WorkOS + Cloudflare MCP: Plug and Play Auth for Agentic AI Builders

When we say “agentic AI,” we’re talking about software agents—powered by large language models (LLMs)—that can make decisions and take actions on your behalf.

These agents interact with external services through an open standard called Model Context Protocol (MCP).

Until now, plugging your existing user authentication system into those MCP interactions was tricky. That’s where WorkOS and Cloudflare step in.

‍Agentic AI is here—with opportunity and risk

‍The buzz around LLMs isn’t just about chat anymore. AI agents increasingly take real actions: sending emails, filing support tickets, generating dashboards, and more.

This shift introduces both new capabilities and new responsibilities. These agents make decisions on behalf of real people, so developers need to build in strong guardrails and clear consent flows.

‍By integrating WorkOS with Cloudflare’s MCP offering, you get:

• Granular, role-based access control for AI agents
• Enterprise SSO and OAuth flows
• Secure, auditable delegation—without reinventing your auth stack

What is MCP — and why should you care?

MCP is a standardized protocol that allows AI agents to interact securely with third-party APIs and tools. It enables use cases like:

• GitHub automation
  “Claude Code, fix the syntax errors in this file, commit the changes, and open a pull request.”
• Scheduling via email
  “Assistant, read that email from my client, suggest a meeting time, and send them an invite.”
• Commerce workflows
  “Find the cheapest bright size 12 rain boots and ship them to my home.”

With MCP, you don’t have to hardcode every step. Agents can discover and invoke tools dynamically to get a task done.

It’s about shifting from “Do X, Y, Z” to “Here’s what I want—figure it out.”‍

Why should WorkOS customers care?

If you already use WorkOS to manage identity, you’ve invested in secure sign-in, SSO, and access control. That same infrastructure can now be used to authorize AI agents—with no changes to your stack.

Here’s the shift

Your users want agents that can act on their behalf without logging in manually or writing custom scripts.

Here’s the catch

You need those agents to inherit your identity model, respect permission boundaries, and follow audit-ready consent flows.

That’s exactly what WorkOS + Cloudflare Workers enables.

Getting Started with WorkOS + Cloudflare MCP

The easiest way is with Cloudflare’s official demo MCP server, powered by WorkOS AuthKit.Here’s how to get going:

1. Create a WorkOS account
   Head to the WorkOS Dashboard and sign in.
2. Configure your redirect URI
   Add your MCP server’s callback URL under Redirects → Sign in callback.
   For local testing, use: http://localhost:8788/callback
3. For production, use the domain of your deployed Worker with /callback.
4. Set environment variables
   In your terminal or Cloudflare Dashboard, run:

npx wrangler secret put WORKOS_CLIENT_ID <your_client_id>
npx wrangler secret put WORKOS_CLIENT_SECRET <your_client_secret>

Note: WORKOS_CLIENT_ID is public and can also be set in wrangler.jsonc. The secret should not.

Test it live

‍Visit the Cloudflare Workers AI Playground and connect to your MCP server:

http://localhost:8788/sse
https://<your-worker-domain>/sse

You’ll be redirected to AuthKit to sign in—and returned as an authenticated user.

‍Try permission-gated tools

‍The demo includes a generateImage tool gated behind the image_generation permission.Assign it via WorkOS AuthKit and watch tools light up based on role-based access.

Build AI features without rebuilding auth

By deploying an MCP server on Cloudflare Workers and connecting it to WorkOS, you unlock:

• Zero-infra deployment (via Workers)
• Built-in state management (via Durable Objects)
• Real-time agent interactions (via WebSockets/SSE)
• WorkOS-backed SSO, OAuth, consent, and audit logs

You reuse the auth logic you already trust, extend it to agent use cases, and keep your security model intact.