### Summary The GitLab MCP server at `https://gitlab.com/api/v4/mcp` cannot complete OAuth authentication on GitLab.com. Any scope requested results in: "The requested scope is invalid, unknown, or malformed." ### Steps to reproduce 1. Add GitLab as a custom MCP connector in Claude (claude.ai) 2. Enter MCP server URL: `https://gitlab.com/api/v4/mcp` 3. Initiate the OAuth flow 4. Observe the error on the GitLab authorization page ### Testing performed | Scopes requested | Result | |------------------|--------| | All scopes from original URL (see below) | ❌ "scope is invalid, unknown, or malformed" | | Only documented scopes (removed `mcp`, `self_rotate`, `ai_workflows`, `user:*`) | ❌ Same error | | Only `api` | ❌ Same error | | No scope parameter | ✅ Authorization prompt appears | This suggests the MCP OAuth application may not have any scopes configured/enabled on GitLab.com. ### Original scope parameter from authorization URL scope=api+read_api+read_user+create_runner+manage_runner+k8s_proxy+self_rotate+mcp+read_repository+write_repository+read_registry+write_registry+read_virtual_registry+write_virtual_registry+read_observability+write_observability+ai_features+sudo+admin_mode+read_service_ping+openid+profile+email+ai_workflows+user%3A%2A Note: Some of these scopes (`mcp`, `self_rotate`, `ai_workflows`, `user:*`) do not appear in GitLab's OAuth documentation, but even standard scopes like `api` fail. ### Expected behavior The MCP OAuth application should be able to request standard GitLab OAuth scopes (at minimum `api`) without errors. ### Environment - GitLab.com (SaaS) - MCP endpoint: `https://gitlab.com/api/v4/mcp` /label ~"type::bug" ~"MCP"