diff --git a/letta/server/rest_api/routers/v1/tools.py b/letta/server/rest_api/routers/v1/tools.py
index 89ae8e18..acff6d84 100644
--- a/letta/server/rest_api/routers/v1/tools.py
+++ b/letta/server/rest_api/routers/v1/tools.py
@@ -859,21 +859,20 @@ async def mcp_oauth_callback(
             error_msg = f"OAuth error: {error}"
             if error_description:
                 error_msg += f" - {error_description}"
-            # Use the legacy MCPOAuthSession class to update status
-            legacy_session = MCPOAuthSession(oauth_session.id)
-            await legacy_session.update_session_status(OAuthSessionStatus.ERROR)
+            # Note: Using MCPOAuthSession directly because this callback is unauthenticated
+            # (called by OAuth provider) and the manager's update_oauth_session requires an actor
+            await MCPOAuthSession(oauth_session.id).update_session_status(OAuthSessionStatus.ERROR)
             return {"status": "error", "message": error_msg}
 
         if not code:
-            legacy_session = MCPOAuthSession(oauth_session.id)
-            await legacy_session.update_session_status(OAuthSessionStatus.ERROR)
+            await MCPOAuthSession(oauth_session.id).update_session_status(OAuthSessionStatus.ERROR)
             return {"status": "error", "message": "Missing authorization code"}
 
-        # Store authorization code using the legacy session class
-        legacy_session = MCPOAuthSession(oauth_session.id)
-        success = await legacy_session.store_authorization_code(code, state)
+        # Store authorization code (using MCPOAuthSession since callback is unauthenticated)
+        session_handler = MCPOAuthSession(oauth_session.id)
+        success = await session_handler.store_authorization_code(code, state)
         if not success:
-            await legacy_session.update_session_status(OAuthSessionStatus.ERROR)
+            await session_handler.update_session_status(OAuthSessionStatus.ERROR)
             return {"status": "error", "message": "Failed to store authorization code"}
 
         return {"status": "success", "message": "Authorization successful", "server_url": success.server_url}
diff --git a/letta/services/mcp_manager.py b/letta/services/mcp_manager.py
index c579de13..9f653660 100644
--- a/letta/services/mcp_manager.py
+++ b/letta/services/mcp_manager.py
@@ -386,7 +386,7 @@ class MCPManager:
                     )
                     oauth_sessions = result.scalars().all()
 
-                    # TODO: @jnjpng we should upate sessions in bulk
+                    # TODO: @jnjpng we should update sessions in bulk
                     for oauth_session in oauth_sessions:
                         oauth_session.server_id = mcp_server.id
                         await oauth_session.update_async(db_session=session, actor=actor, no_commit=True)
diff --git a/letta/services/mcp_server_manager.py b/letta/services/mcp_server_manager.py
index 7604e6cb..aeb87c8a 100644
--- a/letta/services/mcp_server_manager.py
+++ b/letta/services/mcp_server_manager.py
@@ -482,7 +482,7 @@ class MCPServerManager:
                     )
                     oauth_sessions = result.scalars().all()
 
-                    # TODO: @jnjpng we should upate sessions in bulk
+                    # TODO: @jnjpng we should update sessions in bulk
                     for oauth_session in oauth_sessions:
                         oauth_session.server_id = mcp_server.id
                         await oauth_session.update_async(db_session=session, actor=actor, no_commit=True)