Cloudflare MCP Server – API and Infrastructure Control
Cloudflare's official API MCP server gives AI agents token-efficient access to the Cloudflare API across more than 2,500 endpoints. Use it to inspect account configuration, search Cloudflare documentation, manage supported infrastructure, and automate authorized operations across Cloudflare products.
Overview
Cloudflare's official API MCP server connects compatible AI agents to the
Cloudflare API through a managed remote endpoint. It uses Cloudflare's Code Mode
approach, which exposes a compact set of tools rather than loading thousands of
individual API definitions into the agent's context. This gives the agent broad
access while keeping tool metadata comparatively small.
What the MCP server enables
The server covers more than 2,500 Cloudflare API endpoints across products such
as Workers, KV, R2, D1, Pages, DNS, Firewall, Load Balancers, Stream, Images,
AI Gateway, Vectorize, Access, and Gateway. Its documented tools let an agent:
- Search Cloudflare developer documentation.
- Search the typed API specification for relevant endpoints.
- Execute authorized Cloudflare API requests in an isolated Dynamic Worker.
- Inspect account and zone configuration.
- Create, update, or remove supported resources when token permissions allow.
- Automate workflows spanning application development, security, networking,
storage, observability, and performance services.
When to use it
Use Cloudflare MCP when an agent needs broad Cloudflare account access rather
than a narrow product-specific tool set. Typical workflows include listing or
deploying Workers, managing KV or R2 resources, updating DNS records, reviewing
security settings, querying analytics, configuring Zero Trust services, and
researching Cloudflare APIs before making an approved change.
Connection and authentication
The official endpoint is https://mcp.cloudflare.com/mcp over Streamable HTTP.
OAuth is the recommended authentication method: the user is redirected to
Cloudflare and selects the permissions granted to the agent.
For CI/CD, automation, or clients that manage credentials directly, Cloudflare
supports a Cloudflare API token in the Authorization header as a Bearer token.
Both user tokens and account tokens are supported. Account tokens should include
Account Resources read permission so the server can identify the account.
Key considerations
API access is limited by the permissions on the OAuth grant or API token. Create
narrowly scoped tokens and require human confirmation for destructive,
security-sensitive, or production changes. API tokens using Client IP Address
Filtering are not currently supported by this MCP server. Code Mode executes
agent-generated JavaScript inside an isolated Cloudflare sandbox; clients can
disable Code Mode with ?codemode=false, but doing so exposes thousands of
individual tools and substantially increases context usage. Cloudflare also
offers product-specific MCP servers when curated tools are preferable.
Supported Transports
streamable_http
URL: https://mcp.cloudflare.com/mcp
Frequently Asked Questions
- When should an AI agent use the Cloudflare MCP server?
- Use it when a workflow needs broad, current access across Cloudflare products, such as managing Workers, storage, DNS, security, networking, analytics, Zero Trust services, or other resources exposed by the Cloudflare API.
- What does the Cloudflare MCP server add to an AI agent's capabilities?
- It gives the agent token-efficient access to more than 2,500 Cloudflare API endpoints, plus Cloudflare documentation search, API-specification search, and authorized request execution instead of relying only on static model knowledge.
- What can an AI agent access or manage through Cloudflare MCP?
- Depending on granted permissions, the agent can work with Workers, KV, R2, D1, Pages, DNS, Firewall, Load Balancers, Stream, Images, AI Gateway, Vectorize, Access, Gateway, analytics, and other services represented in the Cloudflare API.
- How is authentication configured for the Cloudflare MCP server?
- OAuth is the recommended method and lets the user approve selected permissions interactively. For automation, a user or account API token can be sent as a Bearer token. Use minimum permissions, and give account tokens Account Resources read access when account auto-detection is required.
- Which transport should be used for the Cloudflare MCP server?
- Use Streamable HTTP with https://mcp.cloudflare.com/mcp. Cloudflare's older SSE transport is deprecated and is not included in this YAML. The hosted endpoint can use OAuth or a scoped Cloudflare API token.