Mastra AISDK

Cloudflare Tunnel MCP Server

Bring Cloudflare Tunnel
to Mastra AI

Name: Cloudflare Tunnel MCP Server
Price: 29 USD
Availability: InStock
Rating: 4.9 (1 reviews)
Author: Vinkius

Learn how to connect Cloudflare Tunnel to Mastra AI and start using 17 AI agent tools in minutes. Fully managed, enterprise secure, and ready to use without writing a single line of code.

GDPR Free for Subscribers

Cleanup ConnectionsCreate RouteCreate TunnelDelete RouteDelete TunnelGet ConfigurationGet ConnectorGet Management TokenGet Route By IpGet TunnelGet Tunnel TokenList ConnectionsList RoutesList TunnelsPut ConfigurationUpdate RouteUpdate Tunnel

Unlock for AI Agents

Ask AI about this MCP Server ChatGPT Claude Perplexity

Compatible with every major AI agent and IDE

Claude

ChatGPT

Cursor

Gemini

Windsurf

VS Code

JetBrains

Vercel

+ other MCP clients

What is the Cloudflare Tunnel MCP Server?

Connect your Cloudflare account to any AI agent to take full control of your Zero Trust connectivity and private network routing through natural conversation.

What you can do

Tunnel Management — List all tunnels in your account, filter by status (healthy, degraded, down), and fetch detailed metadata for specific tunnels.
Remote Configuration — Retrieve and update ingress rules and origin settings for remotely-managed tunnels without touching the CLI.
Network Routing — Manage private network routes (CIDR) and IP-based routing to connect your internal resources securely.
Connection Monitoring — Inspect active connectors, list tunnel connections, and clean up stale sessions to ensure high availability.
Lifecycle Actions — Create new tunnels, update secrets, or delete decommissioned tunnels directly from your workspace.

How it works

Subscribe to this server
Enter your Cloudflare API Token (with Cloudflare Tunnel permissions)
Start managing your secure tunnels from Claude, Cursor, or any MCP-compatible client

Who is this for?

DevOps Engineers — quickly check tunnel health and update ingress rules during deployments without leaving the terminal or IDE.
Security Teams — audit active tunnels and network routes to ensure compliance with Zero Trust policies.
System Administrators — automate the cleanup of stale connections and monitor the status of remote connectors across multiple accounts.

Built-in capabilities (17)

cleanup_connections

If no client_id is provided, all connectors are removed. Clean up Cloudflare Tunnel connections

create_route

Create a tunnel route

create_tunnel

Create a new Cloudflare Tunnel

delete_route

Delete a tunnel route

delete_tunnel

Delete a Cloudflare Tunnel

get_configuration

Get configuration for a remotely-managed tunnel

get_connector

Get Cloudflare Tunnel connector details

get_management_token

Get a Cloudflare Tunnel management token

get_route_by_ip

Get tunnel route by IP

get_tunnel

Get details for a single Cloudflare Tunnel

get_tunnel_token

Get a Cloudflare Tunnel token

list_connections

List Cloudflare Tunnel connections

list_routes

List tunnel routes

list_tunnels

List and filter Cloudflare Tunnels in an account

put_configuration

Add or update configuration for a remotely-managed tunnel

update_route

Update a tunnel route

update_tunnel

Update an existing Cloudflare Tunnel

Why Mastra AI?

Mastra's agent abstraction provides a clean separation between LLM logic and Cloudflare Tunnel tool infrastructure. Connect 17 tools through Vinkius and use Mastra's built-in workflow engine to chain tool calls with conditional logic, retries, and parallel execution. deployable to any Node.js host in one command.

—
Mastra's agent abstraction provides a clean separation between LLM logic and tool infrastructure. add Cloudflare Tunnel without touching business code
—
Built-in workflow engine chains MCP tool calls with conditional logic, retries, and parallel execution for complex automation
—
TypeScript-native: full type inference for every Cloudflare Tunnel tool response with IDE autocomplete and compile-time checks
—
One-command deployment to any Node.js host. Vercel, Railway, Fly.io, or your own infrastructure

See it in action

Cloudflare Tunnel in Mastra AI

AI Agent→Vinkius

High Security·Kill Switch·Plug and Play

Why Vinkius

Cloudflare Tunnel and 4,000+ other MCP servers. One platform. One governance layer.

Teams that connect Cloudflare Tunnel to Mastra AI through Vinkius don't need to source, host, or maintain individual MCP servers. Every tool call runs inside a hardened runtime with credential isolation, DLP, and a signed audit chain.

4,000+MCP Servers ready

<40msCold start

60%Token savings

	Raw MCP	Vinkius
Server catalog	Find and host yourself	4,000+ managed
Infrastructure	Self-hosted	Sandboxed V8 isolates
Credential handling	Plaintext in config	Vault + runtime injection
Data loss prevention	None	Configurable DLP policies
Kill switch	None	Global instant shutdown
Financial circuit breakers	None	Per-server limits + alerts
Audit trail	None	Ed25519 signed logs
SIEM log streaming	None	Splunk, Datadog, Webhook
Honeytokens	None	Canary alerts on leak
Custom domains	Not applicable	DNS challenge verified
GDPR compliance	Manual effort	Automated purge + export

Unlock for AI Agents View step-by-step setup guide for Mastra AI →

Enterprise Security

Why teams choose Vinkius for Cloudflare Tunnel in Mastra AI

The Cloudflare Tunnel MCP Server runs on Vinkius-managed infrastructure inside AWS — a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts. All 17 tools execute in hardened sandboxes optimized for native MCP execution.

Your AI agents in Mastra AI only access the data you authorize, with DLP that blocks sensitive information from ever reaching the model, kill switch for instant shutdown, and up to 60% token savings. Enterprise-grade infrastructure, zero maintenance.

Unlock for AI Agents View full Cloudflare Tunnel details →

Fully ManagedVinkius Servers

60%Token savings

High SecurityEnterprise-grade

IAMAccess control

EU AI ActCompliant

DLPData protection

V8 IsolateSandboxed

Ed25519Audit chain

<40msKill switch

Stream every event to Splunk, Datadog, or your own webhook in real-time

* Every MCP server runs on Vinkius-managed infrastructure inside AWS - a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts optimized for native MCP execution. See our infrastructure

The Vinkius Advantage

How Vinkius secures
Cloudflare Tunnel for Mastra AI

Every tool call from Mastra AI to the Cloudflare Tunnel MCP Server is protected by DLP redaction, cryptographic audit chains, V8 sandbox isolation, kill switch, and financial circuit breakers.

< 40msCold start

Ed25519Signed audit chain

60%Token savings

FAQ

Frequently asked questions

Can I update the ingress rules for a remotely managed tunnel?

Yes. Use the put_configuration tool to update the ingress rules and origin request settings for any tunnel that is configured for remote management.

How do I check if my tunnels are currently online?

You can use list_tunnels with the status parameter set to 'healthy' to see active tunnels, or use get_tunnel with a specific ID to see its current operational state.

Can I manage private network routes through this integration?

Yes. The server includes tools like list_routes, create_route, and delete_route to manage your Cloudflare Tunnel network routing (WARP-to-Tunnel).