Claude Code 2.1.123 fixes OAuth retry loops

The situation

Claude Code 2.1.123 is a narrow release, but it fixes an auth bug teams can hit right away. The official changelog says OAuth could get stuck retrying after a 401 when CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS=1 is set.

That matters for teams that standardize Claude Code setup. If you pin environment variables in shell profiles, CI wrappers, or repo bootstrap scripts, a small auth bug can turn into repeated onboarding failures. One developer sees a login prompt. Another gets a retry loop. A third assumes the tool is down.

For teams using shared repository context and team conventions, this is a workflow issue as much as a bug fix. Auth behavior is part of the team contract. If a tool depends on a beta toggle, the team should know whether that setting is intentional, inherited, or left over from an old setup guide.

The main audience here is engineering teams already using Claude Code in a shared repo, especially those with a CLAUDE.md, local setup notes, or a convention for how agents should behave during review and handoff.

Walkthrough

1. Start with the failure mode. The changelog points to a 401 retry loop in OAuth when experimental betas are disabled. That looks like a release-specific interaction between auth and feature gating, not a general login outage.

2. Check whether your team sets CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS=1 anywhere persistent. Common places are shell startup files, repo scripts, container images, and onboarding docs. If the variable is set globally, every developer inherits the same behavior.

3. Reproduce the path once before rolling out a fix. Sign out, sign back in, and confirm whether Claude Code returns to a normal auth flow instead of looping on 401s. If you maintain a shared setup, test on one clean machine and one machine with your standard bootstrap.

4. Use the fix to document the team’s default stance on betas. If the variable is there for stability, say so. If it was added temporarily, remove it from the canonical setup. If you need it for a specific reason, record that reason near the repo instructions so the next person does not rediscover it by accident.

5. Put the convention where Claude Code will see it. A short CLAUDE.md or repo note is usually enough. Keep it about behavior, not policy prose.

# CLAUDE.md

## Team conventions
- Use the repo's standard auth setup before starting work.
- If `CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS=1` is required, keep it documented in the onboarding notes.
- Report auth failures directly; do not retry indefinitely.
- Prefer the shared review checklist before merging agent-written changes.

6. If your team provisions shared instructions or skills, keep them aligned with the same expectation: stable auth, explicit defaults, and no hidden environment assumptions. Claude’s Skills system loads specialized instructions and workflows dynamically, so consistency matters when the team wants repeatable behavior instead of one-off local tweaks. The official Skills docs and repository examples are the best place to see how that structure is meant to work. The Anthropic Skills repository is especially useful if you want to inspect how instruction folders are organized.

---
name: repo-onboarding
summary: Shared setup for Claude Code in this repository
---

- Confirm auth works before starting a task.
- Use the repo's documented environment variables only.
- Escalate repeated login failures instead of looping.

7. Fold the fix into review expectations. If auth failures can come from a single environment flag, review should include setup drift: changed shell exports, stale container images, and copied onboarding snippets. That small habit prevents a class of “works on my machine” failures that are really “works with my auth state” failures.

A useful methodology move here is the Document step: write down the one environment variable, one expected login path, and one escalation rule. That is often enough to keep a fix from disappearing into tribal knowledge.

Tradeoffs and limits

This release does not change Claude Code’s broader authentication model. It fixes one retry loop, so teams should not assume every login issue is solved by upgrading.

There is also a governance tradeoff. Disabling experimental betas can be a deliberate stability choice, but it can also hide newer behavior that your team may want. If you standardize that variable, make the reason explicit and revisit it periodically.

Shared repo context only helps if it stays current. A CLAUDE.md that still describes an old auth path can be worse than no note at all. Keep the guidance short, versioned, and easy to update during release reviews.

Further reading

• Claude Code changelog
• Using Skills in Claude
• What are Skills?
• Anthropic Skills repository
• Claude Code team conventions
• Our methodology