Before the Worker can authenticate MCP clients, you need a GitHub OAuth App to issue authorization codes, a Cloudflare KV namespace to store OAuth state, and three secrets deployed via Wrangler. This page walks through each step in order.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/XxYouDeaDPunKxX/cloudflare-r2-remote-mcp-worker/llms.txt
Use this file to discover all available pages before exploring further.
Use a GitHub OAuth App — not a GitHub App and not a personal access token. GitHub Apps rely on installation IDs, private keys, and repository-scoped permissions, which are not the authentication model used here. A personal access token cannot serve as an OAuth provider. The OAuth App is the only supported option.
Create a GitHub OAuth App
Navigate to your GitHub account settings and open the OAuth Apps section:Fill in the form fields:
For local development with a public tunnel (e.g. Cloudflare Tunnel or ngrok), use the tunnel URL as the callback:After creating the app, GitHub will display a Client ID. Click Generate a new client secret to obtain the Client Secret. Copy both values — you will need them in a later step.
| Field | Value |
|---|---|
| Application name | Any descriptive name, e.g. R2 MCP Worker |
| Homepage URL | Your Worker URL, e.g. https://my-worker.example.workers.dev |
| Authorization callback URL | https://<worker-url>/callback |
Create the KV namespace for OAuth state
The Worker stores short-lived OAuth state tokens in Cloudflare KV. Create the namespace with Wrangler:Wrangler prints output similar to:Copy the generated namespace ID and add it to The
wrangler.jsonc:binding value must be exactly OAUTH_KV. The Worker looks up this binding by name at startup; if it is absent, the OAuth flow returns a 500 before reaching GitHub.Configure the allowlist
Add For multiple users, use a comma-separated list:Matching is case-insensitive —
AUTH_MODE and ALLOWED_GITHUB_LOGINS to the vars section of wrangler.jsonc:Alice and alice are treated as the same login. If ALLOWED_GITHUB_LOGINS is empty or omitted, no login is accepted. Every callback attempt will return 403, even for valid GitHub accounts.Set the required secrets
Deploy the GitHub OAuth credentials and the cookie encryption key as Wrangler secrets. Secrets are encrypted at rest and never appear in Each command prompts for the value interactively.Generate a strong This key is used to sign and verify the
wrangler.jsonc or deployment logs.COOKIE_ENCRYPTION_KEY with:__Host-APPROVED_CLIENTS cookie that tracks which MCP clients a user has already approved. Use a randomly generated value with at least 256 bits of entropy — do not reuse a password or API token.For local development, place these values in
.dev.vars instead of running wrangler secret put. Wrangler loads .dev.vars automatically during wrangler dev. Never commit .dev.vars to version control.Allowlist behavior
TheALLOWED_GITHUB_LOGINS value is parsed at request time in the /callback handler. Parsing rules:
- Split on
, - Trim whitespace from each entry
- Lowercase all entries
- Filter out empty strings
403 and the message GitHub login is not allowed to access this MCP server.
Failure modes
OAuth fails before reaching GitHub
OAuth fails before reaching GitHub
The authorization flow never redirects to GitHub if any of the following are true:
AUTH_MODEis not set togithub(or is omitted and defaults togithubbut the Worker is receiving direct/mcptraffic that bypasses the OAuth provider)OAUTH_KVbinding is missing fromwrangler.jsoncGITHUB_CLIENT_ID,GITHUB_CLIENT_SECRET, orCOOKIE_ENCRYPTION_KEYsecrets are not set
500 JSON error describing the missing configuration. Check the Workers logs in the Cloudflare dashboard or run wrangler tail to see the exact error message.GitHub login completes but access is denied
GitHub login completes but access is denied
If GitHub authentication succeeds but the user’s login is not in Note that
ALLOWED_GITHUB_LOGINS, the /callback handler returns a 403 response. The MCP client will not receive a token.To resolve this, add the GitHub login to ALLOWED_GITHUB_LOGINS in wrangler.jsonc and redeploy:vars changes require a redeployment — updating wrangler.jsonc alone does not push changes to the live Worker.Callback fails with a redirect URI mismatch
Callback fails with a redirect URI mismatch
GitHub validates the
redirect_uri parameter against the callback URL registered in the OAuth App settings. If the Worker’s deployed URL differs from the registered callback URL, GitHub rejects the authorization code exchange.Common causes:- Worker was deployed to a different subdomain or custom domain after the OAuth App was created
- Local tunnel URL changed between sessions
https://vshttp://mismatch
/callback path.Next steps
Authentication Overview
Understand the auth boundary, OAuth flow, and KV state model.
Connect ChatGPT
Configure ChatGPT to authenticate with this Worker as a remote MCP server.