Cloudflare MCP Server

Official Cloudflare MCP server enabling AI agents to manage Cloudflare resources: Workers, KV, R2 storage, D1 databases, DNS, and more — full programmatic control of the Cloudflare edge platform.

Evaluated Mar 06, 2026 (0d ago) vcurrent
Homepage ↗ Repo ↗ Cloud Infrastructure cloudflare dns cdn workers kv r2 d1 mcp-server official edge
⚙ Agent Friendliness
84
/ 100
Can an agent use this?
🔒 Security
92
/ 100
Is it safe for agents?
⚡ Reliability
86
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
83
Documentation
88
Error Messages
82
Auth Simplicity
84
Rate Limits
78

🔒 Security

TLS Enforcement
100
Auth Strength
88
Scope Granularity
92
Dep. Hygiene
88
Secret Handling
90

Fine-grained API Tokens are excellent for least-privilege agent access. Legacy API Keys (global access) should never be used with agents. Zero Trust integration available for enterprise.

⚡ Reliability

Uptime/SLA
98
Version Stability
85
Breaking Changes
80
Error Recovery
82
AF Security Reliability

Best When

An agent needs to manage Cloudflare infrastructure — deploying Workers, accessing edge storage, or managing DNS — as part of a DevOps or site management workflow.

Avoid When

You're not using Cloudflare or need real-time DNS propagation confirmation.

Use Cases

  • Deploying and managing Cloudflare Workers scripts from agents
  • Reading and writing Cloudflare KV (key-value) data stores
  • Managing R2 object storage buckets and objects
  • DNS record management and zone configuration
  • Querying and updating D1 SQLite-compatible databases

Not For

  • Non-Cloudflare infrastructure management
  • High-frequency automated DNS changes (TTL propagation delay)
  • Complex IAM or multi-account enterprise scenarios (limited account scoping)

Interface

REST API
Yes
GraphQL
Yes
gRPC
No
MCP Server
Yes
SDK
Yes
Webhooks
No

Authentication

Methods: api_token api_key
OAuth: No Scopes: Yes

Cloudflare API Tokens support fine-grained permissions per resource type and zone — excellent scope granularity. Legacy API Keys grant global account access (avoid for agents). Use zone-scoped or account-level tokens with minimal permissions.

Pricing

Model: freemium
Free tier: Yes
Requires CC: No

Very generous free tier. MCP server is open source. Cloudflare products billed separately by usage.

Agent Metadata

Pagination
cursor
Idempotent
Partial
Retry Guidance
Documented

Known Gotchas

  • DNS changes propagate globally but status endpoint doesn't confirm full propagation — add delays in workflows
  • Workers deployment is not atomic — brief window where old and new code both serve traffic
  • KV is eventually consistent — reads after writes may return stale data across regions
  • API Token permissions must be set at creation; cannot be modified later — plan permissions carefully
  • R2 and D1 are separate products from KV — different namespacing and authentication context

Alternatives

aws-mcp azure-mcp vercel-mcp

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for Cloudflare MCP Server.

$99
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.

5178
Packages Evaluated
26151
Need Evaluation
173
Need Re-evaluation
Community Powered