AI & tools guide

Give Claude Code control of your Cloudflare account

Wire Claude Code into Cloudflare once, and it can read your account, change settings, deploy Workers and read live logs, all from the terminal. Here is the full setup, done safely.

⏱ About 15 minutes 🔑 OAuth or a scoped API token 💻 macOS, Linux or Windows 🌱 Uses your existing Cloudflare account

What you’ll need before you start: a Cloudflare account, a terminal, and Node.js installed (so npx is available for deploys). The Claude Code CLI is installed in step 1. You do not need to find any API keys to begin: the recommended path signs you in through your browser.

What this actually gets you. Once connected, Claude Code can list and edit DNS records, create and deploy Workers, manage R2 buckets, KV namespaces and D1 databases, read observability logs, adjust WAF and Zero Trust, and reach almost any other part of the Cloudflare API, by you asking in plain English. It does this through three things working together: Skills (knowledge of how Cloudflare works), MCP servers (a live line into the Cloudflare API), and Wrangler (the command-line tool that builds and deploys). The good news: a single plugin install wires up the first two.

▶ Prefer to learn it interactively? Tap through the interactive lesson, one idea at a time, about two minutes, with quick questions as you go.

Use this guide with any AI assistant

Download it as a prompt file, paste it into Claude, ChatGPT, Gemini or any LLM, and it will walk you through every step interactively.

↓ Download as LLM prompt

1Install Claude Code

Claude Code is Anthropic’s terminal coding agent. It reads your codebase, runs commands, edits files and, once we connect it, drives Cloudflare. Install it with one line:

$ curl -fsSL https://claude.ai/install.sh | bash

That covers macOS and Linux. For Homebrew, WinGet, npm or native Windows, follow the Claude Code setup guide. When it finishes, the claude command is on your path.

Already have Claude Code? Skip to step 2. It is worth running the installer again now and then to stay current, since the Cloudflare plugin expects a recent version.

2Open Claude Code where your project lives

If you already have a Cloudflare Workers project, start Claude Code from its root folder, the one that holds wrangler.jsonc (or wrangler.toml). That file tells the agent about your bindings and settings, so it understands your project from the first message.

$ cd ~/path/to/your-project
$ claude

No project yet? That is fine. Open Claude Code in any folder. Account-wide jobs like DNS edits, R2 buckets or reading logs do not need a project at all. You can ask it to scaffold a new Worker later.

3Install the Cloudflare Skills plugin

This is the step that does the heavy lifting. Inside Claude Code, run these two slash commands, one after the other:

> /plugin marketplace add cloudflare/skills

> /plugin install cloudflare@cloudflare

The first command points Claude Code at Cloudflare’s official plugin marketplace on GitHub. The second installs the plugin, which does two things at once:

Installs 8 Cloudflare Skills (the agent’s working knowledge of Workers, storage, the Agents SDK, Wrangler and more).
Registers the Cloudflare API, docs, bindings, builds and observability MCP servers (the live line into your account).

Why a plugin and not a manual config? You can wire up the MCP servers by hand (see the server menu below), but the plugin sets up the Skills and the servers together and keeps them matched. For most people it is the fastest and tidiest route.

4Authorise your Cloudflare account

The first time Claude Code calls a Cloudflare tool, it opens your browser and asks you to sign in to Cloudflare and approve access. This is a standard OAuth handshake: no API key to find, copy or store. You choose which permissions to grant, and if you belong to more than one account, which account to use.

To confirm the servers are connected, run:

> /mcp

Or from a normal shell:

$ claude mcp list

You should see the Cloudflare servers listed as connected.

On a server or CI box with no browser? OAuth needs a browser once. For headless or automated use, skip OAuth and pass a scoped API token instead. That is covered in Access without OAuth below.

5Give it a first instruction

You are connected. Try something read-only first to see real data come back:

> List the zones on my Cloudflare account and their plans.

Then something that makes a small, safe change:

> Create a KV namespace called scratch-test, then show me how to delete it again.

Or, from a Workers project folder, the classic:

> Deploy this Worker to Cloudflare and give me the live URL.

Claude will tell you what it is about to do before it touches anything. Read the plan, then approve. That review step is your safety net, especially while you are learning what it can reach.

The three parts, briefly

Worth understanding, so you know which part is doing what when something needs a nudge.

1. Skills

On-demand knowledge files. They teach the agent your conventions and how Cloudflare actually works (when to use Durable Objects over KV, what a good Workers layout looks like), so you are not re-explaining the platform every time.

2. MCP servers

The live connection. MCP (Model Context Protocol) servers give the agent typed tools to call into the Cloudflare API at runtime: read config, make changes, fetch logs. This is what turns “knows about” Cloudflare into “can operate” your account.

3. Wrangler

The Workers command-line tool. It handles local development, deploys and product-specific jobs like d1 migrations apply or tail. The bundled wrangler Skill teaches the agent when to reach for it.

Code Mode: how one server covers the whole API

The main Cloudflare API MCP server (at https://mcp.cloudflare.com/mcp) reaches over 2,500 endpoints across DNS, Workers, R2, Zero Trust and the rest. It does this without drowning the model in tool definitions, using a technique Cloudflare calls Code Mode: instead of one tool per endpoint, it exposes just two, search() and execute(), and Claude writes a little JavaScript against a typed copy of the API. The code runs in an isolated sandbox.

The payoff is in the token cost:

Approach	Tools exposed	Token cost
Native MCP (full schemas)	2,594	~1,170,000
Native MCP (required params only)	2,594	~244,000
Code Mode	2	~1,000

Roughly a thousand tokens for the entire API, instead of more than the context window of most models. Source: Cloudflare docs.

The plugin sets up the core servers for you. If you want a specific one, or prefer to wire things up by hand, here are the main hosted servers and how to add them.

Server	What it is for	URL
Cloudflare API (Code Mode)	The whole API: DNS, Workers, R2, Zero Trust and more	`mcp.cloudflare.com/mcp`
Documentation	Up-to-date Cloudflare reference, to stop stale answers	`docs.mcp.cloudflare.com/mcp`
Workers Bindings	Build Workers with storage, AI and compute	`bindings.mcp.cloudflare.com/mcp`
Workers Builds	Insights into your Workers builds	`builds.mcp.cloudflare.com/mcp`
Observability	Debug from your logs and analytics	`observability.mcp.cloudflare.com/mcp`
GraphQL Analytics	Query analytics via the GraphQL API	`graphql.mcp.cloudflare.com/mcp`
DNS Analytics	Optimise DNS and debug records	`dns-analytics.mcp.cloudflare.com/mcp`
Audit Logs	Query audit logs and build reports	`auditlogs.mcp.cloudflare.com/mcp`
Radar	Global internet traffic insights and URL scans	`radar.mcp.cloudflare.com/mcp`
Browser rendering	Fetch pages, convert to markdown, screenshot	`browser.mcp.cloudflare.com/mcp`

A selection. The full catalogue (AI Gateway, Logpush, Containers, CASB and others) is in Cloudflare’s docs, linked at the foot of this page.

Add a server by hand

To register one from the command line, give it a name, the HTTP transport and its URL:

$ claude mcp add --transport http cloudflare https://mcp.cloudflare.com/mcp

Add a focused one the same way, for example observability:

$ claude mcp add --transport http cf-observability https://observability.mcp.cloudflare.com/mcp

Or set it in a project’s .mcp.json so your whole team gets it:

{
  // .mcp.json
  "mcpServers": {
    "cloudflare-api": {
      "type": "http",
      "url": "https://mcp.cloudflare.com/mcp"
    }
  }
}

These servers speak the current streamable-http transport at the /mcp path. The older /sse path still works but is deprecated, so prefer /mcp.

Deploys, and the token gotcha

The MCP servers cover the API. Building and shipping Workers is Wrangler’s job, and it has one authentication wrinkle worth knowing.

Claude reaches for Wrangler automatically for local dev and deploys. The commands it runs look like this:

$ npx wrangler whoami            # who am I signed in as?
$ npx wrangler deploy             # ship the Worker
$ npx wrangler tail               # stream live logs
$ npx wrangler d1 migrations apply my-db

For interactive use, wrangler login signs you in through the browser, the same idea as the MCP OAuth flow.

The gotcha: a browser wrangler login session does not include every permission scope. Some tasks (certain account-level actions, Turnstile, and others) need scopes OAuth will not grant. When you hit that wall, create a scoped API token and expose it as an environment variable:

$ export CLOUDFLARE_API_TOKEN=your_token_here
$ export CLOUDFLARE_ACCOUNT_ID=your_account_id   # if you have several accounts

Wrangler picks the token up automatically. Find your account id with npx wrangler whoami.

Access without OAuth: scoped API tokens

For CI/CD, a headless server, or simply tighter control over what the agent can touch, a scoped API token is the right tool. OAuth is convenient on your own machine; a token is precise and portable.

Go to dash.cloudflare.com/profile/api-tokens and choose Create Token.
Pick a template (for example Edit Cloudflare Workers) or Custom token for exact control.
Grant only the permissions the job needs. Under Account Resources and Zone Resources, scope it to the specific account or zone, not “all”.
Optionally restrict it by client IP and set a time-to-live, sensible for automation.
Create it, then copy the secret immediately. Cloudflare shows it once. Store it in a password manager.

Then hand it to whichever tool needs it. For Wrangler, the CLOUDFLARE_API_TOKEN environment variable above. For the MCP server, pass it as a bearer token so no browser is needed:

$ claude mcp add --transport http cloudflare https://mcp.cloudflare.com/mcp \
    --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN"

User tokens vs account tokens

A user token is tied to you personally. An account token (its secret is prefixed cfat_) is tied to the account and keeps working even if a person leaves the team, which makes it the better choice for shared services and CI. Both are accepted by Wrangler and the MCP servers.

Security: sensible habits with tokens

You are handing an agent the keys to live infrastructure. A few habits keep that safe.

Least privilege. Grant only the scopes a task needs. A token that just edits DNS should not be able to deploy Workers.
Never commit a token. Keep it out of git and out of shared files. Use environment variables or a secrets manager, not a line in a config you might push.
One token per purpose or machine. Separate tokens mean you can revoke one without breaking everything else.
Use TTLs and IP restrictions for automation. A CI token that only works from your build server’s IP, and expires, is a small blast radius.
OAuth for you, tokens for machines. On your own laptop, OAuth stores no secret you can leak. Save tokens for headless and shared use.
Roll on any doubt. The secret shows once. If you lose it or suspect it leaked, delete and recreate it at the same dashboard page.
Approve before it acts. Keep reading Claude’s planned actions before approving, particularly for anything destructive.

Check it actually works

Four quick proofs that the connection is real, not just configured.

claude mcp list (or /mcp inside Claude Code) shows the Cloudflare servers as connected.
A read-only question (“List my Cloudflare zones”) returns your real data, not a generic answer.
A small, reversible change (create then delete a test KV namespace) succeeds, proving write access and your comfort with approving it.
From a project folder, a Worker deploy lands in your Cloudflare dashboard.

Tip: if you ever get answers that feel out of date, make sure the Documentation MCP server is enabled, or point the agent at developers.cloudflare.com/llms.txt. It biases the agent towards current docs over older training knowledge.

Troubleshooting

The handful of things that actually go wrong, and the fix for each.

The MCP server won’t connect or times out

Run claude mcp list to see whether it is registered. Remove and re-add it:

$ claude mcp remove cloudflare
$ claude mcp add --transport http cloudflare https://mcp.cloudflare.com/mcp

Make sure npx and mcp-remote are available, and check you are not behind a proxy that blocks the connection.

Claude can’t authenticate with Cloudflare

The servers use OAuth. When prompted, complete the sign-in in your browser and approve access. On a machine with no browser (CI, a remote box), skip OAuth and pass an API token as a bearer header instead, as shown in Access without OAuth.

It picks the wrong account, or asks which one

When prompted, choose the account you mean. For Wrangler and automation, set the account explicitly:

$ npx wrangler whoami --json     # lists your account ids
$ export CLOUDFLARE_ACCOUNT_ID=the_right_id

A task fails with a permissions error

Your OAuth grant or token is missing a scope for that action. Re-authorise and grant it, or add the permission to your custom token. Remember the Wrangler gotcha: some scopes a browser login will not give you, so a scoped token may be the only route for that particular job.

Claude gives outdated information about Cloudflare

Enable the Documentation MCP server (docs.mcp.cloudflare.com/mcp) so it fetches current docs at runtime, or point it at developers.cloudflare.com/llms.txt for a directory of every product.

See also