It seems that during auto-creation of a local account (for an existing global user), you can not use CentralAuth tokens.
See T119736#2451220:
2016-07-10 13:41:27 [V4JQhwpAEHwAAEgXGxgAAAAV] mw1144 commonswiki 1.28.0-wmf.9 exception ERROR: [V4JQhwpAEHwAAEgXGxgAAAAV] /w/api.php?action=query&format=json&origin=https%3A%2F%2Fpl%2Ewikipedia%2Eorg¢ralauthtoken=REDACTED&meta=userinfo&uiprop=groups%7Crights UsageException from line 1487 of /srv/mediawiki/php-1.28.0-wmf.9/includes/api/ApiBase.php: Can only obtain a centralauthtoken when using CentralAuth sessions {"exception_id":"V4JQhwpAEHwAAEgXGxgAAAAV"} [Exception UsageException] (/srv/mediawiki/php-1.28.0-wmf.9/includes/api/ApiBase.php:1487) Can only obtain a centralauthtoken when using CentralAuth sessions #0 /srv/mediawiki/php-1.28.0-wmf.9/extensions/CentralAuth/includes/api/ApiCentralAuthToken.php(51): ApiBase->dieUsage(string, string) #1 /srv/mediawiki/php-1.28.0-wmf.9/includes/api/ApiMain.php(1406): ApiCentralAuthToken->execute() #2 /srv/mediawiki/php-1.28.0-wmf.9/includes/api/ApiMain.php(471): ApiMain->executeAction() #3 /srv/mediawiki/php-1.28.0-wmf.9/extensions/Echo/includes/ForeignWikiRequest.php(39): ApiMain->execute() #4 /srv/mediawiki/php-1.28.0-wmf.9/extensions/Echo/includes/ForeignWikiRequest.php(78): EchoForeignWikiRequest->getCentralAuthToken(User) #5 /srv/mediawiki/php-1.28.0-wmf.9/extensions/Echo/includes/ForeignWikiRequest.php(58): EchoForeignWikiRequest->getQueryParams(string) #6 /srv/mediawiki/php-1.28.0-wmf.9/extensions/Echo/includes/ForeignWikiRequest.php(25): EchoForeignWikiRequest->getRequestParams() #7 /srv/mediawiki/php-1.28.0-wmf.9/extensions/Echo/includes/NotifUser.php(710): EchoForeignWikiRequest->execute() #8 /srv/mediawiki/php-1.28.0-wmf.9/extensions/Echo/includes/NotifUser.php(741): MWEchoNotifUser->getForeignData() #9 /srv/mediawiki/php-1.28.0-wmf.9/extensions/Echo/includes/NotifUser.php(488): MWEchoNotifUser->getForeignCount(string) #10 /srv/mediawiki/php-1.28.0-wmf.9/extensions/Echo/Hooks.php(1147): MWEchoNotifUser->resetNotificationCount() #11 /srv/mediawiki/php-1.28.0-wmf.9/includes/Hooks.php(195): EchoHooks::onUserSaveSettings(User) #12 /srv/mediawiki/php-1.28.0-wmf.9/includes/user/User.php(3952): Hooks::run(string, array) #13 /srv/mediawiki/php-1.28.0-wmf.9/includes/auth/AuthManager.php(1678): User->saveSettings() #14 /srv/mediawiki/php-1.28.0-wmf.9/includes/Setup.php(861): MediaWiki\Auth\AuthManager->autoCreateUser(User, string, boolean) #15 /srv/mediawiki/php-1.28.0-wmf.9/includes/WebStart.php(137): include(string) #16 /srv/mediawiki/php-1.28.0-wmf.9/api.php(38): include(string) #17 /srv/mediawiki/w/api.php(3): include(string) #18 {main}
Echo has been changed in rECHOe63b8799a480: ForeignWikiRequest: Bail early for non-global users (also backported) to stop trying to use CentralAuth here, but I'm wondering if we want this to/it could work.