cloudflare/mcp-server-cloudflare

[email protected] scope: cloudflare-ai-gateway-mcp-server Breaking

This release includes 2 breaking changes for platform teams planning a safe upgrade.

Published 1d MCP Developer Tools

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Affected surfaces

auth

ReleasePort's take

Light signal

editorial:auto 1d

The release removes the `accounts_list` and `set_active_account` tools.

Why it matters: Removal of accounts_list and set_active_account breaks integrations that rely on these API endpoints; update code paths before upgrading to [email protected].

Summary

AI summary

Updates Patch Changes, Minor Changes, and f625075 across a mixed release.

Changes in this release

Type	Severity	Summary	CVE
Breaking	High	Removes `accounts_list` and `set_active_account` tools. Removes `accounts_list` and `set_active_account` tools. Source: llm_adapter@2026-06-02 Confidence: high	—
Feature
Feature	Low	Introduces `AccountManager` for automatic Cloudflare account resolution. Introduces `AccountManager` for automatic Cloudflare account resolution. Source: granite4.1:30b@2026-06-02-audit Confidence: low	—
Feature	Low	Adds `server.accountTool()` registration to resolve accounts via priority order. Adds `server.accountTool()` registration to resolve accounts via priority order. Source: granite4.1:30b@2026-06-02-audit Confidence: low	—
Feature	Low	Supports auth-pinned account selection from API token or OAuth single-account token. Supports auth-pinned account selection from API token or OAuth single-account token. Source: granite4.1:30b@2026-06-02-audit Confidence: low	—
Feature	Low	Allows `cf-account-id` request header to select an account for multi-account tokens. Allows `cf-account-id` request header to select an account for multi-account tokens. Source: granite4.1:30b@2026-06-02-audit Confidence: low	—
Feature	Low	Adds optional `account_id` parameter to multi-account tools, with error listing available accounts when omitted. Adds optional `account_id` parameter to multi-account tools, with error listing available accounts when omitted. Source: granite4.1:30b@2026-06-02-audit Confidence: low	—
Dependency	Low	Upgrades `@cloudflare/workers-oauth-provider` from 0.4.0 to 0.7.0. Upgrades `@cloudflare/workers-oauth-provider` from 0.4.0 to 0.7.0. Source: llm_adapter@2026-06-02 Confidence: high	—
Dependency	Low	Upgrades core dependencies: `agents` 0.2.19 → 0.13.3, `@modelcontextprotocol/sdk` 1.20.2 → 1.29.0, `zod` 3 → 4, and `ai` 4 → 6. Upgrades core dependencies: `agents` 0.2.19 → 0.13.3, `@modelcontextprotocol/sdk` 1.20.2 → 1.29.0, `zod` 3 → 4, and `ai` 4 → 6. Source: llm_adapter@2026-06-02 Confidence: high	—
Bugfix	Low	Enforces flat `annotations` hints in MCP SDK 1.29, fixing ignored nested hints. Enforces flat `annotations` hints in MCP SDK 1.29, fixing ignored nested hints. Source: granite4.1:30b@2026-06-02-audit Confidence: low	—
Refactor
Refactor	Low	Standardizes tool error responses to set `isError: true`. Standardizes tool error responses to set `isError: true`. Source: granite4.1:30b@2026-06-02-audit Confidence: low	—
Refactor	Low	Updates code for `@cloudflare/workers-oauth-provider` 0.7.0 API change: `TokenExchangeCallbackOptions` now requires `grantId`. Updates code for `@cloudflare/workers-oauth-provider` 0.7.0 API change: `TokenExchangeCallbackOptions` now requires `grantId`. Source: granite4.1:30b@2026-06-02-audit Confidence: low	—
Refactor	Low	Adjusts to `zod` 4 changes: explicit key schema for `z.record`, replaces `z.string().ip()` with `z.ipv4()/z.ipv6()`, removes `objectOutputType`. Adjusts to `zod` 4 changes: explicit key schema for `z.record`, replaces `z.string().ip()` with `z.ipv4()/z.ipv6()`, removes `objectOutputType`. Source: granite4.1:30b@2026-06-02-audit Confidence: low	—
Refactor	Low	Constrains `McpAgent` env generic to `Cloudflare.Env` in `agents` 0.13. Constrains `McpAgent` env generic to `Cloudflare.Env` in `agents` 0.13. Source: granite4.1:30b@2026-06-02-audit Confidence: low	—
Refactor	Low	Updates eval tooling in `ai` 6: modifies `LanguageModel`, `inputSchema`, `stopWhen`, `stepCountIs`, and tool-call `input`. Updates eval tooling in `ai` 6: modifies `LanguageModel`, `inputSchema`, `stopWhen`, `stepCountIs`, and tool-call `input`. Source: granite4.1:30b@2026-06-02-audit Confidence: low	—

Full changelog

Minor Changes

f625075: Centralize Cloudflare account resolution and remove the account-management tools.

The accounts_list and set_active_account tools are removed. Account scoping is now
resolved automatically by an AccountManager (via the new server.accountTool()
registration), in priority order:
1. Auth-pinned account — an account-scoped API token's account, or an OAuth token with a
  single account, is used automatically (no account_id parameter is exposed).
2. cf-account-id request header — for tokens that can access multiple accounts, set this
  header in your MCP client config to pick an account.
3. account_id tool argument — for multi-account tokens, account-scoped tools expose an
  optional account_id parameter; when omitted (and no header is set) the tool returns an
  error listing the accounts you can use. Multi-account credentials also list their accounts
  in the server's initialize instructions.
All tool error responses now set isError: true so clients can distinguish failures.

Patch Changes

a358e69: Upgrade @cloudflare/workers-oauth-provider 0.4.0 → 0.7.0.

No tool or behavior changes. The only API change affecting this repo is that
TokenExchangeCallbackOptions now carries a required grantId field, which only
touched a test fixture (the provider supplies it at runtime).
f625075: Upgrade core dependencies: agents 0.2.19 → 0.13.3, @modelcontextprotocol/sdk 1.20.2 →
1.29.0, zod 3 → 4, and ai 4 → 6.

No user-facing tool or behavior changes. Internal adjustments for the new versions:
- zod 4: z.record(...) now takes an explicit key schema; z.string().ip() replaced with
  z.ipv4()/z.ipv6() validation; dropped the removed objectOutputType helper.
- agents 0.13: McpAgent env generic is constrained to Cloudflare.Env.
- MCP SDK 1.29: tool annotations hints must be flat ({ title, readOnlyHint, ... }) — fixes a
  latent bug where nested hints were silently ignored.
- ai 6: eval tooling updated (LanguageModel, inputSchema, stopWhen/stepCountIs, tool-call input).

Breaking Changes

Removed `accounts_list` and `set_active_account` tools; account scoping now resolved automatically via Auth-pinned token, `cf-account-id` header, or optional `account_id` argument with error on omission.
Minimum version bump of core dependencies: `agents` 0.13.3 (from 0.2.19), `@modelcontextprotocol/sdk` 1.29.0 (from 1.20.2), `zod` 4 (from 3), and `ai` 6 (from 4).

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track cloudflare/mcp-server-cloudflare

Get notified when new releases ship.

About cloudflare/mcp-server-cloudflare

Integration with Cloudflare services including Workers, KV, R2, and D1

All releases →

Related context

Related tools

Earlier breaking changes

[email protected] Adds delete-class migration for UserDetails Durable Object in graphql server.
[email protected] Removes `accounts_list` and `set_active_account` tools.
[email protected] Removes `accounts_list` and `set_active_account` tools.
[email protected] Removes `accounts_list` and `set_active_account` tools.
[email protected] Removes `accounts_list` and `set_active_account` tools.