This template is for Azure DevOps Remote MCP Server feedback only.
Issue Type
Tool(s)
Remote MCP Server - OAuth Authentication
Description
When adding the Azure DevOps remote MCP server (https://mcp.dev.azure.com/<ORG>) in GitHub Copilot CLI on Windows, the OAuth browser window never opens. The app silently fails without prompting the user to sign in, and there is no "Sign in" button or prompt visible in the UI.
Steps to Reproduce
- Add the Azure DevOps remote MCP server in GitHub Copilot CLI settings with URL
https://mcp.dev.azure.com/<ORG>
- Restart the app
- Observe: no browser window opens, no sign-in prompt appears in UI
- MCP server remains unauthenticated
Expected Behavior
A browser window (or in-app prompt) should open to complete the OAuth flow against https://login.microsoftonline.com/<TENANT_ID>/v2.0, allowing the user to authenticate and cache a token for https://mcp.dev.azure.com/.default.
Actual Behavior
No browser window appears. The app logs show the OAuth flow is triggered but immediately fails:
[ERROR] Server azure-devops requires authentication, initiating OAuth flow
[ERROR] OAuth authentication required for azure-devops
[ERROR] OAuth required for azure-devops with no cached tokens; marking as needs-auth
[ERROR] OAuth authentication was required but not provided for azure-devops
[ERROR] Failed to start MCP client for remote server azure-devops with OAuth: Error: OAuth authentication failed for azure-devops
[ERROR] Recorded failure for server azure-devops: OAuth authentication failed for azure-devops
[ERROR] MCP server azure-devops still needs interactive re-auth: MCPOAuthBrowserRequiredError: Browser-based OAuth required for https://mcp.dev.azure.com/<ORG>
The OAuth discovery endpoint returns correctly:
{
"resource": "https://mcp.dev.azure.com/<ORG>",
"authorization_servers": ["https://login.microsoftonline.com/<TENANT_ID>/v2.0"],
"bearer_methods_supported": ["header"],
"scopes_supported": ["https://mcp.dev.azure.com/.default"]
}
No token files are created in ~/.copilot/mcp-oauth-config/.
Environment
- OS: Windows 11
- Client: GitHub Copilot CLI (desktop app)
- MCP Server URL:
https://mcp.dev.azure.com/<ORG>
- ADO Org: Private org (AAD-backed tenant)
Workaround
Using az devops CLI with az account get-access-token --resource https://mcp.dev.azure.com succeeds and returns a valid token, confirming the user is authenticated and the org/tenant are valid. The issue is isolated to the Copilot app's OAuth browser launch step.
This template is for Azure DevOps Remote MCP Server feedback only.
Issue Type
Tool(s)
Remote MCP Server - OAuth Authentication
Description
When adding the Azure DevOps remote MCP server (
https://mcp.dev.azure.com/<ORG>) in GitHub Copilot CLI on Windows, the OAuth browser window never opens. The app silently fails without prompting the user to sign in, and there is no "Sign in" button or prompt visible in the UI.Steps to Reproduce
https://mcp.dev.azure.com/<ORG>Expected Behavior
A browser window (or in-app prompt) should open to complete the OAuth flow against
https://login.microsoftonline.com/<TENANT_ID>/v2.0, allowing the user to authenticate and cache a token forhttps://mcp.dev.azure.com/.default.Actual Behavior
No browser window appears. The app logs show the OAuth flow is triggered but immediately fails:
The OAuth discovery endpoint returns correctly:
{ "resource": "https://mcp.dev.azure.com/<ORG>", "authorization_servers": ["https://login.microsoftonline.com/<TENANT_ID>/v2.0"], "bearer_methods_supported": ["header"], "scopes_supported": ["https://mcp.dev.azure.com/.default"] }No token files are created in
~/.copilot/mcp-oauth-config/.Environment
https://mcp.dev.azure.com/<ORG>Workaround
Using
az devopsCLI withaz account get-access-token --resource https://mcp.dev.azure.comsucceeds and returns a valid token, confirming the user is authenticated and the org/tenant are valid. The issue is isolated to the Copilot app's OAuth browser launch step.