GitHub Connect
Model Context Protocol

Secure MCP Server with
OAuth Access Control

A remote MCP server secured with Cloudflare Access OAuth, featuring group-based tool access via Okta groups following the principle of least privilege.

Connect to MCP View Docs

Key Features

Built on Cloudflare Workers with enterprise-grade security

OAuth 2.1 Authentication

Secure authentication flow using Cloudflare Access for SaaS with Okta as the identity provider.

Group-Based Access

Tools, prompts, and resources scoped by Okta groups for fine-grained permission control.

Edge Deployment

Deployed on Cloudflare Workers for low-latency responses worldwide with Durable Objects for state.

90 Capabilities

30 tools, 30 prompts, and 30 resources distributed across 6 access groups.

Workers AI Integration

Image generation using flux-1-schnell model for IT administrators.

Mock Data Demo

Realistic mock data for demonstrations without external dependencies.

Architecture

OAuth flow with Cloudflare Access and Okta

MCP Client
Cloudflare Access
Okta IdP
MCP Server

Access Groups

Capabilities scoped by Okta group membership

Universal

Available to all authenticated users

Tools

  • userInfo - Get current user profile
  • echo - Echo back a message
  • timestamp - Get server timestamp
  • healthCheck - Check server health
  • generateUuid - Generate random UUID

Prompts

  • summarizeReport - Report summary template
  • formatEmail - Professional email template
  • meetingNotes - Meeting notes structure
  • actionItems - Extract action items
  • explainConcept - Explain in simple terms

Resources

  • server-config - Server configuration
  • api-docs - API documentation
  • guidelines - Communication guidelines
  • email-templates - Standard templates
  • holidays - Company holiday calendar

IT

Administrative access to all capabilities

Tools

  • systemHealth - Check system health
  • userManagement - Manage user accounts
  • auditLog - View audit logs
  • generateImage - AI image generation
  • securityScan - Run security scan

Prompts

  • incidentResponse - Incident playbook
  • changeRequest - Change documentation
  • securityProtocol - Security handling
  • accessReview - User access review
  • disasterRecovery - DR procedure

Resources

  • system-config - Full system config
  • runbooks - Operational runbooks
  • audit-logs - Audit log access
  • security-config - Security policies
  • users-directory - User directory

DevOps

Infrastructure and deployment operations

Tools

  • deployStatus - Check deployment status
  • viewLogs - View application logs
  • infrastructureInfo - Infrastructure metadata
  • scaleService - Scale services
  • runPipeline - Trigger CI/CD pipeline

Prompts

  • deploymentChecklist - Pre-deploy checklist
  • rollbackPlan - Rollback procedure
  • capacityPlanning - Capacity analysis
  • monitoringAlert - Alert response playbook
  • incidentPostmortem - Postmortem template

Resources

  • infra-config - Infrastructure config
  • metrics - System metrics
  • pipelines - CI/CD documentation
  • environments - Environment configs
  • deployments - Deployment history

Sales

CRM and sales operations

Tools

  • customerLookup - Look up customers
  • salesReport - Generate sales report
  • createLead - Create new lead
  • opportunityStatus - Check opportunities
  • quotaProgress - Check quota progress

Prompts

  • salesPitch - Sales pitch template
  • proposalOutline - Proposal outline
  • objectionHandling - Objection responses
  • dealQualification - MEDDIC framework
  • winLossAnalysis - Win/loss analysis

Resources

  • customers - Customer database
  • opportunities - Sales opportunities
  • product-catalog - Product pricing
  • proposal-templates - Proposal templates
  • quotas - Sales quota targets

Accounting

Financial operations

Tools

  • invoiceLookup - Look up invoices
  • budgetReport - Budget vs actuals
  • expenseReport - Expense report
  • revenueForecast - Revenue forecast
  • approveExpense - Approve expenses

Prompts

  • monthEndClose - Month-end checklist
  • reconciliationReport - Account reconciliation
  • varianceAnalysis - Budget variance
  • auditPreparation - Audit checklist
  • financialSummary - Executive summary

Resources

  • invoices - Invoice data
  • budgets - Budget allocations
  • expenses - Expense records
  • compliance - Compliance docs
  • report-templates - Report templates

Customer Service

Support operations

Tools

  • ticketLookup - Look up tickets
  • customerHistory - Customer history
  • createTicket - Create support ticket
  • escalateTicket - Escalate ticket
  • knowledgeSearch - Search knowledge base

Prompts

  • supportResponse - Support response
  • escalationEmail - Escalation email
  • followUpMessage - Follow-up message
  • ticketSummary - Ticket summary
  • satisfactionSurvey - Satisfaction survey

Resources

  • tickets - Support tickets
  • knowledge-base - Knowledge base
  • sla-metrics - SLA performance
  • response-templates - Response templates
  • escalation-matrix - Escalation contacts

Live Demo

Sample data from mock database

Customers

5 records
Acme Corp $150,000
Beta Inc $75,000
Gamma LLC $25,000
Delta Systems $200,000
Epsilon Tech $50,000

Invoices

5 records
INV-001 Paid
INV-002 Pending
INV-003 Overdue
INV-004 Paid
INV-005 Pending

Support Tickets

5 records
TCK-001 Open
TCK-002 In Progress
TCK-003 Resolved
TCK-004 Open
TCK-005 Closed

Deployments

5 records
api-gateway Running
web-app Pending
worker-service Running
db-migrator Failed
cache-layer Running

Documentation

Learn more about the technologies used

Cloudflare Workers

Serverless execution environment

MCP Server Portals

Remote MCP server documentation

Access for SaaS

OAuth provider integration

Model Context Protocol

MCP specification overview

Workers AI

AI model inference at the edge

Durable Objects

Stateful serverless compute

OAuth for MCP

MCP authorization guide

Remote MCP Server

Build remote MCP servers