unofficial mcp server for cloudflare api
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"cloudflare-mcp": {
"command": "<see-readme>",
"args": []
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
A smol MCP server for the complete Cloudflare API.
No automated test available for this server. Check the GitHub README for setup instructions.
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
No package registry to scan.
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in cloud
⚡ A Simple / Speedy / Secure Link Shortener with Analytics, 100% run on Cloudflare.
MCP Server for GCP environment for interacting with various Observability APIs.
MCP Server for kubernetes management commands
IAM Policy Autopilot is an open source static code analysis tool that helps you quickly create baseline AWS IAM policies that you can refine as your application evolves. This tool is available as a command-line utility and MCP server for use within AI coding assistants for quickly building IAM policies.
MCP Security Weekly
Get CVE alerts and security updates for Cloudflare Mcp and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
A smol MCP server for the complete Cloudflare API.
Uses codemode to avoid dumping too much context to your agent.
Create a Cloudflare API token with the permissions you need.
Both user tokens and account tokens are supported:
| Token Type | Description | Requirements |
|---|---|---|
| User Token | Created at user level, can access multiple accounts | Requires account_id parameter on each execute call |
| Account Token | Scoped to single account | account_id auto-detected, no parameter needed |
For account tokens, include the Account Resources : Read permission so the server can auto-detect your account ID.
MCP URL: https://cloudflare-mcp.mattzcarey.workers.dev/mcp
Bearer Token: Your Cloudflare API Token
export CLOUDFLARE_API_TOKEN="your-token-here"
claude mcp add --transport http cloudflare-api https://cloudflare-mcp.mattzcarey.workers.dev/mcp \
--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN"
Set your API token as an environment variable:
export CLOUDFLARE_API_TOKEN="your-token-here"
Then add to your opencode.json:
{
"mcp": {
"cloudflare-api": {
"type": "remote",
"url": "https://cloudflare-mcp.mattzcarey.workers.dev/mcp",
"headers": {
"Authorization": "Bearer {env:CLOUDFLARE_API_TOKEN}"
}
}
}
}
The Cloudflare OpenAPI spec is 2.3 million tokens in JSON format. Even compressed to TypeScript endpoint summaries, it's still ~50k tokens. Traditional MCP servers that expose every endpoint as a tool, or include the full spec in tool descriptions, leak this entire context to the main agent.
This server solves the problem by using code execution in a codemode pattern - the spec lives on the server, and only the results of queries are returned to the agent.
Two tools where the agent writes code to search the spec and execute API calls. Akin to ACI.dev's MCP server but with added codemode.
| Tool | Description |
|---|---|
search | Write JavaScript to query spec.paths and find endpoints |
execute | Write JavaScript to call cloudflare.request() with the discovered endpoints |
Token usage: Only search results and API responses are returned. The 6MB spec stays on the server.
Agent MCP Server
│ │
├──search({code: "..."})───────►│ Execute code against spec.json
│◄──[matching endpoints]────────│
│ │
├──execute({code: "..."})──────►│ Execute code against Cloudflare API
│◄──[API response]──────────────│
Workers, KV, R2, D1, Pages, DNS, Firewall, Load Balancers, Stream, Images, AI Gateway, Vectorize, Access, Gateway, and more. See the full Cloudflare API schemas.
Once configured, just ask your agent to do things with Cloudflare:
The agent will search for the right endpoints and execute the API calls. Here's what happens behind the scenes:
// 1. Search for endpoints
search({
code: `async
... [View full README on GitHub](https://github.com/mattzcarey/cloudflare-mcp#readme)