# How to integrate Cloudflare MCP with Grok Build

```json
{
  "title": "How to integrate Cloudflare MCP with Grok Build",
  "toolkit": "Cloudflare",
  "toolkit_slug": "cloudflare",
  "framework": "Grok Build",
  "framework_slug": "grok-build",
  "url": "https://composio.dev/toolkits/cloudflare/framework/grok-build",
  "markdown_url": "https://composio.dev/toolkits/cloudflare/framework/grok-build.md",
  "updated_at": "2026-05-12T10:06:40.688Z"
}
```

## Introduction

### How to integrate Cloudflare MCP with Grok Build
[Grok Build](https://docs.x.ai/build/overview) is xAI's terminal coding agent. It runs on Grok 4.5, plans its work before it acts, and can run multiple sub-agents in parallel. It also reads Claude Code's MCP configuration, so any server you already have in a .mcp.json is picked up with no changes.
In this guide, I will show you how to connect your Cloudflare account to Grok Build through Composio, so it can add new A record for your domain, list all firewall rules for zone, show members of your Cloudflare account, and more without leaving the terminal. Composio holds the OAuth tokens for you, and Grok Build only calls the tools you approve.

## Also integrate Cloudflare with

- [ChatGPT Work](https://composio.dev/toolkits/cloudflare/framework/chatgpt)
- [Antigravity](https://composio.dev/toolkits/cloudflare/framework/antigravity)
- [OpenAI Agents SDK](https://composio.dev/toolkits/cloudflare/framework/open-ai-agents-sdk)
- [Claude Agent SDK](https://composio.dev/toolkits/cloudflare/framework/claude-agents-sdk)
- [Claude Code](https://composio.dev/toolkits/cloudflare/framework/claude-code)
- [Claude Cowork](https://composio.dev/toolkits/cloudflare/framework/claude-cowork)
- [Codex](https://composio.dev/toolkits/cloudflare/framework/codex)
- [Kimi Code](https://composio.dev/toolkits/cloudflare/framework/kimi)
- [Cursor](https://composio.dev/toolkits/cloudflare/framework/cursor)
- [VS Code](https://composio.dev/toolkits/cloudflare/framework/vscode)
- [OpenCode](https://composio.dev/toolkits/cloudflare/framework/opencode)
- [OpenClaw](https://composio.dev/toolkits/cloudflare/framework/openclaw)
- [Hermes](https://composio.dev/toolkits/cloudflare/framework/hermes-agent)
- [CLI](https://composio.dev/toolkits/cloudflare/framework/cli)
- [Google ADK](https://composio.dev/toolkits/cloudflare/framework/google-adk)
- [LangChain](https://composio.dev/toolkits/cloudflare/framework/langchain)
- [Vercel AI SDK](https://composio.dev/toolkits/cloudflare/framework/ai-sdk)
- [Mastra AI](https://composio.dev/toolkits/cloudflare/framework/mastra-ai)
- [LlamaIndex](https://composio.dev/toolkits/cloudflare/framework/llama-index)
- [CrewAI](https://composio.dev/toolkits/cloudflare/framework/crew-ai)

## TL;DR

### Why use Composio over a standalone MCP server?
- Read and write access. Composio's Cloudflare integration lets Grok Build take real actions like creating drafts, sending updates, and labeling records, not just reading data.
- 1,000+ SaaS toolkits out of the box. One endpoint gives you a full catalog of pre-built connectors, from Gmail and Slack to Notion, Linear, and Salesforce.
- One MCP server for every app. Wire up a single Composio server instead of maintaining a separate MCP entry for each app.
- Smart, context-aware tool loading. Grok Build caps how many tools it holds in a single request. Composio loads only the tools a task needs, so you do not spend that budget on tools you are not using.
- Cross-app automation. Chain actions across apps in one run. Pull a thread, summarize it in Notion, and post the highlights to Slack from a single prompt.

## Connect Cloudflare to Grok Build

### Prerequisites
- Grok Build installed and signed in. Install with curl -fsSL https://x.ai/cli/install.sh | bash on macOS or Linux, or irm https://x.ai/cli/install.ps1 | iex on Windows PowerShell. On first launch Grok opens a browser to authenticate; for headless or CI use, set an XAI_API_KEY environment variable instead (create the key at [console.x.ai](https://console.x.ai/)).
- Access to the Cloudflare account you want to connect.
- The [Composio MCP endpoint](https://dashboard.composio.dev/login?utm_source=toolkits&utm_medium=framework_template&utm_campaign=grok-build&utm_content=composio_connect). Composio's server is remote and hosted, so there is nothing to run locally and no tunnel to set up.
### Step-by-step: Connect Cloudflare to Grok Build
### 1. Install and verify Grok Build
Install the CLI, then restart your shell so the grok binary lands on your PATH:

```bash
curl -fsSL https://x.ai/cli/install.sh | bash
which grok
```

## What is the Cloudflare MCP server, and what's possible with it?

The Cloudflare MCP server is an implementation of the Model Context Protocol that connects your AI agent and assistants like Claude, Cursor, etc directly to your Cloudflare account. It provides structured and secure access to your Cloudflare infrastructure, so your agent can perform actions like managing DNS records, configuring WAF lists, auditing firewall rules, and overseeing zones and account members—all on your behalf.
- DNS record management: Effortlessly create or delete DNS records within any zone, allowing your agent to automate domain setup and maintenance tasks.
- WAF list and firewall rule automation: Direct your agent to create, list, or delete Web Application Firewall (WAF) lists and audit firewall rules to enhance your site's security posture.
- Zone administration: Enable your agent to create new zones when adding domains or delete zones that are no longer needed, streamlining domain onboarding and cleanup.
- Account and member management: Let your agent list all Cloudflare accounts you have access to and enumerate members within each account for audit or collaboration purposes.
- Comprehensive infrastructure visibility: Ask your agent to fetch and review your entire Cloudflare account structure, making it simple to monitor resources and configurations at scale.

## Supported Tools

| Tool slug | Name | Description |
|---|---|---|
| `CLOUDFLARE_CREATE_DNS_RECORD` | Create DNS record | Tool to create a new DNS record within a specific zone. Requires write privileges and makes live changes to the zone. Use after obtaining the zone ID via CLOUDFLARE_LIST_ZONES to programmatically add DNS entries. |
| `CLOUDFLARE_CREATE_LIST` | Create WAF List | Create a new empty custom list for use in WAF rules and filters. Lists can contain IP addresses, hostnames, ASNs, or redirects. Once created, use separate actions to add items to the list. Note: List availability depends on plan (Free: 1 list, Pro/Business: 10 lists, Enterprise: 1000 lists). Example: CREATE_LIST(account_id="abc123", kind="ip", name="blocklist", description="Block malicious IPs") |
| `CLOUDFLARE_CREATE_ZONE` | Create Zone | Creates a new DNS zone (domain) in Cloudflare. A zone represents a domain and its DNS records. Use this when adding a new domain to manage with Cloudflare. Requires account ID (obtainable via LIST_ACCOUNTS). The zone will be in 'pending' status until nameservers are updated at the domain registrar. |
| `CLOUDFLARE_DELETE_DNS_RECORD` | Delete DNS Record | Tool to delete a DNS record within a specific zone. Deletion is immediate and irreversible. Use only after confirming both zone and record IDs. Requires write privileges on the zone. Example: "Delete DNS record 372e6795... from zone 023e105f4ecef..." |
| `CLOUDFLARE_DELETE_LIST` | Delete WAF List | Tool to delete a WAF list. Use when you need to remove a list after verifying no filters reference it. Example: DELETE_LIST(account_id="", list_id="") |
| `CLOUDFLARE_DELETE_ZONE` | Delete Zone | Tool to delete a zone. Use after confirming the zone identifier to permanently remove a DNS zone and all its DNS records from your Cloudflare account. Example: DELETE_ZONE(zone_identifier="023e105f4ecef8ad9ca31a8372d0c353") |
| `CLOUDFLARE_GET_BOT_MANAGEMENT_SETTINGS` | Get Bot Management Settings | Tool to retrieve a zone's Bot Management configuration (Bot Fight Mode / Super Bot Fight Mode / Enterprise Bot Management). Use after identifying the correct zone_id (e.g., via CLOUDFLARE_LIST_ZONES). This tool is the canonical way to audit bot-related configuration; firewall rules are adjacent controls but not equivalent to Bot Management settings. |
| `CLOUDFLARE_GET_LISTS` | List WAF Lists | Tool to fetch all WAF lists (no items) for an account. Results are paginated; iterate using page and per_page parameters until result_info.total_pages is reached to retrieve all lists. Use after confirming account ID. |
| `CLOUDFLARE_LIST_ACCOUNT_MEMBERS` | List Account Members | Lists all members of a Cloudflare account with their roles, permissions, and status. Returns detailed information about each account member including their user details (name, email, 2FA status), assigned roles with granular permissions, membership status (accepted/pending/rejected), and access policies. Supports filtering by status, sorting by various fields, and pagination for accounts with many members. Use this action when you need to: - View all users with access to a Cloudflare account - Audit account member permissions and roles - Check membership status of invited users - List members with specific roles or statuses Requires the account ID which can be obtained using the List Accounts action. Note: caller's account role may restrict visibility of some members if permissions are insufficient. |
| `CLOUDFLARE_LIST_ACCOUNTS` | List Accounts | List all Cloudflare accounts you have ownership or verified access to. Retrieves a paginated list of accounts with their details including account ID, name, type, settings, and creation date. An empty or partial result may indicate insufficient API token scope or permissions, not the absence of accounts. When multiple accounts are returned, confirm the intended account_id before performing any write operations to avoid acting on unintended environments. Use this when you need to: - Discover available accounts before performing account-specific operations - Find an account ID for other API calls that require an account identifier - Audit account configurations and settings - Filter accounts by name or paginate through large account lists |
| `CLOUDFLARE_LIST_DNS_RECORDS` | List DNS records | Tool to list and search DNS records in a Cloudflare zone. Use when you need to find existing DNS record IDs for update or delete operations, especially after a "record already exists" error during creation. Returns matching records with their IDs, names, types, content, and other properties. |
| `CLOUDFLARE_LIST_FIREWALL_RULES` | List Firewall Rules | Tool to list firewall rules for a specific DNS zone. Use after confirming the zone ID to retrieve and audit current firewall rules. Does not expose Workers routes or other routing constructs. |
| `CLOUDFLARE_LIST_MONITORS` | List Monitors | Tool to list all load-balancer monitors in a Cloudflare account. Use after creating or updating monitors to retrieve a paginated list. Response includes `result_info.total_pages` to determine when all pages have been fetched. |
| `CLOUDFLARE_LIST_POOLS` | List Pools | Tool to list all load balancer pools in a Cloudflare account. Use after confirming account ID to discover pool IDs. Paginate using `page` and `per_page`; check `result_info.total_pages` in the response to determine if additional pages exist. |
| `CLOUDFLARE_LIST_TUNNELS` | List Tunnels | List Cloudflare Tunnel (cloudflared) tunnels in an account to discover tunnel IDs, names, and statuses. Use when you need to find a tunnel_id before performing tunnel operations like routing, DNS configuration, or debugging. |
| `CLOUDFLARE_LIST_ZONES` | List Zones | Lists, searches, sorts, and filters zones in the authenticated account. Use `page`/`per_page` to paginate; check `result_info.total_pages` in the response to iterate all pages. Does not return DNS records — extract `zone_id` from results before passing to zone-scoped tools (DNS, firewall, etc.). Only zones delegated to Cloudflare nameservers appear; empty results indicate scope or delegation constraints, not errors. |
| `CLOUDFLARE_UPDATE_DNS_RECORD` | Update DNS record | Tool to update an existing DNS record within a specific zone. Use after confirming both zone and record identifiers; only provided fields are modified. Updates to records used by active tunnels take effect immediately and can disrupt live traffic. |
| `CLOUDFLARE_UPDATE_LIST` | Update WAF List | Tool to update the description of a WAF list (cannot update items). Use after confirming list metadata. |
| `CLOUDFLARE_UPDATE_TUNNEL_CONFIGURATION` | Update Tunnel Configuration | Tool to update a remotely-managed Cloudflare Tunnel's configuration (ingress rules and routing). Use when you need to programmatically configure hostname-to-origin mappings for a tunnel. WARNING: This operation REPLACES the entire configuration - incorrect configuration can break routing and make services unreachable. Best practice: fetch current configuration first (if patching) to preserve existing rules. At least one ingress rule is required, and the last rule should typically be a catch-all (hostname='*' or omitted) with service='http_status:404'. |
| `CLOUDFLARE_UPDATE_ZONE` | Update Zone | Tool to update properties of an existing zone; changes apply immediately to the live zone. Confirm zone ID and intended change with the user before calling. Only one field can be modified per call. |

## Supported Triggers

None listed.

## Creating MCP Server - Stand-alone vs Composio SDK

Once connected, Grok Build can access the Cloudflare MCP server via Composio to run the app actions you authorize, directly from your terminal.

## Complete Code

None listed.

## How to build Cloudflare MCP Agent with another framework

- [ChatGPT Work](https://composio.dev/toolkits/cloudflare/framework/chatgpt)
- [Antigravity](https://composio.dev/toolkits/cloudflare/framework/antigravity)
- [OpenAI Agents SDK](https://composio.dev/toolkits/cloudflare/framework/open-ai-agents-sdk)
- [Claude Agent SDK](https://composio.dev/toolkits/cloudflare/framework/claude-agents-sdk)
- [Claude Code](https://composio.dev/toolkits/cloudflare/framework/claude-code)
- [Claude Cowork](https://composio.dev/toolkits/cloudflare/framework/claude-cowork)
- [Codex](https://composio.dev/toolkits/cloudflare/framework/codex)
- [Kimi Code](https://composio.dev/toolkits/cloudflare/framework/kimi)
- [Cursor](https://composio.dev/toolkits/cloudflare/framework/cursor)
- [VS Code](https://composio.dev/toolkits/cloudflare/framework/vscode)
- [OpenCode](https://composio.dev/toolkits/cloudflare/framework/opencode)
- [OpenClaw](https://composio.dev/toolkits/cloudflare/framework/openclaw)
- [Hermes](https://composio.dev/toolkits/cloudflare/framework/hermes-agent)
- [CLI](https://composio.dev/toolkits/cloudflare/framework/cli)
- [Google ADK](https://composio.dev/toolkits/cloudflare/framework/google-adk)
- [LangChain](https://composio.dev/toolkits/cloudflare/framework/langchain)
- [Vercel AI SDK](https://composio.dev/toolkits/cloudflare/framework/ai-sdk)
- [Mastra AI](https://composio.dev/toolkits/cloudflare/framework/mastra-ai)
- [LlamaIndex](https://composio.dev/toolkits/cloudflare/framework/llama-index)
- [CrewAI](https://composio.dev/toolkits/cloudflare/framework/crew-ai)

## Related Toolkits

- [Supabase](https://composio.dev/toolkits/supabase) - Supabase is an open-source backend platform offering scalable Postgres databases, authentication, storage, and real-time APIs. It lets developers build modern apps without managing infrastructure.
- [Codeinterpreter](https://composio.dev/toolkits/codeinterpreter) - Codeinterpreter is a Python-based coding environment with built-in data analysis and visualization. It lets you instantly run scripts, plot results, and prototype solutions inside supported platforms.
- [GitHub](https://composio.dev/toolkits/github) - GitHub is a code hosting platform for version control and collaborative software development. It streamlines project management, code review, and team workflows in one place.
- [1password](https://composio.dev/toolkits/_1password) - 1Password is a password manager and digital vault for storing logins, secrets, notes, and secure documents. It helps individuals and teams protect credentials, share access safely, and reduce password risk.
- [Ably](https://composio.dev/toolkits/ably) - Ably is a real-time messaging platform for live chat and data sync in modern apps. It offers global scale and rock-solid reliability for seamless, instant experiences.
- [Abuselpdb](https://composio.dev/toolkits/abuselpdb) - Abuselpdb is a central database for reporting and checking IPs linked to malicious online activity. Use it to quickly identify and report suspicious or abusive IP addresses.
- [Alchemy](https://composio.dev/toolkits/alchemy) - Alchemy is a blockchain development platform offering APIs and tools for Ethereum apps. It simplifies building and scaling Web3 projects with robust infrastructure.
- [Algolia](https://composio.dev/toolkits/algolia) - Algolia is a hosted search API that powers lightning-fast, relevant search experiences for web and mobile apps. It helps developers deliver instant, typo-tolerant, and scalable search without complex infrastructure.
- [Anchor browser](https://composio.dev/toolkits/anchor_browser) - Anchor browser is a developer platform for AI-powered web automation. It transforms complex browser actions into easy API endpoints for streamlined web interaction.
- [Apiflash](https://composio.dev/toolkits/apiflash) - Apiflash is a website screenshot API for programmatically capturing web pages. It delivers high-quality screenshots on demand for automation, monitoring, or reporting.
- [Apiverve](https://composio.dev/toolkits/apiverve) - Apiverve delivers a suite of powerful APIs that simplify integration for developers. It's designed for reliability and scalability so you can build faster, smarter applications without the integration headache.
- [Appcircle](https://composio.dev/toolkits/appcircle) - Appcircle is an enterprise-grade mobile CI/CD platform for building, testing, and publishing mobile apps. It streamlines mobile DevOps so teams ship faster and with more confidence.
- [Appdrag](https://composio.dev/toolkits/appdrag) - Appdrag is a cloud platform for building websites, APIs, and databases with drag-and-drop tools and code editing. It accelerates development and iteration by combining hosting, database management, and low-code features in one place.
- [Appveyor](https://composio.dev/toolkits/appveyor) - AppVeyor is a cloud-based continuous integration service for building, testing, and deploying applications. It helps developers automate and streamline their software delivery pipelines.
- [Backendless](https://composio.dev/toolkits/backendless) - Backendless is a backend-as-a-service platform for mobile and web apps, offering database, file storage, user authentication, and APIs. It helps developers ship scalable applications faster without managing server infrastructure.
- [Baserow](https://composio.dev/toolkits/baserow) - Baserow is an open-source no-code database platform for building collaborative data apps. It makes it easy for teams to organize data and automate workflows without writing code.
- [Bench](https://composio.dev/toolkits/bench) - Bench is a benchmarking tool for automated performance measurement and analysis. It helps you quickly evaluate, compare, and track your systems or workflows.
- [Better stack](https://composio.dev/toolkits/better_stack) - Better Stack is a monitoring, logging, and incident management solution for apps and services. It helps teams ensure application reliability and performance with real-time insights.
- [Bitbucket](https://composio.dev/toolkits/bitbucket) - Bitbucket is a Git-based code hosting and collaboration platform for teams. It enables secure repository management and streamlined code reviews.
- [Blazemeter](https://composio.dev/toolkits/blazemeter) - Blazemeter is a continuous testing platform for web and mobile app performance. It empowers teams to automate and analyze large-scale tests with ease.

## Frequently Asked Questions

### What is the difference between the Composio Tool Router and a standalone Cloudflare MCP server?

A standalone Cloudflare MCP server gives Grok Build a fixed set of Cloudflare tools tied to that one server. The Composio Tool Router lets Grok Build load tools from Cloudflare and many other apps on demand, based on the task, all through a single endpoint.

### Does Grok Build support MCP?

Yes. Grok Build ships with native MCP support. Add a server with the grok mcp add command, from the in-session /mcps modal, or by editing ~/.grok/config.toml. It also reads Claude Code-style .mcp.json files, so Grok Build discovers the tools automatically.

### Can I reuse the same MCP config I already use with Claude Code?

Yes. Grok Build has zero-migration compatibility with Claude Code's configuration, so the same Composio server entry works in both without edits.

### How safe is my Cloudflare data with Composio?

Tokens, keys, and configuration are encrypted at rest and in transit. Composio is SOC 2 Type 2 compliant, so your Cloudflare data and credentials are handled to that standard.

---
[See all toolkits](https://composio.dev/toolkits) · [Composio docs](https://docs.composio.dev/llms.txt)
