AutoMaker-Org · Shironex · Feb 2, 2026 · Feb 2, 2026
diff --git a/apps/server/src/index.ts b/apps/server/src/index.ts
@@ -121,21 +121,89 @@ const BOX_CONTENT_WIDTH = 67;
 // The Claude Agent SDK can use either ANTHROPIC_API_KEY or Claude Code CLI authentication
 (async () => {
   const hasAnthropicKey = !!process.env.ANTHROPIC_API_KEY;
+  const hasEnvOAuthToken = !!process.env.CLAUDE_CODE_OAUTH_TOKEN;
+
+  logger.debug('[CREDENTIAL_CHECK] Starting credential detection...');
+  logger.debug('[CREDENTIAL_CHECK] Environment variables:', {
+    hasAnthropicKey,
+    hasEnvOAuthToken,
+  });
 
   if (hasAnthropicKey) {
     logger.info('✓ ANTHROPIC_API_KEY detected');
     return;
   }
 
+  if (hasEnvOAuthToken) {
+    logger.info('✓ CLAUDE_CODE_OAUTH_TOKEN detected');
+    return;
+  }
+
   // Check for Claude Code CLI authentication
+  // Store indicators outside the try block so we can use them in the warning message
+  let cliAuthIndicators: Awaited<ReturnType<typeof getClaudeAuthIndicators>> | null = null;
+
   try {
-    const indicators = await getClaudeAuthIndicators();
+    cliAuthIndicators = await getClaudeAuthIndicators();
+    const indicators = cliAuthIndicators;
+
+    // Log detailed credential detection results
+    logger.debug('[CREDENTIAL_CHECK] Claude CLI auth indicators:', {
+      hasCredentialsFile: indicators.hasCredentialsFile,
+      hasSettingsFile: indicators.hasSettingsFile,
+      hasStatsCacheWithActivity: indicators.hasStatsCacheWithActivity,
+      hasProjectsSessions: indicators.hasProjectsSessions,
+      credentials: indicators.credentials,
+    });
+
+    logger.debug('[CREDENTIAL_CHECK] File check details:', {
+      settingsFile: {
+        path: indicators.checks.settingsFile.path,
+        exists: indicators.checks.settingsFile.exists,
+        readable: indicators.checks.settingsFile.readable,
+        error: indicators.checks.settingsFile.error,
+      },
+      statsCache: {
+        path: indicators.checks.statsCache.path,
+        exists: indicators.checks.statsCache.exists,
+        readable: indicators.checks.statsCache.readable,
+        hasDailyActivity: indicators.checks.statsCache.hasDailyActivity,
+        error: indicators.checks.statsCache.error,
+      },
+      projectsDir: {
+        path: indicators.checks.projectsDir.path,
+        exists: indicators.checks.projectsDir.exists,
+        readable: indicators.checks.projectsDir.readable,
+        entryCount: indicators.checks.projectsDir.entryCount,
+        error: indicators.checks.projectsDir.error,
+      },
+      credentialFiles: indicators.checks.credentialFiles.map((cf) => ({
+        path: cf.path,
+        exists: cf.exists,
+        readable: cf.readable,
+        error: cf.error,
+      })),
+    });
+
     const hasCliAuth =
       indicators.hasStatsCacheWithActivity ||
       (indicators.hasSettingsFile && indicators.hasProjectsSessions) ||
       (indicators.hasCredentialsFile &&
         (indicators.credentials?.hasOAuthToken || indicators.credentials?.hasApiKey));
 
+    logger.debug('[CREDENTIAL_CHECK] Auth determination:', {
+      hasCliAuth,
+      reason: hasCliAuth
+        ? indicators.hasStatsCacheWithActivity
+          ? 'stats cache with activity'
+          : indicators.hasSettingsFile && indicators.hasProjectsSessions
+            ? 'settings file + project sessions'
+            : indicators.credentials?.hasOAuthToken
+              ? 'credentials file with OAuth token'
+              : 'credentials file with API key'
+        : 'no valid credentials found',
+    });
+
     if (hasCliAuth) {
       logger.info('✓ Claude Code CLI authentication detected');
       return;
@@ -145,7 +213,7 @@ const BOX_CONTENT_WIDTH = 67;
     logger.warn('Error checking for Claude Code CLI authentication:', error);
   }
 
-  // No authentication found - show warning
+  // No authentication found - show warning with paths that were checked
   const wHeader = '⚠️  WARNING: No Claude authentication configured'.padEnd(BOX_CONTENT_WIDTH);
   const w1 = 'The Claude Agent SDK requires authentication to function.'.padEnd(BOX_CONTENT_WIDTH);
   const w2 = 'Options:'.padEnd(BOX_CONTENT_WIDTH);
@@ -158,6 +226,33 @@ const BOX_CONTENT_WIDTH = 67;
     BOX_CONTENT_WIDTH
   );
 
+  // Build paths checked summary from the indicators (if available)
+  let pathsCheckedInfo = '';
+  if (cliAuthIndicators) {
+    const pathsChecked: string[] = [];
+
+    // Collect paths that were checked
+    if (cliAuthIndicators.checks.settingsFile.path) {
+      pathsChecked.push(`Settings: ${cliAuthIndicators.checks.settingsFile.path}`);
+    }
+    if (cliAuthIndicators.checks.statsCache.path) {
+      pathsChecked.push(`Stats cache: ${cliAuthIndicators.checks.statsCache.path}`);
+    }
+    if (cliAuthIndicators.checks.projectsDir.path) {
+      pathsChecked.push(`Projects dir: ${cliAuthIndicators.checks.projectsDir.path}`);
+    }
+    for (const credFile of cliAuthIndicators.checks.credentialFiles) {
+      pathsChecked.push(`Credentials: ${credFile.path}`);
+    }
+
+    if (pathsChecked.length > 0) {
+      pathsCheckedInfo = `
+║                                                                     ║
+║  ${'Paths checked:'.padEnd(BOX_CONTENT_WIDTH)}║
+${pathsChecked.map((p) => `║    ${p.substring(0, BOX_CONTENT_WIDTH - 2).padEnd(BOX_CONTENT_WIDTH - 2)}  ║`).join('\n')}`;
+    }
+  }
+
   logger.warn(`
 ╔═════════════════════════════════════════════════════════════════════╗
 ║  ${wHeader}║
@@ -169,7 +264,7 @@ const BOX_CONTENT_WIDTH = 67;
 ║  ${w3}║
 ║  ${w4}║
 ║  ${w5}║
-║  ${w6}║
+║  ${w6}║${pathsCheckedInfo}
 ║                                                                     ║
 ╚═════════════════════════════════════════════════════════════════════╝
 `);

diff --git a/apps/server/src/routes/setup/routes/verify-claude-auth.ts b/apps/server/src/routes/setup/routes/verify-claude-auth.ts
@@ -320,9 +320,28 @@ export function createVerifyClaudeAuthHandler() {
         authMethod,
       });
 
+      // Determine specific auth type for success messages
+      let authType: 'oauth' | 'api_key' | 'cli' | undefined;
+      if (authenticated) {
+        if (authMethod === 'api_key') {
+          authType = 'api_key';
+        } else if (authMethod === 'cli') {
+          // Check if CLI auth is via OAuth (Claude Code subscription) or generic CLI
+          // OAuth tokens are stored in the credentials file by the Claude CLI
+          const { getClaudeAuthIndicators } = await import('@automaker/platform');
+          const indicators = await getClaudeAuthIndicators();
+          if (indicators.credentials?.hasOAuthToken) {
+            authType = 'oauth';
+          } else {
+            authType = 'cli';
+          }
+        }
+      }
+
       res.json({
         success: true,
         authenticated,
+        authType,
         error: errorMessage || undefined,
       });
     } catch (error) {

diff --git a/apps/ui/src/components/dialogs/sandbox-risk-dialog.tsx b/apps/ui/src/components/dialogs/sandbox-risk-dialog.tsx
@@ -69,6 +69,29 @@ export function SandboxRiskDialog({ open, onConfirm, onDeny }: SandboxRiskDialog
                 For safer operation, consider running Automaker in Docker. See the README for
                 instructions.
               </p>
+
+              <div className="bg-muted/50 border border-border rounded-lg p-4 space-y-2">
+                <p className="text-sm font-medium text-foreground">
+                  Already running in Docker? Try these troubleshooting steps:
+                </p>
+                <ul className="text-sm text-muted-foreground list-disc list-inside space-y-1">
+                  <li>
+                    Ensure <code className="bg-muted px-1 rounded">IS_CONTAINERIZED=true</code> is
+                    set in your docker-compose environment
+                  </li>
+                  <li>
+                    Verify the server container has the environment variable:{' '}
+                    <code className="bg-muted px-1 rounded">
+                      docker exec automaker-server printenv IS_CONTAINERIZED
+                    </code>
+                  </li>
+                  <li>Rebuild and restart containers if you recently changed the configuration</li>
+                  <li>
+                    Check the server logs for startup messages:{' '}
+                    <code className="bg-muted px-1 rounded">docker-compose logs server</code>
+                  </li>
+                </ul>
+              </div>
             </div>
           </DialogDescription>
         </DialogHeader>

diff --git a/apps/ui/src/components/views/setup-view/steps/claude-setup-step.tsx b/apps/ui/src/components/views/setup-view/steps/claude-setup-step.tsx
@@ -59,6 +59,7 @@ export function ClaudeSetupStep({ onNext, onBack, onSkip }: ClaudeSetupStepProps
   // CLI Verification state
   const [cliVerificationStatus, setCliVerificationStatus] = useState<VerificationStatus>('idle');
   const [cliVerificationError, setCliVerificationError] = useState<string | null>(null);
+  const [cliAuthType, setCliAuthType] = useState<'oauth' | 'cli' | null>(null);
 
   // API Key Verification state
   const [apiKeyVerificationStatus, setApiKeyVerificationStatus] =
@@ -119,6 +120,7 @@ export function ClaudeSetupStep({ onNext, onBack, onSkip }: ClaudeSetupStepProps
   const verifyCliAuth = useCallback(async () => {
     setCliVerificationStatus('verifying');
     setCliVerificationError(null);
+    setCliAuthType(null);
 
     try {
       const api = getElectronAPI();
@@ -138,12 +140,21 @@ export function ClaudeSetupStep({ onNext, onBack, onSkip }: ClaudeSetupStepProps
 
       if (result.authenticated && !hasLimitReachedError) {
         setCliVerificationStatus('verified');
+        // Store the auth type for displaying specific success message
+        const authType = result.authType === 'oauth' ? 'oauth' : 'cli';
+        setCliAuthType(authType);
         setClaudeAuthStatus({
           authenticated: true,
-          method: 'cli_authenticated',
+          method: authType === 'oauth' ? 'oauth_token' : 'cli_authenticated',
           hasCredentialsFile: claudeAuthStatus?.hasCredentialsFile || false,
+          oauthTokenValid: authType === 'oauth',
         });
-        toast.success('Claude CLI authentication verified!');
+        // Show specific success message based on auth type
+        if (authType === 'oauth') {
+          toast.success('Claude Code subscription detected and verified!');
+        } else {
+          toast.success('Claude CLI authentication verified!');
+        }
       } else {
         setCliVerificationStatus('error');
         setCliVerificationError(
@@ -436,9 +447,15 @@ export function ClaudeSetupStep({ onNext, onBack, onSkip }: ClaudeSetupStepProps
                   <div className="flex items-center gap-3 p-4 rounded-lg bg-green-500/10 border border-green-500/20">
                     <CheckCircle2 className="w-5 h-5 text-green-500" />
                     <div>
-                      <p className="font-medium text-foreground">CLI Authentication verified!</p>
+                      <p className="font-medium text-foreground">
+                        {cliAuthType === 'oauth'
+                          ? 'Claude Code subscription verified!'
+                          : 'CLI Authentication verified!'}
+                      </p>
                       <p className="text-sm text-muted-foreground">
-                        Your Claude CLI is working correctly.
+                        {cliAuthType === 'oauth'
+                          ? 'Your Claude Code subscription is active and ready to use.'
+                          : 'Your Claude CLI is working correctly.'}
                       </p>
                     </div>
                   </div>

diff --git a/apps/ui/src/lib/electron.ts b/apps/ui/src/lib/electron.ts
@@ -1442,6 +1442,7 @@ interface SetupAPI {
   verifyClaudeAuth: (authMethod?: 'cli' | 'api_key') => Promise<{
     success: boolean;
     authenticated: boolean;
+    authType?: 'oauth' | 'api_key' | 'cli';
     error?: string;
   }>;
   getGhStatus?: () => Promise<{

diff --git a/apps/ui/src/lib/http-api-client.ts b/apps/ui/src/lib/http-api-client.ts
@@ -1350,6 +1350,7 @@ export class HttpApiClient implements ElectronAPI {
     ): Promise<{
       success: boolean;
       authenticated: boolean;
+      authType?: 'oauth' | 'api_key' | 'cli';
       error?: string;
     }> => this.post('/api/setup/verify-claude-auth', { authMethod, apiKey }),
 

diff --git a/libs/platform/src/index.ts b/libs/platform/src/index.ts
@@ -134,6 +134,8 @@ export {
   findClaudeCliPath,
   getClaudeAuthIndicators,
   type ClaudeAuthIndicators,
+  type FileCheckResult,
+  type DirectoryCheckResult,
   findCodexCliPath,
   getCodexAuthIndicators,
   type CodexAuthIndicators,