TL;DR
Facebook MCP auth failures fall into four distinct categories. Error #1 is a redirect_uris are not registered bug affecting Claude Code CLI — no user-side fix; you must switch clients. Error #2 is an is_ads_mcp_enabled: false account flag tied to Meta's phased rollout; wait or use a third-party MCP. Error #3 is an expired 60-day OAuth token; reconnect to fix it. Error #4 is missing permission scopes granted at consent; re-authenticate with the correct access level. AdAdvisor MCP bypasses all four: pre-approved app, managed token refresh, pre-configured scopes.
Quick Answer
redirect_uris are not registered for this client→ switch clients (no user-side fix exists)is_ads_mcp_enabled: false→ wait for Meta's phased rollout (or use a third-party MCP now)- Connection was working, now returns empty results → expired 60-day token; reconnect via OAuth
- "Insufficient permissions" or write actions failing → reconnect with read/write scopes selected
- AdAdvisor MCP avoids all four issues through a pre-approved app and managed authentication
If you're seeing a Meta MCP OAuth error, you're likely looking at one of four completely different problems that happen to share the same label. The facebook mcp oauth fix most people search for doesn't exist as a single answer. Each error type has a different cause, a different affected audience, and a different resolution. This article gives you the diagnosis and the exact fix for each one.
New to Meta MCP? See What is Facebook MCP? for background before troubleshooting.
Which Error Do You Have?
Find your symptom below and jump to the relevant section.
Quick Diagnosis: Which Meta MCP OAuth Error Do You Have?
| What you see | Your error | Jump to |
|---|---|---|
| redirect_uris are not registered for this client | Error #1: OAuth client not whitelisted | Error #1 |
| is_ads_mcp_enabled: false in the response | Error #2: Account not yet in rollout | Error #2 |
| Connection was working, now returns empty results | Error #3: Token expired | Error #3 |
| "Insufficient permissions" or missing campaign data | Error #4: Wrong scopes at consent | Error #4 |
If you're not sure which error you have, start with Error #1 - it's the most common.
Facebook MCP OAuth Error Comparison
Meta MCP OAuth Error Types Compared
| Error | User Fix Available? | Severity | Resolution Time |
|---|---|---|---|
| redirect_uris not registered | No | High | Immediate client switch |
| is_ads_mcp_enabled: false | No | Medium | Wait 2-4 weeks for rollout |
| Expired OAuth token | Yes | Low | ~2 minutes to reconnect |
| Missing permission scopes | Yes | Low | ~5 minutes to re-authenticate |
Error #1: redirect_uris are not registered for this client
Cause
Meta's OAuth server only accepts callback URLs that have been pre-registered in the Meta app configuration. Claude Code CLI uses a dynamic localhost loopback redirect URI (http://localhost:<port>/callback), which is standard for HTTP MCP servers. The problem: Meta's app hasn't whitelisted these dynamic URLs. Claude.ai (web) and Claude Desktop use different, static callback URLs that Meta has whitelisted. That's why this error is client-specific: same MCP server, same credentials, different behavior depending on which Claude client initiates the flow.
Who is affected
Users running Meta MCP through Claude Code CLI (terminal). This error does not affect Claude.ai web users or Claude Desktop users.
Symptom
The OAuth flow fails before the browser opens, or the browser opens and immediately returns the error string redirect_uris are not registered for this client. No ad account access is granted.
Status
This is an active, unresolved issue tracked across multiple GitHub reports:
anthropics/claude-code#55002- original report, closed "not planned"anthropics/claude-code#55556- second report, same root causeanthropics/claude-code#57191- third reportanthropics/claude-code#57114- Claude Desktop variant
The fix requires Meta and Anthropic to update the OAuth client configuration on the server side. As of June 2026, there is no user-side fix for this error.
Fix (workarounds only)
Switch to a client whose callback URL Meta has already whitelisted:
- Option A: Claude.ai web - Pro or Max plan subscribers can connect Meta Ads natively via Settings → Integrations. OAuth works correctly in this client.
- Option B: Claude Desktop - Configure the MCP via
claude_desktop_config.json. Claude Desktop uses a registered callback URL and completes OAuth without this error. - Option C: AdAdvisor MCP - Connects through AdAdvisor's pre-approved app, which has already passed Meta's Business Verification and uses registered redirect URIs. This error does not occur in that path, regardless of which Claude client you use.
Do not attempt manual token workarounds, MCP server config edits (not user-accessible), or try to "register" your own redirect URI. None of these address the root cause.
Error #2: is_ads_mcp_enabled: false
Cause
Meta's official MCP is in phased rollout. Even after a successful OAuth flow, the underlying per-account flag is_ads_mcp_enabled must be activated by Meta. This is not a permissions problem. It is a deployment queue. You can complete the OAuth authorization perfectly and still encounter this flag returning false.
This is the most commonly misdiagnosed Meta MCP issue. Forums frequently label it as "OAuth broken," but OAuth is functioning correctly; the account simply hasn't been enrolled yet.
Who is affected
Any advertiser in a non-priority region or below Meta's spend threshold for early access. US accounts go first; higher-spend accounts are prioritized. Accounts in Australia, New Zealand, and parts of the EU were still in the rollout queue as of June 2026. You can connect a single Facebook profile and see five ad accounts: two may return is_ads_mcp_enabled: true and three may return false. That mix is normal during phased rollout.
Symptom
OAuth completes successfully. The connection appears active in your Claude client. Queries return is_ads_mcp_enabled: false or empty results with no clear error message.
Fix
There is no user-initiated fix. Your options:
- Wait. Meta is rolling out progressively; most accounts receive access within 2-4 weeks of the product becoming available in their region.
- Request prioritization. If you spend $10,000+/month on Meta ads, contact your Meta account representative and request early access.
- Use a third-party MCP in the meantime. Pipeboard, Adzviser, and Ryze all have independent Meta Marketing API connections that bypass the
is_ads_mcp_enabledflag. AdAdvisor MCP also operates independently of this flag.
Error #3: Expired OAuth Token
Cause
Meta Marketing API OAuth tokens have a lifespan of approximately 60 days. When a token expires, MCP calls fail silently. Claude returns empty results or generic errors rather than a clear "token expired" message. This is the most common reason a previously working Meta MCP connection stops responding.
Symptom
- MCP was working, then suddenly returns empty responses or incomplete data
- Claude reports that it "retrieved" data but shows nothing useful
- No explicit error message is shown in the Claude interface
Fix
Reconnecting via OAuth (Claude.ai web)
Go to Settings → Integrations
Navigate to Settings and find the Integrations section in your Claude.ai account.
Disconnect the Meta Ads MCP
Find the Meta Ads MCP connection and select disconnect.
Reconnect via OAuth
Complete the authorization flow again to get a fresh token.
Confirm the new token is active
Ask Claude: "Which ad accounts do I have access to?" to verify the connection is working.
For Claude Desktop
Delete the stored token from your claude_desktop_config.json, restart Claude Desktop, and re-authenticate.
Prevention
Set a calendar reminder to re-authenticate every 55 days. The official Meta MCP server's current beta implementation does not include auto-refresh; token expiry is a manual maintenance task. For a deeper look at token expiry patterns and how to detect silent failures early, see Meta MCP token expiry: causes and fixes.
AdAdvisor MCP handles token refresh automatically. The managed infrastructure monitors token validity and re-authenticates before expiry, which eliminates this category of failure entirely. That operational gap is one of the practical differences between the beta connector and a managed solution, covered in more detail in Compare raw API access vs managed optimization - Meta MCP vs AdAdvisor.
Error #4: Missing Permissions / Insufficient Scopes
Cause
During Meta OAuth consent, the user selects permission scopes. If ads_management or ads_read are not granted, or if a read-only tier was selected when write access is needed, subsequent MCP calls return permission errors or silently return no data for certain operations.
Common scenarios
- User selected "read-only" at consent, then asks Claude to pause a campaign (write action fails)
- User didn't grant
business_managementfor multi-account or Business Manager setups - User authenticated with a personal Facebook account instead of the Business Manager admin account
Symptom
- "Insufficient permissions" error on write operations
- Read operations work, but campaign create / edit / pause commands fail
- Some ad accounts are visible; others are inaccessible
Fix
- Disconnect the current MCP connection
- Reconnect. At the OAuth consent screen, explicitly select read/write access (or read/write/financial if you need to make budget changes)
- Authenticate with the Facebook account that has Admin access to the Business Manager, not just the ad account
- For agencies: the authenticated user must have at least Advertiser-level access in Business Manager for each ad account being managed
Quick test
Ask Claude: "Try to pause the lowest-spend active ad set in my account." If it returns a permissions error, you're on read-only. If it asks for confirmation before acting, you have write access.
If write actions continue to fail after re-authenticating with the correct scopes, see Meta MCP write actions failing: causes and fixes for additional diagnostics.
Which Errors Can You Actually Fix?
Meta MCP OAuth Error Fixability
| Error | Fixable by user? | Action |
|---|---|---|
| Error #1: redirect_uris not registered | No | Switch clients |
| Error #2: is_ads_mcp_enabled: false | No | Wait for rollout |
| Error #3: Expired token | Yes | Reconnect via OAuth |
| Error #4: Missing scopes | Yes | Re-authenticate with correct permissions |
Errors #1 and #2 have no user-side fix. If you're running on Claude Code CLI and need Meta MCP working today, your only real options are switching to Claude.ai web or Claude Desktop, or using a managed MCP that bypasses the official connector entirely.
Error #3 is a solvable problem, but it's operational overhead. If you're running campaigns daily, re-authenticating every 55 days is manageable only if you also build in a process for detecting when the connection silently breaks. That's a real maintenance burden most teams don't account for when evaluating whether to run the official beta.
Error #4 is straightforward to fix on re-authentication, but it requires knowing which scopes to select, which isn't well-documented in Meta's current onboarding flow.
AdAdvisor MCP uses a pre-approved app that has passed Meta's Business Verification, handles token refresh automatically, and pre-configures the correct permission scopes so users don't have to navigate the consent tiers manually. Errors #1, #3, and the scope selection problem in #4 don't occur in that path.
For a full breakdown of what the official MCP handles versus what AdAdvisor adds, see Meta MCP vs AdAdvisor →.
Why Does Meta MCP OAuth Fail?
Meta MCP OAuth failures have four distinct causes: a redirect URI that isn't registered in Meta's app config (client-specific, affects Claude Code CLI only), an account-level rollout flag that Meta hasn't activated yet (is_ads_mcp_enabled: false), an expired 60-day access token that fails silently, or missing permission scopes selected at the OAuth consent screen. Each looks different and has a different fix, or no fix at all.
Why Does Claude Connect to Meta MCP But Show No Campaign Data?
If the connection appears active but queries return nothing, the most likely cause is an expired token (Error #3) or the is_ads_mcp_enabled: false rollout flag (Error #2). Both present as silent failures with no error message, just empty results. Check the Quick Diagnosis table above to distinguish them.
Why Does Meta MCP Stop Working After 60 Days?
Meta Marketing API OAuth tokens have a ~60-day lifespan. The official Meta MCP beta has no auto-refresh mechanism, so when the token expires, MCP calls fail silently. The fix is to disconnect and reconnect via OAuth. Set a 55-day calendar reminder to stay ahead of the expiry. See Meta MCP token expiry: causes and fixes for full detail.
Why Can Claude Read My Campaigns But Not Edit Them?
This is Error #4: missing ads_management write scope. When you authenticated via OAuth, you either selected read-only access or didn't grant the ads_management scope. Read operations work because ads_read was granted; write operations fail because ads_management was not. Fix: disconnect, reconnect, and explicitly select read/write at the consent screen.
Should You Use Official Meta MCP or AdAdvisor MCP?
Use the official Meta MCP if:
- You're experimenting or evaluating before committing to a workflow
- Read-only access to campaign data is sufficient for your use case
- You're on Claude.ai web or Claude Desktop (where OAuth works correctly)
- You don't mind setting a 55-day reminder to re-authenticate manually
Use AdAdvisor MCP if:
- Campaigns run daily and a silent token failure would cause real disruption
- You need write access (pause, edit, create) without navigating OAuth scope tiers
- Multiple team members need access without each managing their own token
- You're on Claude Code CLI and can't get the official MCP to authenticate at all
Frequently Asked Questions
Summary
Meta MCP OAuth failures are not a single problem. Error #1 (redirect_uris are not registered) requires a client switch; there is no user-side fix. Error #2 (is_ads_mcp_enabled: false) requires waiting for Meta's phased rollout; nothing you do today changes it. Error #3 (expired token) is periodic maintenance, fixable immediately by reconnecting, but it will recur every 60 days without a reminder system. Error #4 (insufficient scopes) is a one-time re-authentication; connect again with the correct access level and it stays fixed.
Errors #1 and #2 are outside user control. If you need Meta MCP working today and are on Claude Code CLI, your options are Claude.ai web, Claude Desktop, or a managed connector that bypasses the official beta entirely.
