mcp-oauth-cloudflare

Review·Scanned 2/18/2026

This skill provides OAuth authentication for MCP servers on Cloudflare Workers with Google OAuth and DCR support. It instructs storing/using secrets (GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET, COOKIE_ENCRYPTION_KEY, AUTH_TOKEN), running CLI deployment/secret commands (npx wrangler deploy, npx wrangler secret put), and calling Google endpoints (https://oauth2.googleapis.com/token, https://accounts.google.com/o/oauth2/v2/auth).

by jezweb·v10a1f16·85.5 KB·294 installs
Scanned from main at 10a1f16 · Transparency log ↗
$ vett add jezweb/claude-skills/mcp-oauth-cloudflareReview findings below

MCP OAuth Cloudflare Skill

OAuth authentication for MCP servers on Cloudflare Workers.

Auto-Trigger Keywords

This skill activates when discussing:

  • "mcp oauth"
  • "mcp authentication"
  • "mcp server auth"
  • "oauth mcp server"
  • "cloudflare mcp oauth"
  • "workers-oauth-provider"
  • "dynamic client registration"
  • "DCR mcp"
  • "claude.ai mcp authentication"
  • "google oauth mcp"
  • "mcp user authentication"
  • "replace auth tokens mcp"
  • "oauth instead of tokens"

What This Skill Provides

  1. Complete OAuth flow for MCP servers
  2. Security utilities (CSRF, state validation, session binding)
  3. Beautiful approval dialog (dark mode, branded)
  4. Google OAuth integration (token exchange, user info)
  5. Claude.ai compatibility (DCR support)

Quick Usage

# Tell Claude:
"Add OAuth authentication to my MCP server on Cloudflare"

# Or:
"Set up Google Sign-In for my MCP server"

# Or:
"Replace auth tokens with OAuth for my MCP"

Files Included

mcp-oauth-cloudflare/
├── SKILL.md                    # Full documentation
├── README.md                   # This file
├── templates/
│   └── oauth/
│       ├── google-handler.ts   # OAuth routes
│       ├── utils.ts            # Google OAuth utilities
│       └── workers-oauth-utils.ts # Security utilities
├── rules/
│   └── mcp-oauth.md            # Common mistakes
└── references/
    └── oauth-flow.md           # Flow diagrams

Key Dependencies

{
  "@cloudflare/workers-oauth-provider": "^0.2.2",
  "agents": "^0.3.3",
  "@modelcontextprotocol/sdk": "^1.25.1",
  "hono": "^4.11.3",
  "zod": "^3.24.2"
}

v0.2.0+ Features:

  • Refresh token support for long-lived sessions
  • Bearer token + OAuth coexistence for CLI tools
  • Improved state validation

Why OAuth Over Auth Tokens?

Auth TokensOAuth
Manual sharingAutomatic flow
No user consentExplicit approval
No expirationAuto-refresh
All-or-nothingScoped access
No Claude.ai DCRFull compatibility

License

MIT