How to integrate Cloudflare api key MCP with OpenAI Agents SDK

BOOK A CALLGET STARTED FOR FREE
Framework Integration Gradient
Cloudflare api key Logo
open-ai-agents-sdk Logo
divider

Introduction

This guide walks you through connecting Cloudflare api key to the OpenAI Agents SDK using the Composio tool router. By the end, you'll have a working Cloudflare api key agent that can add new a record to my dns zone, delete outdated cname record from domain, create lockdown rule for admin urls, remove an old ruleset from my account through natural language commands.

This guide will help you understand how to give your OpenAI Agents SDK agent real control over a Cloudflare api key account through Composio's Cloudflare api key MCP server.

Before we dive in, let's take a quick look at the key ideas and tools involved.

TL;DR

Here's what you'll learn:
  • Get and set up your OpenAI and Composio API keys
  • Install the necessary dependencies
  • Initialize Composio and create a Tool Router session for Cloudflare api key
  • Configure an AI agent that can use Cloudflare api key as a tool
  • Run a live chat session where you can ask the agent to perform Cloudflare api key operations

What is open-ai-agents-sdk?

The OpenAI Agents SDK is a lightweight framework for building AI agents that can use tools and maintain conversation state. It provides a simple interface for creating agents with hosted MCP tool support.

Key features include:

  • Hosted MCP Tools: Connect to external services through hosted MCP endpoints
  • SQLite Sessions: Persist conversation history across interactions
  • Simple API: Clean interface with Agent, Runner, and tool configuration
  • Streaming Support: Real-time response streaming for interactive applications

What is the Cloudflare api key MCP server, and what's possible with it?

The Cloudflare api key MCP server is an implementation of the Model Context Protocol that connects your AI agent and assistants like Claude, Cursor, etc directly to your Cloudflare account. It provides structured and secure access to your Cloudflare services, so your agent can create DNS records, manage security rules, delete zones, and automate zone configurations on your behalf.

  • Automated DNS record management: Instantly create, update, or delete DNS records—including A, CNAME, TXT, and MX types—across your Cloudflare zones to keep your domains running smoothly.
  • Zone lockdown and security automation: Add or remove Zone Lockdown rules to restrict access to specific URLs and IP ranges, helping you enforce security policies without manual intervention.
  • Ruleset creation and maintenance: Direct your agent to create new rulesets or modify existing ones, ensuring your web applications remain secure and compliant with evolving access requirements.
  • Comprehensive zone administration: Effortlessly delete entire zones or DNSSEC configurations for streamlined domain management and cleanup when needed.
  • Versioned ruleset management: Retrieve specific versions of entry point rulesets, giving you granular control and auditability over your security configurations.

Supported Tools & Triggers

Tools
Create DNS RecordTool to create a new DNS record in a Cloudflare zone.
Create Zone Lockdown RuleTool to create a Zone Lockdown rule.
Create Rule in RulesetTool to add a rule to an existing ruleset.
Create RulesetTool to create an account- or zone-scoped ruleset.
Delete DNS RecordTool to delete a DNS record.
Delete DNSSECTool to delete DNSSEC records for a zone.
Delete Rule from RulesetTool to delete a specific rule from a ruleset.
Delete RulesetTool to delete all versions of a ruleset.
Delete a zoneTool to delete an existing zone.
Get Entrypoint Ruleset VersionTool to get a specific version of an entry point ruleset.
Get Lockdown RuleTool to get a Zone Lockdown rule.
Get Regional Tiered CacheTool to get the regional tiered cache setting for a zone.
Get RulesetTool to fetch the latest version of a ruleset by ID.
Get Zone DetailsTool to get details for a specific zone.
List DNS RecordsTool to list DNS records for a given Cloudflare zone.
List Cloudflare ZonesTool to list, search, sort, and filter Cloudflare zones.
Overwrite DNS RecordTool to completely overwrite a DNS record.
Rerun Zone Activation CheckTool to trigger a new activation check for a PENDING zone.
Update DNSSEC StatusTool to update DNSSEC configuration for a zone.
Update Lockdown RuleTool to update a zone lockdown rule.
Update Rule in RulesetTool to update a specific rule in a ruleset.
Update RulesetTool to update a Cloudflare ruleset, creating a new version.
Update Cloudflare ZoneTool to edit a Cloudflare zone.
Upload File to S3Tool to upload arbitrary file content to the app’s temporary R2/S3 bucket.

What is the Composio tool router, and how does it fit here?

What is Tool Router?

Composio's Tool Router helps agents find the right tools for a task at runtime. You can plug in multiple toolkits (like Gmail, HubSpot, and GitHub), and the agent will identify the relevant app and action to complete multi-step workflows. This can reduce token usage and improve the reliability of tool calls. Read more here: Getting started with Tool Router

The tool router generates a secure MCP URL that your agents can access to perform actions.

How the Tool Router works

The Tool Router follows a three-phase workflow:

  1. Discovery: Searches for tools matching your task and returns relevant toolkits with their details.
  2. Authentication: Checks for active connections. If missing, creates an auth config and returns a connection URL via Auth Link.
  3. Execution: Executes the action using the authenticated connection.

Step-by-step Guide

Prerequisites

Before starting, make sure you have:
  • Composio API Key and OpenAI API Key
  • Primary know-how of OpenAI Agents SDK
  • A live Cloudflare api key project
  • Some knowledge of Python or Typescript

Getting API Keys for OpenAI and Composio

OpenAI API Key
  • Go to the OpenAI dashboard and create an API key. You'll need credits to use the models, or you can connect to another model provider.
  • Keep the API key safe.
Composio API Key

Install dependencies

pip install composio_openai_agents openai-agents python-dotenv

Install the Composio SDK and the OpenAI Agents SDK.

Set up environment variables

bash
OPENAI_API_KEY=sk-...your-api-key
COMPOSIO_API_KEY=your-api-key
USER_ID=composio_user@gmail.com

Create a .env file and add your OpenAI and Composio API keys.

Import dependencies

import asyncio
import os
from dotenv import load_dotenv

from composio import Composio
from composio_openai_agents import OpenAIAgentsProvider
from agents import Agent, Runner, HostedMCPTool, SQLiteSession
What's happening:
  • You're importing all necessary libraries.
  • The Composio and OpenAIAgentsProvider classes are imported to connect your OpenAI agent to Composio tools like Cloudflare api key.

Set up the Composio instance

load_dotenv()

api_key = os.getenv("COMPOSIO_API_KEY")
user_id = os.getenv("USER_ID")

if not api_key:
    raise RuntimeError("COMPOSIO_API_KEY is not set. Create a .env file with COMPOSIO_API_KEY=your_key")

# Initialize Composio
composio = Composio(api_key=api_key, provider=OpenAIAgentsProvider())
What's happening:
  • load_dotenv() loads your .env file so OPENAI_API_KEY and COMPOSIO_API_KEY are available as environment variables.
  • Creating a Composio instance using the API Key and OpenAIAgentsProvider class.

Create a Tool Router session

# Create a Cloudflare api key Tool Router session
session = composio.create(
    user_id=user_id,
    toolkits=["cloudflare_api_key"]
)

mcp_url = session.mcp.url

What is happening:

  • You give the Tool Router the user id and the toolkits you want available. Here, it is only cloudflare_api_key.
  • The router checks the user's Cloudflare api key connection and prepares the MCP endpoint.
  • The returned session.mcp.url is the MCP URL that your agent will use to access Cloudflare api key.
  • This approach keeps things lightweight and lets the agent request Cloudflare api key tools only when needed during the conversation.

Configure the agent

# Configure agent with MCP tool
agent = Agent(
    name="Assistant",
    model="gpt-5",
    instructions=(
        "You are a helpful assistant that can access Cloudflare api key. "
        "Help users perform Cloudflare api key operations through natural language."
    ),
    tools=[
        HostedMCPTool(
            tool_config={
                "type": "mcp",
                "server_label": "tool_router",
                "server_url": mcp_url,
                "headers": {"x-api-key": api_key},
                "require_approval": "never",
            }
        )
    ],
)
What's happening:
  • We're creating an Agent instance with a name, model (gpt-5), and clear instructions about its purpose.
  • The agent's instructions tell it that it can access Cloudflare api key and help with queries, inserts, updates, authentication, and fetching database information.
  • The tools array includes a HostedMCPTool that connects to the MCP server URL we created earlier.
  • The headers dict includes the Composio API key for secure authentication with the MCP server.
  • require_approval: 'never' means the agent can execute Cloudflare api key operations without asking for permission each time, making interactions smoother.

Start chat loop and handle conversation

print("\nComposio Tool Router session created.")

chat_session = SQLiteSession("conversation_openai_toolrouter")

print("\nChat started. Type your requests below.")
print("Commands: 'exit', 'quit', or 'q' to end\n")

async def main():
    try:
        result = await Runner.run(
            agent,
            "What can you help me with?",
            session=chat_session
        )
        print(f"Assistant: {result.final_output}\n")
    except Exception as e:
        print(f"Error: {e}\n")

    while True:
        user_input = input("You: ").strip()
        if user_input.lower() in {"exit", "quit", "q"}:
            print("Goodbye!")
            break

        result = await Runner.run(
            agent,
            user_input,
            session=chat_session
        )
        print(f"Assistant: {result.final_output}\n")

asyncio.run(main())
What's happening:
  • The program prints a session URL that you visit to authorize Cloudflare api key.
  • After authorization, the chat begins.
  • Each message you type is processed by the agent using Runner.run().
  • The responses are printed to the console, and conversations are saved locally using SQLite.
  • Typing exit, quit, or q cleanly ends the chat.

Complete Code

Here's the complete code to get you started with Cloudflare api key and open-ai-agents-sdk:

import asyncio
import os
from dotenv import load_dotenv

from composio import Composio
from composio_openai_agents import OpenAIAgentsProvider
from agents import Agent, Runner, HostedMCPTool, SQLiteSession

load_dotenv()

api_key = os.getenv("COMPOSIO_API_KEY")
user_id = os.getenv("USER_ID")

if not api_key:
    raise RuntimeError("COMPOSIO_API_KEY is not set. Create a .env file with COMPOSIO_API_KEY=your_key")

# Initialize Composio
composio = Composio(api_key=api_key, provider=OpenAIAgentsProvider())

# Create Tool Router session
session = composio.create(
    user_id=user_id,
    toolkits=["cloudflare_api_key"]
)
mcp_url = session.mcp.url

# Configure agent with MCP tool
agent = Agent(
    name="Assistant",
    model="gpt-5",
    instructions=(
        "You are a helpful assistant that can access Cloudflare api key. "
        "Help users perform Cloudflare api key operations through natural language."
    ),
    tools=[
        HostedMCPTool(
            tool_config={
                "type": "mcp",
                "server_label": "tool_router",
                "server_url": mcp_url,
                "headers": {"x-api-key": api_key},
                "require_approval": "never",
            }
        )
    ],
)

print("\nComposio Tool Router session created.")

chat_session = SQLiteSession("conversation_openai_toolrouter")

print("\nChat started. Type your requests below.")
print("Commands: 'exit', 'quit', or 'q' to end\n")

async def main():
    try:
        result = await Runner.run(
            agent,
            "What can you help me with?",
            session=chat_session
        )
        print(f"Assistant: {result.final_output}\n")
    except Exception as e:
        print(f"Error: {e}\n")

    while True:
        user_input = input("You: ").strip()
        if user_input.lower() in {"exit", "quit", "q"}:
            print("Goodbye!")
            break

        result = await Runner.run(
            agent,
            user_input,
            session=chat_session
        )
        print(f"Assistant: {result.final_output}\n")

asyncio.run(main())

Conclusion

This was a starter code for integrating Cloudflare api key MCP with OpenAI Agents SDK to build a functional AI agent that can interact with Cloudflare api key.

Key features:

  • Hosted MCP tool integration through Composio's Tool Router
  • SQLite session persistence for conversation history
  • Simple async chat loop for interactive testing
You can extend this by adding more toolkits, implementing custom business logic, or building a web interface around the agent.

How to build Cloudflare api key MCP Agent with another framework

Claude Agent SDK

Claude Agent SDK

Use Cloudflare api key MCP with Claude Agent SDK

Google ADK

Google ADK

Use Cloudflare api key MCP with Google ADK

LangChain

LangChain

Use Cloudflare api key MCP with LangChain

Vercel AI SDK

Vercel AI SDK

Use Cloudflare api key MCP with Vercel AI SDK

Mastra AI

Mastra AI

Use Cloudflare api key MCP with Mastra AI

LlamaIndex

LlamaIndex

Use Cloudflare api key MCP with LlamaIndex

CrewAI

CrewAI

Use Cloudflare api key MCP with CrewAI

FAQ

What are the differences in Tool Router MCP and Cloudflare api key MCP?

With a standalone Cloudflare api key MCP server, the agents and LLMs can only access a fixed set of Cloudflare api key tools tied to that server. However, with the Composio Tool Router, agents can dynamically load tools from Cloudflare api key and many other apps based on the task at hand, all through a single MCP endpoint.

Can I use Tool Router MCP with OpenAI Agents SDK?

Yes, you can. OpenAI Agents SDK fully supports MCP integration. You get structured tool calling, message history handling, and model orchestration while Tool Router takes care of discovering and serving the right Cloudflare api key tools.

Can I manage the permissions and scopes for Cloudflare api key while using Tool Router?

Yes, absolutely. You can configure which Cloudflare api key scopes and actions are allowed when connecting your account to Composio. You can also bring your own OAuth credentials or API configuration so you keep full control over what the agent can do.

How safe is my data with Composio Tool Router?

All sensitive data such as tokens, keys, and configuration is fully encrypted at rest and in transit. Composio is SOC 2 Type 2 compliant and follows strict security practices so your Cloudflare api key data and credentials are handled as safely as possible.

Used by agents from

Context
ASU
Letta
glean
HubSpot
Agent.ai
Altera
DataStax
Entelligence
Rolai
Context
ASU
Letta
glean
HubSpot
Agent.ai
Altera
DataStax
Entelligence
Rolai
Context
ASU
Letta
glean
HubSpot
Agent.ai
Altera
DataStax
Entelligence
Rolai

Never worry about agent reliability

We handle tool reliability, observability, and security so you never have to second-guess an agent action.

Book a callGet started for free