Skip to main content
The MCP server returns actionable error messages — read the content[0].text field for what went wrong and what to do. Below are the cases you’ll hit most.

”Authentication failed”

Authentication failed. Provide a valid bearer token via OAuth (Claude.ai/Desktop)
or a direct API key from https://app.trodo.ai/integrations.
You’re missing the Authorization: Bearer ... header, or the token is malformed. For HTTPS clients, double-check the header name and the Bearer prefix.

”Token has expired”

Your access token has expired. The MCP client should automatically refresh it;
if you keep seeing this, disconnect and reconnect from app.trodo.ai/integrations.
OAuth access tokens last 1 hour. Compliant clients (Claude.ai, Claude Desktop, Cursor) auto-refresh. If you see this repeatedly, the client’s refresh handling is broken — disconnect and reconnect.

”MCP API keys require a Growth or Enterprise plan”

Your team is on the Free plan. MCP access requires Growth or Enterprise.
Upgrade at https://app.trodo.ai/settings/billing.
Free teams cannot use MCP. Upgrade the team’s plan and retry.

”requires the ‘mcp:user:read_pii’ scope”

The tool 'find_users' returns user PII (email, wallet, country) and requires
the 'mcp:user:read_pii' scope. Disconnect and re-connect from
https://app.trodo.ai/integrations, then check the 'User identities and PII' box.
Specific to user-lookup tools. The scope is opt-in — re-connect (OAuth) or re-issue the API key with the box checked.

”Rate limit exceeded for this token”

Rate limit exceeded for this token. Try again in 23 seconds.
You hit the per-minute cap. Wait the indicated seconds, or use a key with a higher rate_limit_per_min. See Rate limits.

”redirect_uri not on allowlist”

{"error":"invalid_redirect_uri","error_description":"redirect_uri not on allowlist: https://your-host.com/cb"}
Trodo’s OAuth issuer accepts redirect URIs only from Anthropic + Cursor + native-app loopback. If you’re building a custom client and need your domain added, email [email protected] with your client name and redirect URIs.

”refresh_token has already been rotated; entire token family revoked”

{"error":"invalid_grant","error_description":"refresh_token has already been rotated; entire token family revoked for safety"}
A used refresh token was replayed — the OAuth 2.1 reuse-detection rule kicked in and revoked the entire token family. This is by design (defense against token theft). Reconnect from the consent UI to get a fresh token family.

”Response was X chars and exceeds the 80000-char limit”

Response was 142000 chars and exceeds the 80000-char limit. Narrow the query
(smaller window, lower limit, more specific filter) and retry.
Some tools (e.g. list_agent_runs with limit: 200) can produce big payloads. Narrow the window or lower the limit and retry.

Connection won’t establish in Claude.ai or Claude Desktop

  1. Clear browser cookies on app.trodo.ai.
  2. Make sure you’re signed in to Trodo before clicking “Allow access” on the consent screen.
  3. Check the URL — must be exactly https://mcp.trodo.ai/mcp. Trailing slashes and /v1/ aren’t supported.
  4. If the consent page won’t load, the OAuth flow may have lost state — retry from the connector picker.

Cursor / Claude Code says “tool not found” after connect

The MCP catalog is filtered by your token’s scopes. If a tool’s scope wasn’t granted, it won’t appear in tools/list. Re-issue the key with the right scopes (or reconnect via OAuth and check the boxes).

stdio wrapper exits immediately

trodomcp: TRODO_MCP_API_KEY is required.
You forgot to pass the env var. With Claude Code: 
claude mcp add trodo --transport stdio \
  --command "npx -y trodomcp" \
  --env TRODO_MCP_API_KEY=trodo_mk_xxx

Still stuck

  • Status page
  • email [email protected] with the OAuth flow ID (visible in your client’s debug logs) — we can correlate it across our audit log to pinpoint where things broke.