If you manage Cloudflare infrastructure -- Workers, D1 databases, R2 buckets, DNS records, or Zero Trust policies -- you can connect an AI agent to all of it through the official Cloudflare MCP server. MCPFind's cloud category indexes 85 servers, and the Cloudflare server leads the category with 3,566 stars on the com.cloudflare.mcp server listing. That star count reflects how widely the server is used across teams that want to query, deploy, and manage Cloudflare resources from Claude, Cursor, Windsurf, or any other MCP-compatible client. This guide covers the full API server, the purpose-built Bindings development server, and how to use Workers itself as a host for your own MCP endpoints. For a broader look at what MCP is and how servers work, the what-is-mcp guide covers the fundamentals. And if you are thinking about hosting any MCP server remotely, the remote server hosting guide covers the Cloudflare Workers deployment pattern in depth.
What Does the Cloudflare MCP Server Give You Access To?
The main Cloudflare MCP server exposes the complete Cloudflare REST API, which covers over 2,500 endpoints. From a single connection, an agent can query DNS records, inspect Workers deployments, list R2 buckets, read D1 database schemas, check Zero Trust access policies, and review Cloudflare Analytics. This makes it one of the broadest single-service MCP integrations available.
Read operations let you audit your entire account: list all Workers by subdomain and status, check which routes map to which scripts, inspect KV namespace keys, and review firewall rules. Write operations let agents create and update resources: deploy new Workers scripts, add DNS records, create R2 buckets, and modify Zero Trust rules.
The cloud category average of 115 stars per server signals that production-quality cloud tools exist in the index. Cloudflare's 3,566 stars puts it well above that average and reflects years of community use and official maintenance from the Cloudflare engineering team, not just an early proof of concept.
How Do You Connect the Cloudflare MCP Server to Claude or Cursor?
The fastest path is to add the remote MCP server URL to your client config. The Cloudflare-hosted server runs at https://mcp.cloudflare.com and authenticates through OAuth. In Claude Desktop on macOS, add it as a remote server entry in ~/Library/Application Support/Claude/claude_desktop_config.json. The OAuth flow opens a browser window where you authorize access to your Cloudflare account.
For environments where you prefer a local server or cannot use OAuth, you can run the server locally via npx:
{
"mcpServers": {
"cloudflare": {
"command": "npx",
"args": ["@cloudflare/mcp-server-cloudflare"],
"env": {
"CLOUDFLARE_API_TOKEN": "your-scoped-api-token"
}
}
}
}The local setup uses a scoped API token rather than OAuth. Generate the token in your Cloudflare dashboard under My Profile and API Tokens. Create a Custom Token that grants only the permissions your agent needs -- for example, Worker Scripts Edit and D1 Read if you are using the agent for Workers development -- rather than a Global API Key that covers everything on your account.
How Do You Use the Cloudflare Bindings Server for D1, R2, and KV?
The Bindings MCP server is a separate, purpose-built tool designed for active development sessions. When you are building a Workers application and want an AI agent to interact with your actual D1 database, R2 bucket, or KV namespace during coding, the Bindings server handles that. It gives the agent direct access to your application primitives rather than routing through the full Cloudflare REST API.
In a typical session, you might ask Claude to create a D1 table matching a schema you describe, seed it with test data, and then query the records to confirm the structure is correct. The Bindings server translates each of those steps into real operations on your Workers account. You see the results immediately in your conversation rather than switching to the Cloudflare dashboard or running wrangler commands manually.
The Bindings server is best for short-lived development sessions rather than production automation. It operates with the same permissions as your API token, so use a token scoped to the specific project's resources rather than your primary account token. Configure it in your MCP client the same way as the main server, pointing to the Bindings endpoint instead.
What Cloudflare Workers Tasks Can AI Agents Handle Through MCP?
Workers management is where agents save the most time for teams iterating on serverless functions. You can describe a change in natural language -- "add a cache-control header to all API responses in the fetch handler" -- and the agent reads your current script, drafts the change, and proposes the update. You review the diff before approving the deployment.
DNS management is another common use case. Agents can list all records for a domain, add or update A and CNAME records, and check TTL values across your zone -- all without leaving your IDE. For teams managing multiple zones, this is faster than clicking through the Cloudflare dashboard.
R2 bucket operations let agents list objects, check metadata, retrieve specific files by key, and in read-write mode upload or delete objects. This is useful for inspecting what is stored in a bucket during debugging or for automated audits that check bucket contents against expected inventory. D1 database agents can run SQL queries, describe table schemas, and insert or update rows, making them practical for data inspection tasks during development.
How Do You Deploy Your Own MCP Server on Cloudflare Workers?
If you are building a product or internal tool that AI agents should interact with, deploying your server on Workers gives you global reach at low cost. Workers runs at 300+ edge locations, charges only for actual requests, and supports WebSocket hibernation for persistent MCP sessions that would otherwise keep a connection alive and incur continuous costs.
The simplest deployment uses Cloudflare's createMcpHandler() helper, which wraps your tool definitions and handles the MCP protocol negotiation. You define tools as JavaScript or TypeScript functions, export them through createMcpHandler(), and deploy with wrangler deploy. The result is a stateless MCP endpoint accessible from any MCP client that supports remote servers.
For servers that need session state -- for example, an MCP server that manages a multi-step workflow with intermediate results -- you add a Durable Object to your Workers setup. The Durable Object persists state between requests within a session. Cloudflare's agent documentation covers the full setup with both the stateless and stateful patterns, including OAuth support for controlled access to your deployed server.
How Does Cloudflare MCP Compare to Other Cloud Infrastructure Servers?
The Cloudflare MCP server is strongest for teams already running Workers, Pages, R2, and Zero Trust in their stack. A single server connection covers all of those products at once. Teams running AWS or GCP alongside Cloudflare will need separate MCP servers for those providers -- there is no cross-cloud abstraction layer in MCP today.
Compared to AWS and GCP MCP options in MCPFind's cloud category, Cloudflare's server stands out for the active maintenance behind it. With 3,566 stars and an official SDK backing it, you get faster updates when Cloudflare ships new products or API changes than community-maintained alternatives typically provide.
For teams looking at the full MCP catalog, you can compare all 85 cloud-category servers in MCPFind's cloud category listing, sorted by star count and recent activity, to find the right match for your infrastructure stack.
Gus Marquez