You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
When an MCP server uses OAuth with Dynamic Client Registration (RFC 7591), Copilot for Eclipse registers once and caches the issued client_id (in copilot-eclipse.db). If that server later rotates its OAuth signing key/secret — which happens routinely on a server redeploy — the cached client_id becomes invalid and every connection fails with:
Copilot keeps reusing the cached registration and never re-registers, so the server stays unusable. Restarting Eclipse doesn't help: it reuses the cached client_id, and a still-valid access token can even mask the problem until the next forced sign-in. The only known recovery is to quit Eclipse and manually delete the cache file:
That's undocumented, signs you out of all MCP servers at once, and is especially painful on locked-down/Citrix/VDI machines where the AppData path is redirected and hard to locate.
Describe the solution you'd like
A UI action to clear the cached OAuth registration for an MCP server so the next call performs a fresh /register + sign-in — e.g. a per-server "Sign out" / "Forget authentication" / "Reset credentials" entry in the MCP server's actions menu that drops the cached client_id (and token). Per-server would be ideal, so resetting one stuck server doesn't sign you out of the others.
Manually deleting copilot-eclipse.db — works, but requires quitting Eclipse, is undocumented, clears every MCP login, and is hard on managed/Citrix machines. (Removing just one server's rows needs the sqlite3 CLI and knowledge of the internal state table.)
Fixing it server-side (pinning a stable DCR signing key so redeploys don't rotate it) — prevents recurrence but is the server operator's responsibility and does not recover a client that's already stuck.
Additional context
VS Code already provides exactly this: the Command Palette command "Authentication: Remove Dynamic Authentication Providers" lists the dynamically-registered MCP clients and lets you remove specific ones, after which the server re-registers cleanly on next use. The need was tracked in microsoft/vscode#269379 ("Clean way to remove stale MCP Oauth credentials") and microsoft/vscode#251802 ("MCP: Forget Authentication"). A comparable action in Copilot for Eclipse would close the gap. Background on the registration mechanism: RFC 7591 (OAuth 2.0 Dynamic Client Registration).
Is your feature request related to a problem? Please describe.
When an MCP server uses OAuth with Dynamic Client Registration (RFC 7591), Copilot for Eclipse registers once and caches the issued
client_id(incopilot-eclipse.db). If that server later rotates its OAuth signing key/secret — which happens routinely on a server redeploy — the cachedclient_idbecomes invalid and every connection fails with:{"error":"invalid_client","error_description":"Invalid client_id"}Copilot keeps reusing the cached registration and never re-registers, so the server stays unusable. Restarting Eclipse doesn't help: it reuses the cached
client_id, and a still-valid access token can even mask the problem until the next forced sign-in. The only known recovery is to quit Eclipse and manually delete the cache file:~/.config/github-copilot/copilot-eclipse.db%LOCALAPPDATA%\github-copilot\copilot-eclipse.dbThat's undocumented, signs you out of all MCP servers at once, and is especially painful on locked-down/Citrix/VDI machines where the AppData path is redirected and hard to locate.
Describe the solution you'd like
A UI action to clear the cached OAuth registration for an MCP server so the next call performs a fresh
/register+ sign-in — e.g. a per-server "Sign out" / "Forget authentication" / "Reset credentials" entry in the MCP server's actions menu that drops the cachedclient_id(and token). Per-server would be ideal, so resetting one stuck server doesn't sign you out of the others.Describe alternatives you've considered
client_idis reused and the error persists.copilot-eclipse.db— works, but requires quitting Eclipse, is undocumented, clears every MCP login, and is hard on managed/Citrix machines. (Removing just one server's rows needs thesqlite3CLI and knowledge of the internalstatetable.)Additional context
VS Code already provides exactly this: the Command Palette command "Authentication: Remove Dynamic Authentication Providers" lists the dynamically-registered MCP clients and lets you remove specific ones, after which the server re-registers cleanly on next use. The need was tracked in microsoft/vscode#269379 ("Clean way to remove stale MCP Oauth credentials") and microsoft/vscode#251802 ("MCP: Forget Authentication"). A comparable action in Copilot for Eclipse would close the gap. Background on the registration mechanism: RFC 7591 (OAuth 2.0 Dynamic Client Registration).