Cloudflare MCP

by Cloudflare

Cloudflare's MCP offering: 14 hosted remote MCP servers segmented by product surface (Workers Bindings, Observability, Radar, Browser Rendering, Logpush, AI Gateway, Audit Logs, DNS Analytics, DEX, CASB, GraphQL, Docs, Container, Builds) plus a Code Mode server for broader API access. All authenticate via OAuth.

★ 3,665·0 tools·Released NOV 2024·Apache-2.0

npx mcp-remote https://docs.mcp.cloudflare.com/mcp

“Cloudflare's MCP offering is structurally different from every other cloud server in this directory and worth understanding before installing. There are 14 domain-specific hosted servers (Workers Bindings, Observability, Radar, Browser Rendering, Logpush, AI Gateway, Audit Logs, DNS Analytics, DEX, CASB, GraphQL, Documentation, Container, Builds), plus a separate "Code Mode" server at mcp.cloudflare.com that gives the agent broad API access via code execution. They run as remote MCP servers; the agent connects via URL, authenticates via OAuth, and runs entirely on Cloudflare's infrastructure. This is the pattern to copy for vendor MCP servers: hosted, OAuth-scoped, segmented by product surface so the agent receives only the permission set it needs. The drawback is operational: 14 endpoints means 14 OAuth flows, and choosing the right one for a given task is its own learning curve. Cloudflare publishes guidance on which to use when, which helps; expect a week of "wait, which server has that tool?" before it clicks.”
Reviewed by M. Nouriel · APR 2026

// Connect

INSTALL THIS SERVER

Requires authenticationCloudflare API token via OAuth (per-server scopes)

{
  "mcpServers": {
    "cloudflare-observability": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "https://observability.mcp.cloudflare.com/mcp"
      ]
    }
  }
}

PrereqChoose the URL for the Cloudflare server you need (14 options). Authenticate via OAuth on first run.

{
  "mcpServers": {
    "cloudflare-observability": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "https://observability.mcp.cloudflare.com/mcp"
      ]
    }
  }
}

{
  "mcpServers": {
    "cloudflare-observability": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "https://observability.mcp.cloudflare.com/mcp"
      ]
    }
  }
}

{
  "mcpServers": {
    "cloudflare-observability": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "https://observability.mcp.cloudflare.com/mcp"
      ]
    }
  }
}

{
  "mcpServers": {
    "cloudflare-observability": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "https://observability.mcp.cloudflare.com/mcp"
      ]
    }
  }
}

// Editorial Review

OUR ASSESSMENT

Strengths

Hosted remote servers eliminate local installation; agents connect via URL.
14 domain-specific servers segment permissions by product, so the agent sees only the API surface for the task.
OAuth-based authentication scoped per server; tokens come from Cloudflare's standard API token system.
Code Mode server provides broad API coverage when product-specific servers fall short of the task.

Weaknesses

Choosing the right server for a given task requires Cloudflare product knowledge; 14 endpoints is a lot of surface area.
Some features require a paid Cloudflare Workers plan.
Long observability chains can hit context-length limits, requiring queries to be broken into smaller calls.

Security Notes

OAuth tokens are scoped per server; the Workers Bindings server stays inside its scope, the AI Gateway server reads only AI Gateway logs, etc. This is a strong segmentation model. Tokens are issued from the Cloudflare dashboard with explicit scope selection. For the OpenAI Responses API integration, tokens with the necessary permissions for that specific server need to be created and provided. Long-lived secrets stay off the local machine for the hosted servers; the mcp-remote bridge holds session credentials in memory only.

Best For

Teams running on Cloudflare Workers or Cloudflare's edge platform who want product-segmented agent access with OAuth-scoped credentials.

// Technical

TECHNICAL DETAILS

Language

typescript

Transport

streamable-httpsse

Clients

Claude DesktopClaude CodeCursorVS CodeWindsurf

License

Apache-2.0

GitHub

cloudflare/mcp-server-cloudflare · ★ 3,665

Last Release

v1.0.0APR 15, 2026

First Released

NOV 25, 2024

// Adoption

ADOPTION METRICS

// GitHub Stars

3,665

// Reading this3.7k stars on the Cloudflare repo, with traction concentrated on the hosted product surfaces. The 14-server segmentation pattern is itself a signal of editorial maturity.

// Popularity Rank

Globally · #2 in Cloud

// Reading thisTop-5 vendor cloud MCP. The OAuth-scoped per-product hosted model is the architectural reference other cloud vendors are starting to follow.

// How we found this server

SOURCES & VERIFICATION

We don't take any single directory's word for it. Before scoring, we cross-reference 5 public MCP sources, install the server ourselves against the clients we cover, and record when we last re-verified.

Discovered

Manual submission

First indexed APR 28, 2026

Cross-referenced

5 directories

MCP.so, Official MCP Registry, Awesome MCP Servers, PulseMCP, Smithery

Verified against

Claude Desktop, Cursor, VS Code

Installed and tested across clients

Last re-checked

APR 28, 2026

Weekly re-verification

// How other directories see it

The same server, 5 different lenses. We reconcile these signals into our editorial score, which is why our number sometimes diverges from a directory-aggregate star count.

Source	Their rating	Their star count	Their downloads	Last synced
AutomationSwitch This page	4.5editorial	3,665	—	APR 28, 2026
MCP.so	— unrated	unavailable	unavailable	APR 28, 2026
Official MCP Registry	— unrated	unavailable	unavailable	APR 28, 2026
Awesome MCP Servers	— unrated	unavailable	unavailable	APR 28, 2026
PulseMCP	— unrated	unavailable	unavailable	APR 28, 2026
Smithery	— unrated	unavailable	unavailable	APR 28, 2026

// Counts are directory-reported; we don't adjust them. Discrepancies usually come from different snapshot times or star-caching.

// Alternatives

OTHER CLOUD MCP SERVERS

Vendor4.5

AWS API MCP Server

AWS Labs

The official AWS Labs catch-all server. Bridges any AWS CLI command to MCP, giving agents universal access to the AWS API surface. Helps the agent select the right CLI command for a task; respects the local AWS credential chain.

2 tools★ 8,894

Vendor4.2

Amazon ECS MCP Server

AWS Labs

Vendor-built ECS MCP server covering the full container deployment lifecycle: containerize, push to ECR, deploy via ECS Express Mode with ALB, troubleshoot. Notable for ALLOW_WRITE and ALLOW_SENSITIVE_DATA environment flags that make read-only mode a configuration default.

8 tools★ 8,894

Vendor4

Amazon EKS MCP Server

AWS Labs

AWS Labs server for Amazon EKS covering cluster creation via CloudFormation, full Kubernetes resource lifecycle, log retrieval, event fetching, and troubleshooting. Read-only and write IAM policies documented separately for scoped credential setup.

7 tools★ 8,894

Vendor4

Vercel

Deployment layer for managing Vercel projects, deployments, environment variables, and domains. Deploy, promote, rollback, and inspect from your agent context.

16 tools★ 2,400

// Get in touch

DISCUSS YOUR
MCP REQUIREMENTS.

Evaluating a server, scoping an internal deployment, or working out whether MCP is the right fit at all. Start the conversation and we will point you at the right piece of the ecosystem.

Discuss Your MCP Requirements →

Cloudflare MCP

INSTALL THIS SERVER

OUR ASSESSMENT

TECHNICAL DETAILS

ADOPTION METRICS

SOURCES & VERIFICATION

OTHER CLOUD MCP SERVERS

AWS API MCP Server

Amazon ECS MCP Server

Amazon EKS MCP Server

Vercel

DISCUSS YOURMCP REQUIREMENTS.

DISCUSS YOUR
MCP REQUIREMENTS.