The Figma MCP server fails to authenticate when using opencode, returning a 403 Forbidden error.
To Reproduce
1. Configure Figma MCP in opencode.json:
{
"mcp": {
"figma": {
"type": "remote",
"url": "https://mcp.figma.com/mcp",
"enabled": true,
"oauth": {}
}
}
}
2. Run: opencode mcp auth figma
3. Error received: HTTP 403: Invalid OAuth error response: SyntaxError: JSON Parse error:
Unexpected identifier "Forbidden". Raw body: Forbidden
Expected behavior
OAuth authentication should succeed, as it does with other MCP servers like Context7, Sentry, etc.
Root cause
According to Figma's documentation (https://help.figma.com/hc/en-us/articles/32132100833559), Figma only supports a pre-approved allowlist of MCP clients:
- Claude Code ✓
- Cursor ✓
- VS Code ✓
- Codex ✓
- etc.
OpenCode is not on this list, so Figma's authorization server rejects the OAuth flow.
Discussion
Figma's approach breaks the core promise of MCP - that any client should work with any server. This creates vendor lock-in and limits the ecosystem.
This appears to be an architectural issue with Figma's MCP implementation - they're treating MCP like a proprietary API rather than following the protocol's interoperability standard. Other MCP servers (Context7, Atlassian, AWS, Sentry, etc.) work fine with OpenCode.
