Cloudflare Google OAuth MCP Server

1

Add it to Claude Code

Run this in a terminal.

Run in terminal
claude mcp add -e "GOOGLE_CLIENT_ID=${GOOGLE_CLIENT_ID}" -e "GOOGLE_CLIENT_SECRET=${GOOGLE_CLIENT_SECRET}" -e "COOKIE_ENCRYPTION_KEY=${COOKIE_ENCRYPTION_KEY}" -e "ALLOWED_API_KEYS=${ALLOWED_API_KEYS}" cf-gdrive-mcp -- npx mcp-remote "https://mcp-google-oauth.<your-subdomain>.workers.dev/mcp"
Required:GOOGLE_CLIENT_IDGOOGLE_CLIENT_SECRETCOOKIE_ENCRYPTION_KEYALLOWED_API_KEYS+ 1 optional
README.md

A remote MCP server deployable on Cloudflare Workers with Google OAuth.

Model Context Protocol (MCP) Server + Google OAuth

This is a Model Context Protocol (MCP) server that supports remote MCP connections, with Google OAuth built-in.

You can deploy it to your own Cloudflare account, and after you create your own Google Cloud OAuth client app, you'll have a fully functional remote MCP server that you can build off. Users will be able to connect to your MCP server by signing in with their Google account.

You can use this as a reference example for how to integrate other OAuth providers with an MCP server deployed to Cloudflare, using the `workers-oauth-provider` library.

The MCP server (powered by Cloudflare Workers):

  • Acts as OAuth Server to your MCP clients
  • Acts as OAuth Client to your real OAuth server (in this case, Google)

Getting Started

Clone the repo & install dependencies: npm install

For Production

Create a new Google Cloud OAuth App:

  • For the Homepage URL, specify https://mcp-google-oauth.<your-subdomain>.workers.dev
  • For the Authorization callback URL, specify https://mcp-google-oauth.<your-subdomain>.workers.dev/callback
  • Note your Client ID and generate a Client secret.
  • Set secrets via Wrangler
wrangler secret put GOOGLE_CLIENT_ID
wrangler secret put GOOGLE_CLIENT_SECRET
wrangler secret put COOKIE_ENCRYPTION_KEY # add any random string here e.g. openssl rand -hex 32
wrangler secret put HOSTED_DOMAIN # optional: use this when restrict google account domain
wrangler secret put ALLOWED_API_KEYS # comma-separated list of API keys (e.g., key1,key2,key3)

Note: The server now requires API Key authentication for MCP endpoints. See API_KEY_SETUP.md for detailed setup instructions.

Set up a KV namespace
  • Create the KV namespace: wrangler kv:namespace create "OAUTH_KV"
  • Update the Wrangler file with the KV ID
Deploy & Test

Deploy the MCP server to make it available on your workers.dev domain wrangler deploy

Test the remote server using Inspector: 

npx @modelcontextprotocol/inspector@latest

Enter https://mcp-google-oauth.<your-subdomain>.workers.dev/mcp and hit connect. Once you go through the authentication flow, you'll see the Tools working:

You now have a remote MCP server deployed!

Access Control

This MCP server uses Google Cloud OAuth for authentication. All authenticated Google users can access basic tools like "add". When you restrict users with hosted domain, set HOSTED_DOMAIN env.

Access the remote MCP server from Claude Desktop

Open Claude Desktop and navigate to Settings -> Developer -> Edit Config. This opens the configuration file that controls which MCP servers Claude can access.

Replace the content with the following configuration. Once you restart Claude Desktop, a browser window will open showing your OAuth login page. Complete the authentication flow to grant Claude access to your MCP server. After you grant access, the tools will become available for you to use. 

{
  "mcpServers": {
    "math": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "https://mcp-google-oauth.<your-subdomain>.workers.dev/mcp"
      ]
    }
  }
}

Once the Tools (under 🔨) show up in the interface, you can ask Claude to use them. For example: "Could you use the math tool to add 23 and 19?". Claude should invoke the tool and show the result generated by the MCP server.

For Local Development

If you'd like to iterate and test your MCP server, you can do so in local development. This will require you to create another OAuth App on Google Cloud:

  • For the Homepage URL, specify http://localhost:8788
  • For the Authorization callback URL, specify http://localhost:8788/callback
  • Note your Client ID and generate a Client secret.
  • Create a .dev.vars file in your project root with:
GOOGLE_CLIENT_ID=your_development_google_cloud_oauth_client_id
GOOGLE_CLIENT_SECRET=your_development_google_cloud_oauth_client_secret
COOKIE_ENCRYPTION_KEY=any_random_string_here
ALLOWED_API_KEYS=dev-key-1,dev-key-2
Develop & Test

Run the server locally to make it available at http://localhost:8788 wrangler dev

To test the local server, enter http://localhost:8788/mcp into Inspector and hit connect. Once you follow the prompts, you'll be able to "List Tools".

Using Claude and other MCP Clients

When using Claude to connect to your remote MCP server, you may see some error messages. This is because Claude Desktop doesn't yet support remote MCP servers, so it sometimes gets confused. To verify whether the MCP server is connected, hover ov

Tools (1)

addPerforms basic addition operations.

Environment Variables

GOOGLE_CLIENT_IDrequiredGoogle Cloud OAuth client ID
GOOGLE_CLIENT_SECRETrequiredGoogle Cloud OAuth client secret
COOKIE_ENCRYPTION_KEYrequiredRandom string for cookie encryption
HOSTED_DOMAINOptional domain restriction for Google accounts
ALLOWED_API_KEYSrequiredComma-separated list of API keys for MCP endpoints

Configuration

claude_desktop_config.json
{"mcpServers": {"math": {"command": "npx", "args": ["mcp-remote", "https://mcp-google-oauth.<your-subdomain>.workers.dev/mcp"]}}}

Try it

Could you use the math tool to add 23 and 19?
Perform an addition operation using the math tool for 50 and 75.
Use the available tools to calculate the sum of 100 and 250.

Frequently Asked Questions

What are the key features of Cloudflare Google OAuth MCP Server?

Remote MCP server deployment on Cloudflare Workers. Integrated Google OAuth authentication flow. Support for hosted domain restrictions. API key authentication for MCP endpoints. Reference implementation for OAuth-protected MCP connections.

What can I use Cloudflare Google OAuth MCP Server for?

Deploying secure, authenticated MCP servers for remote team access. Building custom MCP tools that require Google account authorization. Learning how to integrate OAuth providers with Cloudflare-based MCP servers. Managing persistent MCP connections using Cloudflare infrastructure.

How do I install Cloudflare Google OAuth MCP Server?

Install Cloudflare Google OAuth MCP Server by running: wrangler deploy

What MCP clients work with Cloudflare Google OAuth MCP Server?

Cloudflare Google OAuth MCP Server works with any MCP-compatible client including Claude Desktop, Claude Code, Cursor, and other editors with MCP support.

Turn this server into reusable context

Keep Cloudflare Google OAuth MCP Server docs, env vars, and workflow notes in Conare so your agent carries them across sessions.

Need the old visual installer? Open Conare IDE.
Open Conare
View all cloud servers →

Related MCP Servers

SSH MCP Server
Execute shell commands on remote Linux and Windows systems via SSH.
cloud346 stars
Hono MCP Server
Expose your Hono API endpoints as MCP tools.
cloud77 stars
n8n Manager for AI Agents
Manage n8n workflow automation instances through AI agent tools.
cloud54 stars
Kilntainers
Give Every Agent an Ephemeral Linux Sandbox — via MCP
cloud36 stars
AWS MCP Server
Manage and provision AWS resources using natural language prompts
cloud27 stars
Dynamics 365 Finance & Operations
Production-ready MCP server for Microsoft Dynamics 365 Finance & Operations
cloud25 stars