How to integrate Cloudflare api key MCP with Google ADK

BOOK A CALLGET STARTED FOR FREE
Framework Integration Gradient
Cloudflare api key Logo
Google ADK Logo
divider

Introduction

This guide walks you through connecting Cloudflare api key to Google ADK using the Composio tool router. By the end, you'll have a working Cloudflare api key agent that can add new a record to my dns zone, delete outdated cname record from domain, create lockdown rule for admin urls, remove an old ruleset from my account through natural language commands.

This guide will help you understand how to give your Google ADK agent real control over a Cloudflare api key account through Composio's Cloudflare api key MCP server.

Before we dive in, let's take a quick look at the key ideas and tools involved.

TL;DR

Here's what you'll learn:
  • Get a Cloudflare api key account set up and connected to Composio
  • Install the Google ADK and Composio packages
  • Create a Composio Tool Router session for Cloudflare api key
  • Build an agent that connects to Cloudflare api key through MCP
  • Interact with Cloudflare api key using natural language

What is Google ADK?

Google ADK (Agents Development Kit) is Google's framework for building AI agents powered by Gemini models. It provides tools for creating agents that can use external services through the Model Context Protocol.

Key features include:

  • Gemini Integration: Native support for Google's Gemini models
  • MCP Toolset: Built-in support for Model Context Protocol tools
  • Streamable HTTP: Connect to external services through streamable HTTP
  • CLI and Web UI: Run agents via command line or web interface

What is the Cloudflare api key MCP server, and what's possible with it?

The Cloudflare api key MCP server is an implementation of the Model Context Protocol that connects your AI agent and assistants like Claude, Cursor, etc directly to your Cloudflare account. It provides structured and secure access to your Cloudflare services, so your agent can create DNS records, manage security rules, delete zones, and automate zone configurations on your behalf.

  • Automated DNS record management: Instantly create, update, or delete DNS records—including A, CNAME, TXT, and MX types—across your Cloudflare zones to keep your domains running smoothly.
  • Zone lockdown and security automation: Add or remove Zone Lockdown rules to restrict access to specific URLs and IP ranges, helping you enforce security policies without manual intervention.
  • Ruleset creation and maintenance: Direct your agent to create new rulesets or modify existing ones, ensuring your web applications remain secure and compliant with evolving access requirements.
  • Comprehensive zone administration: Effortlessly delete entire zones or DNSSEC configurations for streamlined domain management and cleanup when needed.
  • Versioned ruleset management: Retrieve specific versions of entry point rulesets, giving you granular control and auditability over your security configurations.

Supported Tools & Triggers

Tools
Create DNS RecordTool to create a new DNS record in a Cloudflare zone.
Create Zone Lockdown RuleTool to create a Zone Lockdown rule.
Create Rule in RulesetTool to add a rule to an existing ruleset.
Create RulesetTool to create an account- or zone-scoped ruleset.
Delete DNS RecordTool to delete a DNS record.
Delete DNSSECTool to delete DNSSEC records for a zone.
Delete Rule from RulesetTool to delete a specific rule from a ruleset.
Delete RulesetTool to delete all versions of a ruleset.
Delete a zoneTool to delete an existing zone.
Get Entrypoint Ruleset VersionTool to get a specific version of an entry point ruleset.
Get Lockdown RuleTool to get a Zone Lockdown rule.
Get Regional Tiered CacheTool to get the regional tiered cache setting for a zone.
Get RulesetTool to fetch the latest version of a ruleset by ID.
Get Zone DetailsTool to get details for a specific zone.
List DNS RecordsTool to list DNS records for a given Cloudflare zone.
List Cloudflare ZonesTool to list, search, sort, and filter Cloudflare zones.
Overwrite DNS RecordTool to completely overwrite a DNS record.
Rerun Zone Activation CheckTool to trigger a new activation check for a PENDING zone.
Update DNSSEC StatusTool to update DNSSEC configuration for a zone.
Update Lockdown RuleTool to update a zone lockdown rule.
Update Rule in RulesetTool to update a specific rule in a ruleset.
Update RulesetTool to update a Cloudflare ruleset, creating a new version.
Update Cloudflare ZoneTool to edit a Cloudflare zone.
Upload File to S3Tool to upload arbitrary file content to the app’s temporary R2/S3 bucket.

What is the Composio tool router, and how does it fit here?

What is Tool Router?

Composio's Tool Router helps agents find the right tools for a task at runtime. You can plug in multiple toolkits (like Gmail, HubSpot, and GitHub), and the agent will identify the relevant app and action to complete multi-step workflows. This can reduce token usage and improve the reliability of tool calls. Read more here: Getting started with Tool Router

The tool router generates a secure MCP URL that your agents can access to perform actions.

How the Tool Router works

The Tool Router follows a three-phase workflow:

  1. Discovery: Searches for tools matching your task and returns relevant toolkits with their details.
  2. Authentication: Checks for active connections. If missing, creates an auth config and returns a connection URL via Auth Link.
  3. Execution: Executes the action using the authenticated connection.

Step-by-step Guide

Prerequisites

Before starting, make sure you have:
  • A Google API key for Gemini models
  • A Composio account and API key
  • Python 3.9 or later installed
  • Basic familiarity with Python

Getting API Keys for Google and Composio

Google API Key
  • Go to Google AI Studio and create an API key.
  • Copy the key and keep it safe. You will put this in GOOGLE_API_KEY.
Composio API Key and User ID
  • Log in to the Composio dashboard.
  • Go to Settings → API Keys and copy your Composio API key. Use this for COMPOSIO_API_KEY.
  • Decide on a stable user identifier to scope sessions, often your email or a user ID. Use this for COMPOSIO_USER_ID.

Install dependencies

bash
pip install google-adk composio-google python-dotenv

Inside your virtual environment, install the required packages.

What's happening:

  • google-adk is Google's Agents Development Kit
  • composio connects your agent to Cloudflare api key via MCP
  • composio-google provides the Google ADK provider
  • python-dotenv loads environment variables

Set up ADK project

bash
adk create my_agent

Set up a new Google ADK project.

What's happening:

  • This creates an agent folder with a root agent file and .env file

Set environment variables

bash
GOOGLE_API_KEY=your-google-api-key
COMPOSIO_API_KEY=your-composio-api-key
COMPOSIO_USER_ID=your-user-id-or-email

Save all your credentials in the .env file.

What's happening:

  • GOOGLE_API_KEY authenticates with Google's Gemini models
  • COMPOSIO_API_KEY authenticates with Composio
  • COMPOSIO_USER_ID identifies the user for session management

Import modules and validate environment

python
import os
import warnings

from composio import Composio
from composio_google import GoogleProvider
from dotenv import load_dotenv
from google.adk.agents.llm_agent import Agent
from google.adk.tools.mcp_tool.mcp_session_manager import StreamableHTTPConnectionParams
from google.adk.tools.mcp_tool.mcp_toolset import McpToolset

load_dotenv()

warnings.filterwarnings("ignore", message=".*BaseAuthenticatedTool.*")

GOOGLE_API_KEY = os.getenv("GOOGLE_API_KEY")
COMPOSIO_API_KEY = os.getenv("COMPOSIO_API_KEY")
COMPOSIO_USER_ID = os.getenv("COMPOSIO_USER_ID")

if not GOOGLE_API_KEY:
    raise ValueError("GOOGLE_API_KEY is not set in the environment.")
if not COMPOSIO_API_KEY:
    raise ValueError("COMPOSIO_API_KEY is not set in the environment.")
if not COMPOSIO_USER_ID:
    raise ValueError("COMPOSIO_USER_ID is not set in the environment.")
What's happening:
  • os reads environment variables
  • Composio is the main Composio SDK client
  • GoogleProvider declares that you are using Google ADK as the agent runtime
  • Agent is the Google ADK LLM agent class
  • McpToolset lets the ADK agent call MCP tools over HTTP

Create Composio client and Tool Router session

python
print("Initializing Composio client...")
composio_client = Composio(api_key=COMPOSIO_API_KEY, provider=GoogleProvider())

print("Creating Composio session...")
composio_session = composio_client.create(
    user_id=COMPOSIO_USER_ID,
    toolkits=["cloudflare_api_key"],
)

COMPOSIO_MCP_URL = composio_session.mcp.url
print(f"Composio MCP HTTP URL: {COMPOSIO_MCP_URL}")
What's happening:
  • Authenticates to Composio with your API key
  • Declares Google ADK as the provider
  • Spins up a short-lived MCP endpoint for your user and selected toolkit
  • Stores the MCP HTTP URL for the ADK MCP integration

Set up the McpToolset and create the Agent

python
print("Creating Composio toolset for the agent...")
composio_toolset = McpToolset(
    connection_params=StreamableHTTPConnectionParams(
        url=COMPOSIO_MCP_URL,
        headers={"x-api-key": os.getenv("COMPOSIO_API_KEY")}
    )
)

root_agent = Agent(
    model="gemini-2.5-pro",
    name="composio_agent",
    description="An agent that uses Cloudflare api key tools to perform actions.",
    instruction=(
        "You are a helpful assistant connected to Composio. "
        "You have the following tools available: "
        "COMPOSIO_SEARCH_TOOLS, COMPOSIO_MULTI_EXECUTE_TOOL, "
        "COMPOSIO_MANAGE_CONNECTIONS, COMPOSIO_REMOTE_BASH_TOOL, COMPOSIO_REMOTE_WORKBENCH. "
        "Use these tools to help users with Cloudflare api key operations."
    ),
    tools=[composio_toolset],
)

print("\nAgent setup complete. You can now run this agent directly ;)")
What's happening:
  • Connects the ADK agent to the Composio MCP endpoint through McpToolset
  • Uses Gemini as the model powering the agent
  • Lists exact tool names in instruction to reduce misnamed tool calls

Run the agent

bash
# Run in CLI mode
adk run my_agent

# Or run in web UI mode
adk web
Execute the agent from the project root. The web command opens a web portal where you can chat with the agent. What's happening:
  • adk run runs the agent in CLI mode
  • adk web opens a web UI for interactive testing

Complete Code

Here's the complete code to get you started with Cloudflare api key and Google ADK:

python
import os
import warnings

from composio import Composio
from composio_google import GoogleProvider
from dotenv import load_dotenv
from google.adk.agents.llm_agent import Agent
from google.adk.tools.mcp_tool.mcp_session_manager import StreamableHTTPConnectionParams
from google.adk.tools.mcp_tool.mcp_toolset import McpToolset

def main():
    try:
        load_dotenv()

        warnings.filterwarnings("ignore", message=".*BaseAuthenticatedTool.*")

        GOOGLE_API_KEY = os.getenv("GOOGLE_API_KEY")
        COMPOSIO_API_KEY = os.getenv("COMPOSIO_API_KEY")
        COMPOSIO_USER_ID = os.getenv("COMPOSIO_USER_ID")

        if not GOOGLE_API_KEY:
            raise ValueError("GOOGLE_API_KEY is not set in the environment.")
        if not COMPOSIO_API_KEY:
            raise ValueError("COMPOSIO_API_KEY is not set in the environment.")
        if not COMPOSIO_USER_ID:
            raise ValueError("COMPOSIO_USER_ID is not set in the environment.")

        print("Initializing Composio client...")
        composio_client = Composio(api_key=COMPOSIO_API_KEY, provider=GoogleProvider())

        print("Creating Composio session...")
        composio_session = composio_client.create(
            user_id=COMPOSIO_USER_ID,
            toolkits=["cloudflare_api_key"],
        )

        COMPOSIO_MCP_URL = composio_session.mcp.url
        print(f"Composio MCP HTTP URL: {COMPOSIO_MCP_URL}")

        print("Creating Composio toolset for the agent...")
        composio_toolset = McpToolset(
            connection_params=StreamableHTTPConnectionParams(
                url=COMPOSIO_MCP_URL,
                headers={"x-api-key": os.getenv("COMPOSIO_API_KEY")}
            )
        )

        root_agent = Agent(
            model="gemini-2.5-pro",
            name="composio_agent",
            description="An agent that uses Cloudflare api key tools to perform actions.",
            instruction=(
                "You are a helpful assistant connected to Composio. "
                "You have the following tools available: "
                "COMPOSIO_SEARCH_TOOLS, COMPOSIO_MULTI_EXECUTE_TOOL, "
                "COMPOSIO_MANAGE_CONNECTIONS, COMPOSIO_REMOTE_BASH_TOOL, COMPOSIO_REMOTE_WORKBENCH. "
                "Use these tools to help users with Cloudflare api key operations."
            ),
            tools=[composio_toolset],
        )

        print("\nAgent setup complete. You can now run this agent directly ;)")

    except Exception as e:
        print(f"\nAn error occurred during agent setup: {e}")

if __name__ == "__main__":
    main()

Conclusion

You've successfully integrated Cloudflare api key with the Google ADK through Composio's MCP Tool Router. Your agent can now interact with Cloudflare api key using natural language commands.

Key takeaways:

  • The Tool Router approach dynamically routes requests to the appropriate Cloudflare api key tools
  • Environment variables keep your credentials secure and separate from code
  • Clear agent instructions reduce tool calling errors
  • The ADK web UI provides an interactive interface for testing and development

You can extend this setup by adding more toolkits to the toolkits array in your session configuration.

How to build Cloudflare api key MCP Agent with another framework

OpenAI Agents SDK

OpenAI Agents SDK

Use Cloudflare api key MCP with OpenAI Agents SDK

Claude Agent SDK

Claude Agent SDK

Use Cloudflare api key MCP with Claude Agent SDK

LangChain

LangChain

Use Cloudflare api key MCP with LangChain

Vercel AI SDK

Vercel AI SDK

Use Cloudflare api key MCP with Vercel AI SDK

Mastra AI

Mastra AI

Use Cloudflare api key MCP with Mastra AI

LlamaIndex

LlamaIndex

Use Cloudflare api key MCP with LlamaIndex

CrewAI

CrewAI

Use Cloudflare api key MCP with CrewAI

FAQ

What are the differences in Tool Router MCP and Cloudflare api key MCP?

With a standalone Cloudflare api key MCP server, the agents and LLMs can only access a fixed set of Cloudflare api key tools tied to that server. However, with the Composio Tool Router, agents can dynamically load tools from Cloudflare api key and many other apps based on the task at hand, all through a single MCP endpoint.

Can I use Tool Router MCP with Google ADK?

Yes, you can. Google ADK fully supports MCP integration. You get structured tool calling, message history handling, and model orchestration while Tool Router takes care of discovering and serving the right Cloudflare api key tools.

Can I manage the permissions and scopes for Cloudflare api key while using Tool Router?

Yes, absolutely. You can configure which Cloudflare api key scopes and actions are allowed when connecting your account to Composio. You can also bring your own OAuth credentials or API configuration so you keep full control over what the agent can do.

How safe is my data with Composio Tool Router?

All sensitive data such as tokens, keys, and configuration is fully encrypted at rest and in transit. Composio is SOC 2 Type 2 compliant and follows strict security practices so your Cloudflare api key data and credentials are handled as safely as possible.

Used by agents from

Context
ASU
Letta
glean
HubSpot
Agent.ai
Altera
DataStax
Entelligence
Rolai
Context
ASU
Letta
glean
HubSpot
Agent.ai
Altera
DataStax
Entelligence
Rolai
Context
ASU
Letta
glean
HubSpot
Agent.ai
Altera
DataStax
Entelligence
Rolai

Never worry about agent reliability

We handle tool reliability, observability, and security so you never have to second-guess an agent action.

Book a callGet started for free