MCP CLOUDFLARE B2 TECH

Model Context Protocol · Cloudflare API v4

Run Cloudflare
straight from Claude.

An MCP server that connects Claude to your Cloudflare account — publish landing pages in seconds, deploy server-side tracking for Meta CAPI, GA4 and TikTok, manage zones, DNS and domains, and store media in R2 without opening the dashboard. Status: LIVE.

29 tools · BYOT token · multi-tenant · free

Landing pages live in seconds Server-side tagging Meta CAPI · GA4 · TikTok PII hashed with SHA-256 confirm=true on destructive tools Encrypted BYOT token Multi-tenant on Vercel Landing pages live in seconds Server-side tagging Meta CAPI · GA4 · TikTok PII hashed with SHA-256 confirm=true on destructive tools Encrypted BYOT token Multi-tenant on Vercel
What it is

Your Cloudflare account, operated in natural language

MCP CLOUDFLARE B2 TECH is a Model Context Protocol server that gives Claude real access to your account — not a chatbot that guesses, but typed calls against the Cloudflare API v4.

Real connection

Claude talks to your account

Ask for a landing page and it goes live on a URL in seconds — a single-file Worker or a multi-file Pages site. Create the zone, point the DNS, attach the custom domain and upload ad creatives to R2, all by talking to Claude.

The full loop

From landing page to ads, in one conversation

Part of the B2Tech connector fleet (Meta Ads, Google Ads, GTM, Instagram). The whole cycle: publish_landing_pagepublish_tracking_endpoint → run ads through the sibling MCPs → read insights. No tool switching.

Status

LIVE in production

Multi-tenant deploy at mcp-cloudflare.vercel.app — BYOT token encrypted in Supabase, cache in Upstash, and we are the OAuth 2.1 Authorization Server. Same stack as the Meta Ads, Google Ads, GTM and Instagram MCPs.

What it already does

The full tool catalog

29 tools grouped by function — from publishing landing pages to pointing DNS, from server-side tracking to media uploads in R2. Everything below is implemented and live.

Account & authentication

4 tools
  • verify_tokenCall first: validates the Cloudflare token, reports status and expiry.
  • cloudflare_connectConnects your account in hosted mode (per-tenant BYOT token).
  • cloudflare_statusShows the current tenant's connection state.
  • cloudflare_disconnectDisconnects and discards the stored credential.

Landing pages — Workers

4 tools
  • publish_landing_pageInline HTML → page live on a *.workers.dev URL in seconds; idempotent per name.
  • list_sitesLists the sites published on the account.
  • get_siteShows the details of a published site.
  • delete_siteRemoves a site (destructive, requires confirm).

Multi-file deploys — Pages

4 tools
  • create_pages_projectCreates a Cloudflare Pages project (Direct Upload).
  • deploy_pagesDeploys a multi-file static site to the project.
  • list_pages_deploymentsLists a project's deployment history.
  • delete_pages_projectDeletes a Pages project (destructive, requires confirm).

Server-side tracking

2 · highlight
  • publish_tracking_endpointDeploys a first-party Worker that receives page events, hashes PII with SHA-256 and fans out to Meta CAPI, GA4 and TikTok. Fixed, versioned template — never generated code.
  • get_tracking_snippetReturns the browser snippet: automatic PageView, window.b2track(), _fbp/_fbc/ttclid capture and the event_id for browser-pixel dedup.

Zones

3 tools
  • list_zonesLists the account's zones (domains).
  • create_zoneCreates a zone and returns the nameservers to delegate.
  • delete_zoneRemoves a zone (destructive, requires confirm).

DNS

4 tools
  • list_dns_recordsLists a zone's records.
  • create_dns_recordCreates a record — A/AAAA/CNAME default to proxied.
  • update_dns_recordEdits an existing record.
  • delete_dns_recordRemoves a record (destructive, requires confirm).

Custom domains

3 tools
  • attach_pages_domainBinds a custom domain to a Pages project (active zone pre-checked).
  • attach_worker_domainBinds a custom domain to a Worker — e.g. track.client.com for first-party tracking.
  • list_pages_domainsLists the domains attached to a Pages project.

Media — R2

5 tools
  • upload_imageUploads a small/generated image (base64) and returns a public URL.
  • upload_imagesUploads several inline images at once.
  • upload_image_from_urlCopies an image already on a public URL into R2.
  • create_upload_urlsPresigned PUT for real files — the bytes never pass through the model.
  • delete_r2_objectRemoves an object from the bucket (destructive, requires confirm).

From zero to live in one conversation: publish_landing_pagepublish_tracking_endpointattach_worker_domain → run ads through the sibling MCPs.

Write safety model

Claude doesn't take anything down on its own

Deleting a zone or a site is irreversible — so every write goes through explicit barriers, and your tokens never show up anywhere.

Destructive tools require confirm=true

delete_site, delete_pages_project, delete_zone, delete_dns_record and delete_r2_object. Without confirm, the tool returns a preview and executes nothing.

Reads flagged with readOnlyHint

The MCP client knows exactly what only reads and what writes — the risk map is declared tool by tool.

Tracking is a fixed template, never generated code

publish_tracking_endpoint deploys a versioned, human-reviewed Worker; the tool only parameterizes it via bindings. Code written in a conversation never reaches your production traffic.

Secrets become secret_text bindings

Meta, GA4 and TikTok tokens live as Worker secrets — never in the script, tool results or logs. Republishing the same name replaces all bindings: that's rotation.

Tenant is never an argument

The tenant is derived from the embedded Authorization Server's access token and resolved per request. No tool accepts "which client" — operating the wrong account is impossible.

PII hashed, clean logs

Email, phone and name are SHA-256-hashed server-side before the fan-out; the BYOT token is AES-256-GCM-encrypted in Supabase and the structured logs carry no PII and no tokens.

How to connect

Up and running in minutes

Hosted, multi-tenant, zero setup: add the connector, paste your token and Claude is operating your account. Then just ask.

Zero setup

Hosted — mcp-cloudflare.vercel.app

Add the MCP server as a connector in Claude and paste your token on the login screen. Nothing to install; we store the token encrypted.

  1. Add the connector. In Claude.ai → Settings → Connectors → Add custom connector, paste https://mcp-cloudflare.vercel.app/api/mcp. In Claude Code, use the command below.
    # Claude Code
    claude mcp add --transport http \
      cloudflare https://mcp-cloudflare.vercel.app/api/mcp
  2. Connect your account. The OAuth handshake opens our login screen, where you paste a scoped Cloudflare API token (create one at dash.cloudflare.com/profile/api-tokens). It's stored AES-256-GCM-encrypted; in Claude Code, complete via /mcp.
  3. Confirm. Run verify_token to validate the credential and list_zones to see your domains. Ready to operate.
First steps

What to ask Claude

Real requests the server handles end to end — in natural language, without touching the dashboard.

  1. Publish a page.
    # you, in the chat:
    "Publish a landing page called
     summer-promo with this HTML"
    # → *.workers.dev URL live in seconds
  2. Wire the tracking.
    "Create a tracking endpoint with my
     Pixel + CAPI token and give me the snippet"
    # → first-party Worker + snippet ready
  3. Point the domain.
    "Attach track.mysite.com to that
     Worker and create the CNAME"
    # → first-party, immune to ad blockers

Frequently asked questions

Still unsure about something? Write to bruno@b2tech.io.

How much does it cost?
The MCP Cloudflare server is free. You only need your own Cloudflare account — the free plan covers Workers, Pages and DNS, and R2 has a generous free tier.
Is it safe? Can Claude delete my site or my DNS?
Not without your confirmation. Every destructive tool (delete_site, delete_pages_project, delete_zone, delete_dns_record, delete_r2_object) is gated by confirm=true — without it, the tool returns only a preview of what it would do and executes nothing. Read tools carry readOnlyHint.
What is a tracking endpoint?
A server-side tagging Worker deployed to your account: the page sends events via sendBeacon to POST /events, the Worker validates, hashes PII with SHA-256, enriches (fbp/fbc, ttclid, event_id) and fans out concurrently to the Meta Conversions API, GA4 Measurement Protocol and TikTok Events API. With a first-party domain via attach_worker_domain (e.g. track.client.com), it survives ad blockers and ITP.
Does the tracking Worker run AI-generated code?
No. publish_tracking_endpoint deploys a fixed, versioned, human-reviewed template: the tool only parameterizes the script via bindings. Code generated in a conversation never reaches your production traffic.
Where do my tokens live?
Your Cloudflare token (BYOT) is AES-256-GCM-encrypted in Supabase, keyed per tenant, and resolved per request — no tool accepts a token as an argument. The tracking destination tokens (Meta, GA4, TikTok) become secret_text bindings on the Worker in your account: they never appear in the script, tool results or logs. Republishing the same name replaces all bindings — that is the rotation procedure.
Which permissions does the Cloudflare token need?
Least privilege: Workers Scripts:Edit to publish landing pages and tracking; Zone/DNS edit if you manage domains; R2 keys for the media tools. Create a scoped token at dash.cloudflare.com/profile/api-tokens with only what you'll use — verify_token reports its status and expiry.
Do I need to install anything?
No. The server is hosted and multi-tenant (mcp-cloudflare.vercel.app) and the source code is private — there is no version to run on your own machine. You just add the connector in Claude and paste your Cloudflare token on the login screen; we handle the rest.
Start now

Stop clicking through the dashboard.
Ask Claude — it publishes, points the DNS and wires the tracking.

Landing pages, server-side tracking, zones, DNS, custom domains and R2 media — from zero to live in one conversation, with destructive tools locked behind confirm=true. Free and live.

29 tools · BYOT token · multi-tenant on Vercel