Claude sandbox: apiKeyHelper "proxy-managed" breaks OAuth authentication (Pro/Max plans) #7842
Description
Description
Description
When using Claude Code inside a Docker sandbox with a Pro or Max subscription (OAuth authentication), users get an "Invalid bearer token" error even after a successful /login.
Root Cause
The sandbox plugin sets apiKeyHelper: "echo proxy-managed" in ~/.claude/settings.json inside the VM, which causes Claude Code to use the literal string "proxy-managed" as the bearer
token instead of the OAuth credentials stored in ~/.claude/.credentials.json.
From the binary (strings ~/.docker/cli-plugins/docker-sandbox output):
"apiKeyHelper": "echo proxy-managed",
-
If host has credentials: use apiKeyHelper="echo proxy-managed" for proxy injection
-
If no host credentials: omit apiKeyHelper so Claude Code prompts for /login
The issue is that OAuth credentials (Pro/Max subscription logins) are not detected as "host credentials", so the plugin incorrectly injects apiKeyHelper when it shouldn't.
Workaround
Inside the sandbox, remove the apiKeyHelper line:
docker sandbox exec -it <sandbox-name> bash
sed -i '/"apiKeyHelper"/d' ~/.claude/settings.json
claude
Environment
- Docker sandbox plugin: v0.9.0
- Claude Code: 2.1.25
- Host: macOS
- Sandbox: Ubuntu 25.10
Related Issues
- #7827 - Credentials lost after docker sandbox rm
- #7822 - Re-auth on new worktree sessions
### Reproduce
1. Ensure no `ANTHROPIC_API_KEY` is set on the host machine (using OAuth/Pro/Max instead)
2. Run `docker sandbox run claude-<workspace>`
3. Run `/login` and authenticate with your Claude account (shows "Login successful")
4. Try any command (e.g., "hello")
5. Error: `API Error: 401 {"type":"error","error":{"type":"authentication_error","message":"Invalid bearer token"}}`
### Expected behavior
_No response_
### docker version
```bash
Client:
Version: 29.1.5
API version: 1.52
Go version: go1.25.6
Git commit: 0e6fee6
Built: Fri Jan 16 12:47:44 2026
OS/Arch: darwin/arm64
Context: desktop-linux
Server: Docker Desktop 4.58.1 (217134)
Engine:
Version: 29.1.5
API version: 1.52 (minimum version 1.44)
Go version: go1.25.6
Git commit: 3b01d64
Built: Fri Jan 16 12:48:37 2026
OS/Arch: linux/arm64
Experimental: false
containerd:
Version: v2.2.1
GitCommit: dea7da592f5d1d2b7755e3a161be07f43fad8f75
runc:
Version: 1.3.4
GitCommit: v1.3.4-0-gd6d73eb8
docker-init:
Version: 0.19.0
GitCommit: de40ad0docker info
Client:
Version: 29.1.5
Context: desktop-linux
Debug Mode: false
Plugins:
ai: Docker AI Agent - Ask Gordon (Docker Inc.)
Version: v1.17.1
Path: /Users/markus/.docker/cli-plugins/docker-ai
buildx: Docker Buildx (Docker Inc.)
Version: v0.30.1-desktop.2
Path: /Users/markus/.docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v5.0.1
Path: /Users/markus/.docker/cli-plugins/docker-compose
debug: Get a shell into any image or container (Docker Inc.)
Version: 0.0.47
Path: /Users/markus/.docker/cli-plugins/docker-debug
desktop: Docker Desktop commands (Docker Inc.)
Version: v0.2.0
Path: /Users/markus/.docker/cli-plugins/docker-desktop
extension: Manages Docker extensions (Docker Inc.)
Version: v0.2.31
Path: /Users/markus/.docker/cli-plugins/docker-extension
init: Creates Docker-related starter files for your project (Docker Inc.)
Version: v1.4.0
Path: /Users/markus/.docker/cli-plugins/docker-init
mcp: Docker MCP Plugin (Docker Inc.)
Version: v0.35.0
Path: /Users/markus/.docker/cli-plugins/docker-mcp
model: Docker Model Runner (Docker Inc.)
Version: v1.0.7
Path: /Users/markus/.docker/cli-plugins/docker-model
offload: Docker Offload (Docker Inc.)
Version: v0.5.41
Path: /Users/markus/.docker/cli-plugins/docker-offload
pass: Docker Pass Secrets Manager Plugin (beta) (Docker Inc.)
Version: v0.0.22
Path: /Users/markus/.docker/cli-plugins/docker-pass
sandbox: Docker Sandbox (Docker Inc.)
Version: v0.9.0
Path: /Users/markus/.docker/cli-plugins/docker-sandbox
sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
Version: 0.6.0
Path: /Users/markus/.docker/cli-plugins/docker-sbom
scout: Docker Scout (Docker Inc.)
Version: v1.19.0
Path: /Users/markus/.docker/cli-plugins/docker-scout
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 3
Server Version: 29.1.5
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
CDI spec directories:
/etc/cdi
/var/run/cdi
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: dea7da592f5d1d2b7755e3a161be07f43fad8f75
runc version: v1.3.4-0-gd6d73eb8
init version: de40ad0
Security Options:
seccomp
Profile: builtin
cgroupns
Kernel Version: 6.12.65-linuxkit
Operating System: Docker Desktop
OSType: linux
Architecture: aarch64
CPUs: 10
Total Memory: 7.653GiB
Name: docker-desktop
ID: de8960d3-1ab9-4030-9960-6600c3658634
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http.docker.internal:3128
HTTPS Proxy: http.docker.internal:3128
No Proxy: hubproxy.docker.internal
Labels:
com.docker.desktop.address=unix:///Users/markus/Library/Containers/com.docker.docker/Data/docker-cli.sock
Experimental: false
Insecure Registries:
hubproxy.docker.internal:5555
::1/128
127.0.0.0/8
Live Restore Enabled: falseDiagnostics ID
515BE375-E7F9-413A-8CD3-C2050CB7D434/20260130155146
Additional Info
No response