Resources/The Agent API Atlas/Developer/Cloudflare

Everything an AI agent can do with the Cloudflare API.

A reference guide for building AI agents: every method, how to authenticate, and the permissions each one needs.

Endpoints31

API versionv4

Last updated23 June 2026

Orientation

How the Cloudflare API works.

The Cloudflare API is how an app or AI agent works with a Cloudflare account: editing DNS records, purging cached content, deploying Workers scripts, and tuning firewall and WAF rules. Access is granted through an API token that carries named permission groups, each set to read or edit and scoped to chosen accounts or zones, so a token reaches only what it was given. There is a single continuously updated API, and Cloudflare signals retired methods through a dated deprecations list rather than new version numbers.

31Endpoints

10Capability groups

16Read

15Write

18Permissions

Authentication

Cloudflare authenticates a call with an API token sent as 'Authorization: Bearer '. A token carries a chosen set of permission groups, each read or edit, scoped to specific accounts or zones, so it grants only what it was given. A legacy Global API Key, sent through the X-Auth-Email and X-Auth-Key headers, still works but carries the full access of the user and cannot be scoped down; Cloudflare recommends tokens instead.

Permissions

Access is governed by permission groups with short names, like Zone Read, DNS Write, Workers Scripts Write, Workers R2 Storage Write, Page Rules Write, Zone WAF Write, Cache Purge, SSL and Certificates Write, and Load Balancers Write. Each group is set to read or edit and attached to a token at one scope, either an account or a zone. A call that needs a group the token lacks returns 403. The full set of groups can be listed through the IAM permission-groups endpoint.

Versioning

The API is unversioned beyond the v4 path. There is a single, continuously updated API at https://api.cloudflare.com/client/v4, and Cloudflare signals change through a dated deprecations list rather than new version numbers. A deprecated method keeps working until its stated end-of-life date, like the in-place DNS record type change that ends on 30 June 2026, and the deprecated Firewall Rules and Filters APIs replaced by the Rulesets API.

Data model

The API is resource-oriented JSON over HTTPS at https://api.cloudflare.com/client/v4. Every response is wrapped in an envelope with a success boolean, an errors array, a messages array, and the data in a result field. Account-scoped resources, like Workers and R2 buckets, sit under /accounts/{account_id}, while zone-scoped resources, like DNS records, firewall rulesets, and Page Rules, sit under /zones/{zone_id}. A separate GraphQL endpoint serves analytics.

Connect & authenticate

Connection & authentication methods.

How an app or AI agent connects to Cloudflare determines what it can reach. There is a route for making calls, a route for receiving notifications, and a hosted server that exposes Cloudflare to agents, and each is governed by the token behind it and the permissions that token carries.

Ways to connect

REST API

The REST API answers at https://api.cloudflare.com/client/v4. Calls authenticate with an API token sent as a Bearer token, return a JSON envelope with a success boolean and errors and messages arrays, and the data in a result field. Account-scoped resources sit under /accounts/{account_id} and zone-scoped resources under /zones/{zone_id}.

Best forConnecting an app or AI agent to Cloudflare.

Governed byThe API token and the permission groups it carries.

Docs ↗

MCP server (Model Context Protocol)

Cloudflare runs a hosted Model Context Protocol server at https://mcp.cloudflare.com/mcp that exposes the whole API, over 2,500 endpoints, through a search and an execute tool. It authenticates with OAuth, with API tokens as a fallback for automation. Cloudflare also runs product-specific servers, like documentation at https://docs.mcp.cloudflare.com/mcp, Workers bindings at https://bindings.mcp.cloudflare.com/mcp, observability at https://observability.mcp.cloudflare.com/mcp, and analytics over GraphQL at https://graphql.mcp.cloudflare.com/mcp.

Best forConnecting an AI agent to Cloudflare through MCP.

Governed byThe OAuth grant or the API token and the permission groups it carries.

Docs ↗

GraphQL analytics API

A separate GraphQL endpoint at https://api.cloudflare.com/client/v4/graphql serves analytics and metrics with a typed schema. It carries its own quota, capped at 320 queries per five minutes, with cost varying by query.

Best forQuerying Cloudflare analytics and metrics.

Governed byThe API token and the permission groups it carries.

Docs ↗

Notifications

Cloudflare delivers alerts, like security events or certificate expiry, to configured destinations such as a webhook or email. The destination is set up per account, and Cloudflare sends the alert when the chosen condition fires.

Best forReceiving Cloudflare alerts at an app or AI agent.

Governed byThe configured notification destination.

Docs ↗

Authentication

API token

An API token carries a chosen set of permission groups, each set to read or edit, scoped to specific accounts or zones. It is the recommended way to connect, because a token grants only what it was given and can be rolled or revoked on its own. The token is sent as a Bearer token in the Authorization header.

TokenBearer API token

Best forLeast-privilege access scoped to specific accounts or zones.

Docs ↗

API key (legacy)

A Global API Key authenticates with the account email and a single key that carries the full access of the user, across every account and zone they can reach. Cloudflare recommends API tokens instead, because a key cannot be scoped down. It is sent through the X-Auth-Email and X-Auth-Key headers.

TokenGlobal API Key (email + key)

Best forLegacy integrations that predate API tokens.

2 endpoints

List the accounts a token can reach and read a single account's details.

A write here changes account-level settings.

View endpoints →

Endpoint reference

Every Cloudflare API method.

Filter by method, access, or permission, or search any path. Select a row for version detail, rate limits, the related webhook event, and the source.

Hide deprecated

Method	Endpoint	What it does	Access	Permission	Version
Zones List, read, create, and delete the zones (domains) on an account.4
GET	`/zones`	List, search, sort, and filter the zones on an account.	read	`Zone Read`	Current
Read-only. Zone scope. Results are filtered to the zones the token can reach. Acts onzone Permission (capability)`Zone Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/zones/{zone_id}`	Get the details of a single zone.	read	`Zone Read`	Current
Read-only. Zone scope. Acts onzone Permission (capability)`Zone Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/zones`	Create a zone by adding a domain to an account.	write	`Zone Write`	Current
Needs the account to be named in the request body. Zone scope. Acts onzone Permission (capability)`Zone Write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
DELETE	`/zones/{zone_id}`	Delete a zone, removing the domain from Cloudflare.	write	`Zone Write`	Current
Irreversible; the domain stops being proxied by Cloudflare. Zone scope. Acts onzone Permission (capability)`Zone Write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
DNS records List, read, create, overwrite, patch, and delete the DNS records in a zone.6
GET	`/zones/{zone_id}/dns_records`	List, search, sort, and filter the DNS records in a zone.	read	`DNS Read`	Current
Read-only. Zone scope. Acts ondns_record Permission (capability)`DNS Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/zones/{zone_id}/dns_records/{dns_record_id}`	Get the details of a single DNS record.	read	`DNS Read`	Current
Read-only. Zone scope. Acts ondns_record Permission (capability)`DNS Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/zones/{zone_id}/dns_records`	Create a DNS record in a zone.	write	`DNS Write`	Current
Zone scope. Edits live DNS, which resolves publicly within seconds. Acts ondns_record Permission (capability)`DNS Write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
PUT	`/zones/{zone_id}/dns_records/{dns_record_id}`	Overwrite an existing DNS record with a full new definition.	write	`DNS Write`	Current
Replaces the whole record. Changing the type of an existing record via the API is deprecated since 23 January 2026 and ends on 30 June 2026. Zone scope. Acts ondns_record Permission (capability)`DNS Write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
PATCH	`/zones/{zone_id}/dns_records/{dns_record_id}`	Update selected fields of an existing DNS record.	write	`DNS Write`	Current
Patches only the fields sent, leaving the rest intact. Zone scope. Acts ondns_record Permission (capability)`DNS Write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
DELETE	`/zones/{zone_id}/dns_records/{dns_record_id}`	Delete a DNS record from a zone.	write	`DNS Write`	Current
Removes the record from live DNS. Zone scope. Acts ondns_record Permission (capability)`DNS Write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Firewall & WAF List and read the rulesets that hold WAF and custom firewall rules, and update a ruleset's rules.3
GET	`/zones/{zone_id}/rulesets`	List the rulesets in a zone, which hold WAF and custom firewall rules.	read	`Zone WAF Read`	Current
Read-only; the list omits each ruleset's rules. The standalone Firewall Rules and Filters APIs are deprecated since 15 June 2025 in favor of these rulesets. Zone scope. Acts onruleset Permission (capability)`Zone WAF Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/zones/{zone_id}/rulesets/{ruleset_id}`	Get a ruleset, including the firewall and WAF rules it contains.	read	`Zone WAF Read`	Current
Read-only. Zone scope. Acts onruleset Permission (capability)`Zone WAF Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
PUT	`/zones/{zone_id}/rulesets/{ruleset_id}`	Update a ruleset, replacing the firewall and WAF rules it contains.	write	`Zone WAF Write`	Current
Replaces the ruleset's full set of rules, changing what traffic is blocked or allowed. Zone scope. Acts onruleset Permission (capability)`Zone WAF Write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Page Rules List, read, create, and delete the URL-pattern Page Rules in a zone.3
GET	`/zones/{zone_id}/pagerules`	List the Page Rules in a zone.	read	`Page Rules Read`	Current
Read-only. Zone scope. Acts onpagerule Permission (capability)`Page Rules Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/zones/{zone_id}/pagerules`	Create a Page Rule that changes how requests matching a URL pattern are handled.	write	`Page Rules Write`	Current
Zone scope. A zone has a fixed quota of active Page Rules by plan. Acts onpagerule Permission (capability)`Page Rules Write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
DELETE	`/zones/{zone_id}/pagerules/{pagerule_id}`	Delete a Page Rule from a zone.	write	`Page Rules Write`	Current
Zone scope. Acts onpagerule Permission (capability)`Page Rules Write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Cache Purge cached content from Cloudflare's edge for a zone.1
POST	`/zones/{zone_id}/purge_cache`	Purge cached content for a zone, by everything, URL, prefix, host, or cache tag.	write	`Cache Purge`	Current
Zone scope. A purge-everything is limited to roughly one request every few seconds per zone. Acts oncache Permission (capability)`Cache Purge` VersionAvailable since the API’s base version Webhook eventNone Rate limit~5 purge-everything calls per second per zone SourceOfficial documentation ↗
Workers List Workers scripts, read a script, upload or update a script, and delete one.4
GET	`/accounts/{account_id}/workers/scripts`	List the Workers scripts uploaded to an account.	read	`Workers Scripts Read`	Current
Read-only. Account scope. Acts onworker_script Permission (capability)`Workers Scripts Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/accounts/{account_id}/workers/scripts/{script_name}`	Download a Worker script's content.	read	`Workers Scripts Read`	Current
Read-only. Account scope. Acts onworker_script Permission (capability)`Workers Scripts Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
PUT	`/accounts/{account_id}/workers/scripts/{script_name}/content`	Upload or replace a Worker script's content, deploying the code.	write	`Workers Scripts Write`	Current
Sends the script as multipart form data and puts the code live without touching its config or metadata. Account scope. Acts onworker_script Permission (capability)`Workers Scripts Write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
DELETE	`/accounts/{account_id}/workers/scripts/{script_name}`	Delete a Worker script from an account.	write	`Workers Scripts Write`	Current
Removes the deployed code. Account scope. Acts onworker_script Permission (capability)`Workers Scripts Write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
R2 storage List the R2 object-storage buckets on an account, read one, and create a bucket.3
GET	`/accounts/{account_id}/r2/buckets`	List the R2 object-storage buckets on an account.	read	`Workers R2 Storage Read`	Current
Read-only. Account scope. Acts onr2_bucket Permission (capability)`Workers R2 Storage Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/accounts/{account_id}/r2/buckets/{bucket_name}`	Get the details of a single R2 bucket.	read	`Workers R2 Storage Read`	Current
Read-only. Account scope. Acts onr2_bucket Permission (capability)`Workers R2 Storage Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/accounts/{account_id}/r2/buckets`	Create an R2 object-storage bucket on an account.	write	`Workers R2 Storage Write`	Current
Account scope. Creates storage that can hold objects and incur cost. Acts onr2_bucket Permission (capability)`Workers R2 Storage Write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
SSL/TLS List custom SSL certificates in a zone and read or change Universal SSL settings.3
GET	`/zones/{zone_id}/custom_certificates`	List, search, and filter the custom SSL certificates in a zone.	read	`SSL and Certificates Read`	Current
Read-only. Zone scope. Acts oncustom_certificate Permission (capability)`SSL and Certificates Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/zones/{zone_id}/ssl/universal/settings`	Get the Universal SSL settings for a zone.	read	`SSL and Certificates Read`	Current
Read-only. Zone scope. Acts onuniversal_ssl_setting Permission (capability)`SSL and Certificates Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
PATCH	`/zones/{zone_id}/ssl/universal/settings`	Enable or disable Universal SSL for a zone.	write	`SSL and Certificates Write`	Current
Disabling removes active Universal SSL certificates, which can make the domain unreachable over HTTPS. Zone scope. Acts onuniversal_ssl_setting Permission (capability)`SSL and Certificates Write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Load Balancers List the load balancers in a zone and create a new one.2
GET	`/zones/{zone_id}/load_balancers`	List the load balancers configured in a zone.	read	`Load Balancers Read`	Current
Read-only. Zone scope. Acts onload_balancer Permission (capability)`Load Balancers Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/zones/{zone_id}/load_balancers`	Create a load balancer that steers traffic across pools in a zone.	write	`Load Balancers Write`	Current
Zone scope. Changes how requests are routed across origin pools. Acts onload_balancer Permission (capability)`Load Balancers Write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Accounts List the accounts a token can reach and read a single account's details.2
GET	`/accounts`	List the accounts a token can reach.	read	`Account Settings Read`	Current
Read-only. Account scope. Acts onaccount Permission (capability)`Account Settings Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/accounts/{account_id}`	Get the details of a single account.	read	`Account Settings Read`	Current
Read-only. Account scope. Acts onaccount Permission (capability)`Account Settings Read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗

No endpoints match those filters.

Webhooks

Webhook events.

Cloudflare can notify an app or AI agent when something happens in an account, like a security event firing or a certificate nearing expiry, by sending the alert to a configured destination instead of the app repeatedly asking.

Event	What it signals	Triggered by

No events match that search.

Rate limits & pagination

Rate limits, pagination & request size.

Cloudflare limits how fast an app or AI agent can call, through a request quota counted per user over a rolling window, with stricter quotas on a few areas like the analytics query interface.

Request rate

Cloudflare meters the API by a global limit of 1,200 requests every five minutes per user, counted cumulatively across the dashboard, an API key, and an API token. Going over blocks every call for the rest of the five-minute window and returns HTTP 429. A separate per-IP ceiling of 200 requests per second applies, and the GraphQL analytics interface has its own quota that varies by query cost and caps at 320 queries per five minutes. A few areas carry tighter limits, like purge-everything on the cache. Responses carry Ratelimit and Ratelimit-Policy headers reporting remaining quota and the window, and a retry-after header when the limit has been hit. Enterprise customers can ask support to raise these.

Pagination

List endpoints page with the page and per_page query parameters, and the response carries a result_info object with the current page, per-page count, total count, and total pages. Some newer resources, like rulesets, page with a cursor and per_page instead. The data itself is returned in the result array of the JSON envelope.

Request size

Responses are JSON wrapped in a success, errors, messages, and result envelope. An account is allowed 50 API tokens per user and 500 per account. Worker script size and other per-product ceilings are set by each product rather than the API as a whole.

Errors

Status codes & error handling.

The status codes an agent should handle, and what to do about each.

Status	Code	Meaning	What to do
400	`Bad Request`	The request was malformed or a parameter was invalid. The body's errors array names the problem with an integer code and a message, and success is false.	Read the errors array, correct the named parameter, and resend.
401	`Unauthorized`	Authentication failed, because the API token is missing, invalid, or expired, or the legacy email and key pair is wrong.	Send a valid token as a Bearer credential, and roll it if it may be compromised.
403	`Forbidden`	The token is valid but lacks the permission group needed for this call, or is not scoped to the target account or zone.	Grant the missing permission group on the token, or scope it to the right account or zone.
404	`Not Found`	The resource does not exist, or the token cannot see it. The path or an identifier may be wrong.	Confirm the path and the account, zone, or record identifier, and that the token can reach it.
405	`Method Not Allowed`	The HTTP method is not supported for this path, like sending POST where only GET is defined.	Use the method the endpoint documents for the operation.
429	`Too Many Requests`	The rate limit was exceeded. The global limit is 1,200 requests per five minutes per user, after which calls are blocked for the rest of the window.	Honor the retry-after header, slow the request rate, and wait for the window to reset.
500	`Internal Server Error`	An error on Cloudflare's side, which can also appear as 502, 503, or 504.	Retry with backoff, and contact Cloudflare support if it persists.

Versioning & freshness

Version history.

Cloudflare keeps a single, continuously updated version of its API at the v4 path, and signals retired methods through a dated deprecations list rather than minting new version numbers.

Version history

What changed, and when

Latest versionv4

v4Current version

Client API v4 (current, continuously updated)

Cloudflare serves a single, continuously updated API at https://api.cloudflare.com/client/v4. It is not versioned beyond the v4 path; new resources and fields are added in place, and retired methods are announced through a dated deprecations list with an end-of-life date rather than a new version number. An integration tracks the deprecations list and moves off a method before its end of life.

What changed

In-place DNS record type change via the API deprecated on 23 January 2026, ending 30 June 2026
Firewall Rules API and Filters API deprecated on 15 June 2025 in favor of WAF custom rules via the Rulesets API
WAF Managed Rules (previous version) APIs deprecated on 15 June 2025 in favor of the Rulesets API
Brotli setting and its API endpoints deprecated on 15 August 2024
Auto Minify API endpoints deprecated on 5 August 2024
Server-side Excludes feature and its API endpoints deprecated on 14 June 2024

2026-01-23Requires migration

In-place DNS record type change deprecated

Changing the type of an existing DNS record through the API was deprecated on 23 January 2026, with an end-of-life date of 30 June 2026. After that date, an integration recreates the record at the new type rather than changing the type of the existing one.

What changed

Deprecated changing an existing DNS record's type via the API
End of life set to 30 June 2026

2025-06-15Requires migration

Firewall Rules and legacy WAF APIs deprecated

The standalone Firewall Rules API and the Filters API were deprecated on 15 June 2025, replaced by WAF custom rules managed through the Rulesets API. The previous version of WAF Managed Rules, managed through packages, rule groups, and overrides, was deprecated on the same date in favor of the new WAF Managed Rules, also through the Rulesets API.

What changed

Deprecated the Firewall Rules API and the Filters API
Deprecated the previous-version WAF Managed Rules APIs
Steered both toward the Rulesets API

2024-08-15Feature update

Brotli and Auto Minify APIs deprecated

The Brotli setting and its API endpoints were deprecated on 15 August 2024, and the Auto Minify API endpoints were deprecated on 5 August 2024, after both features were retired. Earlier, on 14 June 2024, the Server-side Excludes feature and its API endpoints were deprecated.

What changed

Deprecated the Brotli setting and its API endpoints
Deprecated the Auto Minify API endpoints
Deprecated the Server-side Excludes feature and its API endpoints

An integration tracks the deprecations list and moves off a retired method before its end-of-life date.

Cloudflare API deprecations ↗

Questions

Cloudflare API, answered.

API token or Global API Key, which should I use?+

An API token is the better default. A token carries only the permission groups it was given, scoped to specific accounts or zones, so a leaked token reaches only what it was scoped to, and it can be rolled or revoked on its own. The legacy Global API Key carries the full access of the user across every account and zone and cannot be narrowed, so Cloudflare recommends tokens for new integrations.

What are the rate limits?+

The global limit is 1,200 requests every five minutes per user, counted cumulatively across the dashboard, an API key, and an API token. Going over blocks every call for the rest of that five-minute window and returns HTTP 429. A per-IP ceiling of 200 requests per second applies on top, and the GraphQL analytics interface has its own quota capped at 320 queries per five minutes. Enterprise customers can ask support to raise these.

How do permission groups work?+

A permission group is a named unit of access, like DNS Write or Workers Scripts Read, set to read or edit and attached to a token at a scope, either an account or a zone. A token can hold several groups, and a call that needs a group the token lacks returns 403. The complete list of groups, with each one's id and scope, comes from the IAM permission-groups endpoint.

How is the API versioned?+

The API is not versioned beyond the v4 path. There is one continuously updated API, and Cloudflare announces retired methods through a dated deprecations list rather than minting new version numbers. A deprecated method keeps working until its end-of-life date, so an integration tracks the list and moves off a method before it is removed.

How does the success boolean and the error model work?+

Every response is wrapped in an envelope with a success boolean, an errors array, a messages array, and a result field for the data. When success is false, each entry in the errors array has an integer code and a message naming what went wrong. The HTTP status still signals the broad category, like 400 for a bad request or 403 for a missing permission, while the errors array gives the specific reason.

What changed with Firewall Rules and the WAF?+

The standalone Firewall Rules API and the Filters API were deprecated on 15 June 2025, replaced by WAF custom rules managed through the Rulesets API. The previous version of WAF Managed Rules, managed through packages, groups, and overrides, was deprecated on the same date in favor of the new WAF Managed Rules, also through the Rulesets API. New work should use rulesets rather than the older firewall endpoints.

Does Cloudflare offer an MCP server for AI agents?+

Yes. Cloudflare runs a hosted Model Context Protocol server at https://mcp.cloudflare.com/mcp that exposes the whole API, over 2,500 endpoints, through a search tool and an execute tool, authenticating with OAuth and falling back to API tokens for automation. Cloudflare also runs product-specific servers, like documentation, Workers bindings, observability, Radar, and analytics over GraphQL, each at its own mcp.cloudflare.com subdomain.

What is Bollard AI?

Control what every AI agent can do in Cloudflare.

Bollard AI sits between a team's AI agents and Cloudflare. Grant each agent exactly the access it needs, read or write, resource by resource, and every call is checked and logged.

Set read, write, or full access per agent, never a shared Cloudflare token.
Denied by default, so an agent reaches only what has been explicitly allowed.
Every call recorded in plain English: who, what, where, and the decision.

Control Cloudflare access in Bollard Browse all APIs →

Cloudflare

Infra Agent

Read DNS records ResourceOffReadFull use

Purge cache ActionOffReadFull use

Deploy Workers scripts ActionOffReadFull use

Per-agent access, set in Bollard AI, not in Cloudflare

How the Cloudflare API works.

Connection & authentication methods.

REST API

MCP server (Model Context Protocol)

GraphQL analytics API

Notifications

API token

API key (legacy)

What an AI agent can do in Cloudflare.

Zones

DNS records

Firewall & WAF

Page Rules

Cache

Workers

R2 storage

SSL/TLS

Load Balancers

Accounts

Every Cloudflare API method.

Zones

DNS records

Firewall & WAF

Page Rules

Cache

Workers

R2 storage

SSL/TLS

Load Balancers

Accounts

Webhook events.

Rate limits, pagination & request size.

Request rate

Pagination

Request size

Status codes & error handling.

Version history.

What changed, and when

Cloudflare API, answered.

More developer API guides for agents

DigitalOcean

GitHub

Make

Datadog

LaunchDarkly

Gitea

Control what every AI agent can do in Cloudflare.