How to Use and Deploy MCP Servers for Cloudflare

A Cloudflare MCP server is a Model Context Protocol integration that lets AI agents manage Cloudflare services including Workers, KV storage, R2 buckets, DNS records, and security settings. Instead of switching between the Cloudflare dashboard, Wrangler CLI, and API docs, you point your AI agent at an MCP endpoint and describe what you want done.

There are two distinct use cases here, and most existing guides only cover one:

1. Managing Cloudflare resources from an AI agent. Cloudflare publishes official MCP servers that expose their entire API surface. Your agent connects, authenticates via OAuth, and can create Workers, update DNS records, query analytics, or configure Zero Trust policies.

2. Deploying your own MCP server on Cloudflare Workers. If you're building an AI-powered tool or service, Cloudflare Workers gives you a serverless runtime at 300+ edge locations with built-in OAuth, Durable Objects for state, and Streamable HTTP transport.

Cloudflare handles over 20% of global internet traffic, which means their infrastructure team has already solved the hard problems around latency, authentication, and scale that you'd face building this yourself.

Cloudflare publishes 16 specialized MCP servers alongside one master server that covers the entire API. Each serves a different part of the platform.

The main Cloudflare API MCP server uses a technique called Code Mode. Rather than exposing thousands of individual tool definitions (which would consume over 1 million tokens of context), it provides just two tools: search() and execute(). The agent writes JavaScript against a typed OpenAPI representation, and the generated code runs inside an isolated Dynamic Worker sandbox. The result is roughly 1,000 tokens of context instead of 1.17 million.

To connect, add this to your MCP client configuration:

{
  "mcpServers": {
    "cloudflare-api": {
      "url": "https://mcp.cloudflare.com/mcp"
    }
  }
}

Authentication happens through OAuth. You authorize specific permissions when connecting, so the agent only gets access to what you approve.

The specialized servers cover specific product areas with curated tool sets:

• Workers Bindings (bindings.mcp.cloudflare.com/mcp): Build with storage, AI, and compute bindings
• Workers Builds (builds.mcp.cloudflare.com/mcp): Monitor and manage build pipelines
• Observability (observability.mcp.cloudflare.com/mcp): Debug logs and analytics
• Radar (radar.mcp.cloudflare.com/mcp): Internet traffic insights and URL scanning
• Container (containers.mcp.cloudflare.com/mcp): Sandbox execution environments
• Browser Rendering (browser.mcp.cloudflare.com/mcp): Page fetching and screenshots
• AI Gateway (ai-gateway.mcp.cloudflare.com/mcp): Prompt and response logging
• Audit Logs (auditlogs.mcp.cloudflare.com/mcp): Query and reporting
• DNS Analytics (dns-analytics.mcp.cloudflare.com/mcp): Performance data
• Documentation (docs.mcp.cloudflare.com/mcp): Reference search

All servers use Streamable HTTP transport and work with Claude, Cursor, Windsurf, and any client that supports the MCP specification.

If you're building a product or internal tool that AI agents should interact with, you can deploy your own MCP server on Cloudflare Workers. This gives you serverless execution at 300+ edge locations, built-in OAuth support, and near-zero costs through WebSocket hibernation.

Cloudflare provides three implementation approaches:

Stateless with createMcpHandler() works best for simple tools that don't need session persistence. No Durable Objects required, and you can deploy with minimal configuration.

Stateful with McpAgent uses Durable Objects to maintain per-session state. If your tools need to remember context across multiple calls within a session, this is the right choice.

Raw transport with @modelcontextprotocol/sdk gives you full control over the Streamable HTTP transport layer. Use this when you need custom behavior that the higher-level abstractions don't support.

Here's a basic deployment flow using the CLI:

npm create cloudflare@latest my-mcp-server
npm start  # local dev on port 8788
npx wrangler@latest deploy

Your server runs at my-mcp-server.your-account.workers.dev/mcp and accepts connections from any MCP client. For production use, add OAuth through Cloudflare's workers-oauth-provider library. It wraps your Worker code and handles the full OAuth 2.1 flow, so your tool handlers receive pre-authenticated user details without managing tokens directly.

You can also use Cloudflare Access as the identity layer, integrating with GitHub, Google, or any SAML/OIDC provider. Access policies control which users can reach specific tools, and every tool call gets logged.

Give your Cloudflare agents persistent, searchable storage

Fast.io workspaces auto-index files for AI search and chat. 50 GB free storage, MCP-native endpoint, no credit card.

Sign Up Free

MCP server portals in Cloudflare One solve a practical problem: when you have multiple MCP servers across your organization, you need a way to centralize access control, audit tool usage, and prevent agents from reaching services they shouldn't.

A portal combines multiple MCP servers behind a single HTTP endpoint. Admins curate which tools and prompts are available for specific use cases, and Cloudflare Access handles authentication. Users authenticate once through the portal, then separately to each OAuth-secured server behind it.

The security features go deeper than authentication:

• DLP scanning inspects portal traffic for sensitive data before it leaves your network
• Tool-level access logs record every individual tool call, not just connection events
• Gateway routing enables HTTP-level logging for compliance and forensics
• Session management lets users enable, disable, or reauthenticate individual servers within the portal

Setting up a portal requires a Cloudflare domain with DNS configured and an identity provider on Zero Trust. From there, you add MCP servers in the Zero Trust dashboard, create a portal with your chosen servers, configure access policies, and connect clients using the portal URL.

This is particularly useful for teams where multiple agents access different Cloudflare services. Instead of distributing API tokens to each agent, you route everything through the portal and let Access policies determine what each agent can do.

The practical value of Cloudflare MCP servers shows up when you wire them into agent workflows. Here are the patterns that work well.

Infrastructure-as-conversation. Instead of writing Terraform or clicking through dashboards, tell your agent: "Create a KV namespace called session-cache and bind it to my auth-worker." The agent uses search() to find the relevant API endpoints, then execute() to make the calls. Because Code Mode covers all 2,500+ Cloudflare API endpoints, you're not limited to a subset of operations.

Incident response. Connect the Observability and Audit Logs servers to your incident management agent. When something breaks, the agent can pull recent error logs, check deployment history, query DNS analytics for resolution failures, and correlate events across services, all without a human switching between dashboard tabs.

Deployment automation. An agent connected to the Workers Builds and Workers Bindings servers can monitor build status, update environment variables, and roll back deployments. Pair this with the Container server for running integration tests in sandboxed environments before promoting to production.

Security auditing. The CASB server scans for SaaS security misconfigurations, while Audit Logs tracks who did what and when. An agent can run periodic security reviews and flag issues before they become incidents.

For teams that produce files, reports, or other artifacts during these workflows, you need somewhere to store and share the output. Local filesystems don't work when agents run in serverless environments. Cloud storage services like S3 or Google Cloud Storage handle the raw storage, but they lack built-in search, collaboration, or handoff workflows. Fast.io fills this gap with workspaces that index files automatically for semantic search and AI chat. Your Cloudflare management agent can write incident reports or deployment logs to a Fast.io workspace, where team members find them through natural language queries instead of digging through folder hierarchies. The free agent plan includes 50 GB of storage and 5,000 AI credits per month with no credit card required.

Cloudflare Workers run stateless by default. KV and R2 handle data persistence within Cloudflare's ecosystem, but when your agents produce artifacts that humans need to review, approve, or act on, you need a collaboration layer on top of raw storage.

Consider a deployment pipeline where an AI agent monitors Cloudflare Workers builds, generates performance reports, and flags regressions. The agent needs to store those reports somewhere that the engineering team can access, search, and discuss. R2 stores files, but it doesn't index them for search or provide a UI for collaboration.

Fast.io's MCP server connects directly to agent workflows through Streamable HTTP at /mcp. An agent managing Cloudflare infrastructure can write deployment summaries, security audit results, or incident reports to a shared workspace. Intelligence Mode auto-indexes every file, so team members can ask questions like "What changed in the last three deployments?" and get answers with citations pointing to specific reports.

The ownership transfer pattern works well here too. An agent can build out a workspace with Cloudflare configuration documentation, runbooks, and monitoring dashboards. Once the project is ready, the agent transfers ownership to a human operator who takes over day-to-day management. The agent retains admin access for ongoing automation.

For multi-agent setups where one agent manages Cloudflare and another handles reporting or communication, file locks prevent conflicts when both agents write to the same workspace. Webhooks notify downstream agents when new files arrive, so you can build reactive pipelines without polling.

Other storage options work for simpler cases. S3 with CloudFront handles static file serving. Google Drive works if your team already lives in Google Workspace. For agent-native workflows that need built-in search, AI chat, and human handoff, Fast.io's free tier covers most teams getting started.