Cloudflare OAuth集成
HTTP-SSE支持远程连接的MCP服务器与OAuth认证
支持远程连接的MCP服务器与OAuth认证
This is a Model Context Protocol (MCP) server that supports remote MCP connections, with Cloudflare OAuth built-in.
You can deploy it to your own Cloudflare account, and after you create your own Cloudflare OAuth client app, you'll have a fully functional remote MCP server that you can build off. Users will be able to connect to your MCP server by signing in with their Cloudflare account.
You can use this as a reference example for how to integrate other OAuth providers with an MCP server deployed to Cloudflare, using the workers-oauth-provider library.
The MCP server (powered by Cloudflare Workers):
wrangler secret put CLOUDFLARE_CLIENT_ID wrangler secret put CLOUDFLARE_CLIENT_SECRET
wrangler kv:namespace create "OAUTH_KV"Deploy the MCP server to make it available on your workers.dev domain
wrangler deploy
Test the remote server using Inspector:
npx @modelcontextprotocol/inspector@latest
Enter https://mcp-cloudflare-staging.<your-subdomain>.workers.dev/sse and hit connect. Once you go through the authentication flow, you'll see the Tools working:
You now have a remote MCP server deployed!
Open Claude Desktop and navigate to Settings -> Developer -> Edit Config. This opens the configuration file that controls which MCP servers Claude can access.
Replace the content with the following configuration. Once you restart Claude Desktop, a browser window will open showing your OAuth login page. Complete the authentication flow to grant Claude access to your MCP server. After you grant access, the tools will become available for you to use.
{
"mcpServers": {
"cloudflare": {
"command": "npx",
"args": [
"mcp-remote",
"https://<your-subdomain>.workers.dev/sse"
]
}
}
}
Once the Tools (under 🔨) show up in the interface, you can ask Claude to use them. For example: "Could you use the math tool to add 23 and 19?". Claude should invoke the tool and show the result generated by the MCP server.
If you'd like to iterate and test your MCP server, you can do so in local development. This will require you to create another OAuth App on Cloudflare:
.dev.vars file in your project root with:CLOUDFLARE_CLIENT_ID=your_development_cloudflare_client_id
CLOUDFLARE_CLIENT_SECRET=your_development_cloudflare_client_secret
Run the server locally to make it available at http://localhost:8788
wrangler dev
To test the local server, enter http://localhost:8788/sse into Inspector and hit connect. Once you follow the prompts, you'll be able to "List Tools".
When using Claude to connect to your remote MCP server, you may see some error messages. This is because Claude Desktop doesn't yet support remote MCP servers, so it sometimes gets confused. To verify whether the MCP server is connected, hover over the 🔨 icon in the bottom right corner of Claude's interface. You should see your tools available there.
To connect Cursor with your MCP server, choose Type: "Command" and in the Command field, combine the command and args fields into one (e.g. npx mcp-remote https://<your-worker-name>.<your-subdomain>.workers.dev/sse).
Note that while Cursor supports HTTP+SSE servers, it doesn't support authentication, so you still need to use mcp-remote (and to use a STDIO server, not an HTTP one).
You can connect your MCP server to other MCP clients like Windsurf by opening the client's configuration file, adding the same JSON that was used for the Claude setup, and restarting the MCP client.
The OAuth Provider library serves as a complete OAuth 2.1 server implementation for Cloudflare Workers. It handles the complexities of the OAuth flow, including token issuance, validation, and management. In this project, it plays the dual role of:
Durable MCP extends the base MCP functionality with Cloudflare's Durable Objects, providing:
this.propsThe MCP Remote library enables your server to expose tools that can be invoked by MCP clients like the Inspector. It: