Hi everyone,
I’m running n8n community edition self-hosted with Cloudflare Tunnel and Zero Trust Access (Google OAuth) in front of it. I’m setting up n8n instance level MCP.
The Problem: When I enable (cloudflare) Access policies on my n8n instance, Claude’s MCP server connection fails. When I disable all (cloudflare) Access policies, the Claude’s MCP connection works perfectly.
On a different use case, I’ve added a policy to bypass ‘/rest/oauth2-credential/callback’ for creating n8n credentials for like Google OAuth, etc. This works perfectly.
What I’ve Tried:
-
Adding a bypass rule for
/mcp-server/*path - doesn’t work -
Checking Cloudflare Access logs - but I suspect MCP makes additional calls beyond just the main MCP endpoint
My Setup:
-
n8n community edition self-hosted, local server, Cloudflare tunnel.
-
n8n at:
https://n8n.123.abc(obfuscated) -
MCP endpoint:
/mcp-server/http -
Cloudflare Zero Trust with Access policies requiring Google OAuth
Question: What paths/endpoints does the n8n MCP server need access to? I suspect it’s more than just /mcp-server/*, but I can’t identify which additional paths need to be whitelisted in Cloudflare Access.
Has anyone successfully configured n8n’s MCP server behind Cloudflare Access? What paths did you need to bypass?
Thanks!