1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173# Cloudflare MCP Server
> A token-efficient MCP server for the entire Cloudflare API. 2500 endpoints in 1k tokens, powered by [Code Mode](https://blog.cloudflare.com/code-mode-mcp/).
## Token Comparison
| Approach | Tools | Token cost | Context used (200K) |
| ------------------------------------------- | ----- | ---------- | ------------------- |
| Raw OpenAPI spec in prompt | β | ~2,000,000 | 977% |
| Native MCP (full schemas) | 2,594 | 1,170,523 | 585% |
| Native MCP (minimal β required params only) | 2,594 | 244,047 | 122% |
| Code mode | 2 | 1,069 | 0.5% |
## Get Started
MCP URL: `https://mcp.cloudflare.com/mcp`
### Option 1: OAuth (Recommended)
Just connect to the MCP server URL - you'll be redirected to Cloudflare to authorize and select permissions.
#### Example JSON Configuration
```json
{
"mcpServers": {
"cloudflare-api": {
"url": "https://mcp.cloudflare.com/mcp"
}
}
}
```
### Option 2: API Token
For CI/CD, automation, or if you prefer managing tokens yourself.
Create a [Cloudflare API token](https://dash.cloudflare.com/profile/api-tokens) with the permissions you need. Both **user tokens** and **account tokens** are supported. For account tokens, include the **Account Resources : Read** permission so the server can auto-detect your account ID.
### Add to Agent
| Setting | Value |
| ------------ | --------------------------------------------------------------------------- |
| MCP URL | `https://mcp.cloudflare.com/mcp` |
| Bearer Token | Your [Cloudflare API Token](https://dash.cloudflare.com/profile/api-tokens) |
## The Problem
The Cloudflare OpenAPI spec is **2 million tokens**. Even with native MCP tools using minimal schemas, it's still **~244k tokens**. Traditional MCP servers that expose every endpoint as a tool leak this entire context to the main agent.
This server solves the problem by using **code execution** in a [Code Mode](https://blog.cloudflare.com/code-mode-mcp/) pattern - the spec lives on the server, and only the result of the code execution is returned to the agent.
## Tools
Agent writes code to search the spec and execute API calls.
| Tool | Description |
| --------- | ----------------------------------------------------------------------------- |
| `search` | Write JavaScript to query `spec.paths` and find endpoints |
| `execute` | Write JavaScript to call `cloudflare.request()` with the discovered endpoints |
```
Agent MCP Server
β β
βββsearch({code: "..."})ββββββββΊβ Execute code against spec.json
ββββ[matching endpoints]βββββββββ
β β
βββexecute({code: "..."})βββββββΊβ Execute code against Cloudflare API
ββββ[API response]βββββββββββββββ
```
## Supported Products
Workers, KV, R2, D1, Pages, DNS, Firewall, Load Balancers, Stream, Images, AI Gateway, Vectorize, Access, Gateway, and more. See the full [Cloudflare API schemas](https://github.com/cloudflare/api-schemas).
## Usage
Once configured, just ask your agent to do things with Cloudflare:
- "List all my Workers"
- "Create a KV namespace called 'my-cache'"
- "Add an A record for api.example.com pointing to 192.0.2.1"
The agent will search for the right endpoints and execute the API calls. Here's what happens behind the scenes:
```javascript
// 1. Search for endpoints
search({
code: `async () => {
const results = [];
for (const [path, methods] of Object.entries(spec.paths)) {
for (const [method, op] of Object.entries(methods)) {
if (op.tags?.some(t => t.toLowerCase() === 'workers')) {
results.push({ method: method.toUpperCase(), path, summary: op.summary });
}
}
}
return results;
}`,
});
// 2. Execute API call (user token - account_id required)
execute({
code: `async () => {
const response = await cloudflare.request({
method: "GET",
path: \`/accounts/\${accountId}/workers/scripts\`
});
return response.result;
}`,
account_id: "your-account-id",
});
// 2. Execute API call (account token - account_id auto-detected)
execute({
code: `async () => {
const response = await cloudflare.request({
method: "GET",
path: \`/accounts/\${accountId}/workers/scripts\`
});
return response.result;
}`,
});
```
### GraphQL Analytics API
The server automatically detects and handles Cloudflare's GraphQL Analytics API endpoints. GraphQL queries work seamlessly through the same `execute` tool:
```javascript
execute({
code: `async () => {
const response = await cloudflare.request({
method: "POST",
path: "/client/v4/graphql",
body: {
query: \`query {
viewer {
zones(filter: { zoneTag: "\${accountId}" }) {
httpRequests1dGroups(limit: 7, orderBy: [date_ASC]) {
dimensions {
date
}
sum {
requests
bytes
cachedBytes
}
}
}
}
}\`,
variables: {}
}
});
return response.result;
}`,
account_id: "your-account-id",
});
```
## Build a Code Mode MCP Server
Code execution uses Cloudflare's [Dynamic Worker Loader API](https://developers.cloudflare.com/workers/runtime-apis/bindings/worker-loader/) to run generated code in isolated Workers, following the [Code Mode pattern](https://github.com/cloudflare/agents/tree/main/packages/codemode).
Read the [Code Mode SDK docs](https://developers.cloudflare.com/agents/api-reference/codemode/) for more info.
### Resources
- [Code Mode blog post](https://blog.cloudflare.com/code-mode/)
- [Build your own remote MCP server](https://developers.cloudflare.com/agents/guides/remote-mcp-server/)
- [Cloudflare's own MCP Servers](https://github.com/cloudflare/mcp-server-cloudflare)