Not all requested permissions were granted

Hello,

I’ve lost connection to my own Chat GPT Apps which I had connected few days ago. They were working fine, but now connecting to the same app repo in the same mcp server platform that has been deployed and running since working last time, can’t connect. I’m getting the error message: Not all requested permissions were granted. I’ve checked my OAuth logs and Chat GPT is receiving authentication and the mcp server is running fine. I also tried previous “template” branches of my repo which had worked before and can’t connect. Is there some downtime now or is the protocol changed someway in the past three days that has broken my repos?

Here is Gpt 5.1 summary of all the logs I provided from OAuth, Railway etc:

There are no errors on the Auth0 side, and the accessed scopes were whatever you granted on the consent screen (even though the consent UI only lists the default profile scopes). The absence of POST /mcp in your Railway logs means ChatGPT never used the access token after receiving it—it aborts before calling any tool. That’s entirely on the ChatGPT side; the MCP server and Auth0 are behaving correctly.

The token exchange completed. The problem is that the ChatGPT connector UI stops with “Not all requested permissions were granted” even though Auth0 granted them. We’ve already added the scope parameter in WWW-Authenticate challenges; beyond that, there isn’t anything else to change in your backend. At this point, it appears to be a ChatGPT Apps/Connectors client-side bug. I recommend reporting it to OpenAI support with these log details; on our end everything is responding correctly.

1 Like

You have to configure in the auth0 dashboard.

  1. Applications → APIs → Create API and name it, the identifier is your MCP url (my example: https:(//)080651dadde5.ngrok-free.app/mcp)
  2. Set default audience: Tenant Settings → Default Audience → Enter the MCP url

If you use mcp-handler@1.0.3, you should add to the well known route:

additionalMetadata: {
  scopes_supported: ['openid', 'profile', 'email'],
}

Same issue here:

I am trying to connect an mcp server I build but I am getting the error “Not all requested permissions were granted”

In the browser developer console I get 403 on the connectors / link / oauth / callback

In Auth0 Console I see everything was successfull:

Success Exchange Authorization Code for AccessToken

Any feedback would be welcome, thanks!

I identified the issue:

When using Spring AI MCP, the .well-known/oauth-protected-resource endpoint returns no scopes. If the MCP server doesn’t define any, ChatGPT appears to assign them automatically. I resolved this by overriding Spring AI MCP’s behavior.

2 Likes