Remote MCP Server on Cloudflare with Bearer Auth
This is a fork of https://github.com/cloudflare/ai/tree/main/demos/remote-mcp-server that removes the OAuth code and instead allows a Bearer Token to be passed in with the Authorization HTTP header.
In the MCP Inspector you can pass a Bearer Token like this:
Develop locally
# clone the repository
git clone [email protected]:cloudflare/ai.git
# install dependencies
cd ai
npm install
# run locally
npx nx dev remote-mcp-server
You should be able to open http://localhost:8787/ in your browser
Connect the MCP inspector to your server
To explore your new MCP api, you can use the MCP Inspector.
- Start it with
npx @modelcontextprotocol/inspector - Within the inspector, switch the Transport Type to
SSEand enterhttp://localhost:8787/sseas the URL of the MCP server to connect to - Under "Authentication" add your Bearer Token
- click "Connect"
Connect Claude Desktop to your local MCP server
The MCP inspector is great, but we really want to connect this to Claude! Follow Anthropic's Quickstart and within Claude Desktop go to Settings > Developer > Edit Config to find your configuration file.
Open the file in your text editor and replace it with this configuration:
{
"mcpServers": {
"remote-example": {
"command": "npx",
"args": [
"mcp-remote",
"[https://remote.mcp.server/sse](http://localhost:8787/sse)",
"--header",
"Authorization: Bearer ${AUTH_TOKEN}"
]
},
"env": {
"AUTH_TOKEN": "..."
}
}
}
This will run a local proxy and let Claude talk to your MCP server over HTTP
When you open Claude a browser window should open and allow you to login. You should see the tools available in the bottom right. Given the right prompt Claude should ask to call the tool.
Deploy to Cloudflare
npx wrangler kv namespace create OAUTH_KV- Follow the guidance to add the kv namespace ID to
wrangler.jsonc npm run deploy
Call your newly deployed remote MCP server from a remote MCP client
Just like you did above in "Develop locally", run the MCP inspector:
npx @modelcontextprotocol/inspector@latest
Then enter the workers.dev URL (ex: worker-name.account-name.workers.dev/sse) of your Worker in the inspector as the URL of the MCP server to connect to, and click "Connect".
You've now connected to your MCP server from a remote MCP client.
Connect Claude Desktop to your remote MCP server
Update the Claude configuration file to point to your workers.dev URL (ex: worker-name.account-name.workers.dev/sse) and restart Claude
{
"mcpServers": {
"remote-example": {
"command": "npx",
"args": [
"mcp-remote",
"[https://remote.mcp.server/sse](http://localhost:8787/sse)",
"--header",
"Authorization: Bearer ${AUTH_TOKEN}"
]
},
"env": {
"AUTH_TOKEN": "..."
}
}
}
Debugging
Should anything go wrong it can be helpful to restart Claude, or to try connecting directly to your MCP server on the command line with the following command.
npx mcp-remote http://localhost:8787/sse
In some rare cases it may help to clear the files added to ~/.mcp-auth
rm -rf ~/.mcp-auth
Recommend MCP Servers 💡
pagerduty-mcp
PagerDuty's official MCP server providing tools to manage incidents, services, schedules, and more directly from your MCP-enabled client.
ms-fabric-mcp
Python-based MCP server for interacting with Microsoft Fabric APIs, with advanced PySpark notebook development, testing, and optimization capabilities with LLM integration.
@felores/cloudinary-mcp-server
An MCP server enabling media (images, videos) uploads to Cloudinary, designed for integration with Claude Desktop and other MCP clients.
strava-mcp
A Model Context Protocol (MCP) server with Strava OAuth integration, built on Cloudflare Workers. Enables secure authentication and tool access for MCP clients like Claude and Cursor through Strava login. Perfect for developers looking to integrate Strava authentication with AI tools.
restate-mcp-server
An MCP server that exposes the Restate Admin API as tools over MCP
Intruder
An MCP server by Intruder that integrates with Claude AI to streamline exposure management by enabling users to execute tasks and gather insights from the Intruder platform.