are known to interfere with Claude Code authentication in VS Code:

Authentication managers (e.g., Keychain integrations)
Proxy or network management extensions
Security or firewall extensions
Workspace sync tools

Test by disabling all other extensions and verifying Claude Code works independently. Re-enable extensions one at a time to identify the conflict.

Verify Extension Version Compatibility

After a VS Code update or a Claude Code release, extension API compatibility can break. Reinstall the extension fresh after any major update to both tools.

9. Is It Authentication or a Service Outage?

An important distinction: capacity constraints at Anthropic look like authentication errors from the user's perspective but require a completely different response.

⚠️ Capacity Constraints vs. Authentication Failures

Anthropic's official support documentation distinguishes between two types of failures:

• Capacity Constraints: High demand causes temporary rejections. These do NOT appear on the

status page because they represent normal load management. Try again in a few minutes.

• Authentication Failures: Your credentials are invalid. These persist across retries and

require the fixes in this guide.

• Service Incidents: Actual technical problems. These DO appear on status.anthropic.com.

Check status.anthropic.com first. If no incidents are listed but errors persist, it is likely

a local authentication issue.

10. Claude Code Authentication Methods Compared

Feature	Claude Code Login (OAuth)	API Key Authentication
Ease of Setup	Easy — browser-based flow	Medium — manual key management
Session Expiration	Yes — tokens expire	Rare — keys are long-lived
macOS Keychain Required	Yes (by default)	No
Works in SSH/Headless	Requires workarounds	Yes — fully supported
Works in CI/CD	Not recommended	Recommended
Enterprise SSO Support	Yes (via browser)	Depends on setup
OAuth Callback Required	Yes	No
Security Level	High	High (store keys securely)

11. Best Practices to Prevent Session Expiration

Keep Claude Code Updated

New releases frequently include authentication improvements, token refresh fixes, and security updates. Set up automatic updates where possible.

Use API Key Authentication for Automated Workflows

For CI/CD pipelines, scripts, SSH environments, and headless servers, API key authentication is significantly more reliable than the OAuth browser flow.

Avoid Multiple Concurrent Logins

Using several devices simultaneously can occasionally invalidate sessions. Anthropic's authentication system may enforce single-session policies in some configurations.

Maintain Stable Network Connectivity

Token refresh processes depend on uninterrupted network access to Anthropic endpoints. Avoid authentication attempts on unstable connections.

Sign Out Gracefully

Avoid forcing application shutdowns mid-session. Graceful sign-outs reduce the chance of credential corruption in the local cache.

Unlock Keychain Before SSH Sessions (macOS)

If you regularly use Claude Code over SSH on macOS, unlock the keychain at the start of each session or switch to API key authentication permanently.

12. Expert Troubleshooting Workflow

Follow this decision tree in order to resolve authentication issues efficiently:

Step 1 — See 'Session Expired'?

→ Log out → Log in again → Test connection

Step 2 — Login Fails Again?

→ Clear ~/.claude/cache → Restart application → Retry authentication

Step 3 — Authentication Still Fails?

→ Check status.anthropic.com → Test on mobile hotspot → Disable VPN → Verify account at anthropic.com

Step 4 — macOS / SSH Environment?

→ Run: security unlock-keychain → Or switch to API key authentication

Step 5 — Only VS Code Fails?

→ Reinstall the Claude extension → Clear extension data → Reauthenticate

Step 6 — Nothing Works?

→ Update all software → Try API key authentication → Contact Anthropic support with logs and diagnostic output.

13. Frequently Asked Questions

Why does Claude Code keep saying the session expired?

The most common cause is token expiration. Authentication tokens have a built-in expiry period. When the token expires, Claude Code requires reauthentication. This often appears as random logouts during active sessions.

How do I reconnect Claude Code?

Sign out, clear ~/.claude/cache, restart Claude Code, and complete a fresh login. This generates new authentication credentials and clears any corrupted state.

What is an OAuth callback timeout?

Claude Code's login flow opens a browser window for you to authenticate. The CLI waits ~60 seconds for the browser to redirect the authentication token back. If that redirect doesn't complete in time (due to slow network, too many browser tabs, or browser focus issues), the timeout triggers. Fix: close extra tabs and retry, or use API key authentication.

Why does Claude Code work in the browser but not VS Code?

The VS Code extension maintains its own authentication storage, separate from the CLI. If that storage becomes corrupted, or if an extension conflict exists, VS Code authentication fails while the CLI continues to work. Reinstall the Claude extension and clear its storage data.

Can corrupted credentials cause login errors?

Yes. Damaged cached authentication data in ~/.claude/cache is one of the most common causes of repeated login failures and login loops. Clearing this directory forces Claude Code to generate fresh credentials.

Does reinstalling Claude Code fix authentication problems?

Sometimes, but it should not be your first step. Reauthentication and cache clearing are faster and resolve the majority of issues. Reinstall only after other fixes have failed.

Can VPNs cause session timeout errors?

Yes. VPN instability, reconnections, or split-tunneling misconfigurations can interrupt token validation mid-session. Additionally, some VPNs route traffic through servers that block Anthropic authentication endpoints. Test by disconnecting the VPN and retrying.

Why does authentication fail after an update?

Stored credentials may become incompatible with newer authentication mechanisms in updated versions. After a major update, clear your cached credentials and reauthenticate from scratch.

Can changing my password invalidate Claude Code sessions?

Yes. Password changes, email updates, MFA changes, and subscription modifications all invalidate existing authentication sessions. After any account change, expect to reauthenticate in all environments.

What should I do if nothing works?

Verify account access directly on the Anthropic website, test on a different network, update all software, switch to API key authentication, and contact Anthropic support with your diagnostic logs.

14. Common Mistakes to Avoid

Mistake	Consequence	Better Approach
Reinstalling immediately	Wastes time; rarely fixes auth issues	Start with reauthentication
Ignoring updates	Known authentication bugs persist	Update before troubleshooting
Keeping stale credentials	Login loops continue indefinitely	Clear ~/.claude/cache
Using multiple accounts simultaneously	Session conflicts and unexpected logouts	Use one account at a time
Forcing app shutdown mid-session	Credential file corruption	Always sign out gracefully
Debugging before checking service status	Troubleshooting a problem that doesn't exist locally	Check status.anthropic.com first
Using Google SSO when it's failing	Persistent redirect failures	Switch to email/password login
Ignoring keychain on macOS	Silent authentication failures in SSH	Unlock keychain or use API key

Sources & References

Anthropic Official Support: support.claude.com | Anthropic Status: status.anthropic.com

Claude Code Troubleshooting Docs: docs.anthropic.com | Remote OpenClaw Auth Guide | AdVenture Media Status Guide.

in Ai coding

# Claude Code Topics