[FEATURE] Claude in Chrome MCP access Cloudflare Access-protected URLs
Preflight Checklist
- [x] I have searched existing requests and this feature hasn't been requested yet
- [x] This is a single feature request (not multiple features)
Problem Statement
Summary
The Claude in Chrome MCP extension runs browser automation from Anthropic's cloud infrastructure. When navigating to URLs protected by Cloudflare Access (Zero Trust), the request originates from Anthropic's servers rather than the user's local machine, so any local WARP enrollment or browser session cookies are irrelevant — the request hits the CF Access wall and Chrome surfaces it as "This site is blocked by your organization's policy".
Environment
macOS
Cloudflare Zero Trust / CF Access protecting preview deployments (*.pages.dev)
"Claude in Chrome" MCP extension (latest)
WARP client installed and enrolled on local machine (does not help — cloud-origin issue)
Proposed Solution
Suggested fix
Add a mcpSettings or browserCredentials configuration block in ~/.claude/settings.json (or project-level settings) that allows specifying per-domain request headers:
{
"mcpSettings": {
"Claude_in_Chrome": {
"requestHeaders": {
"*.pages.dev": {
"CF-Access-Client-Id": "your-client-id",
"CF-Access-Client-Secret": "your-client-secret"
}
}
}
}
}
This idea should allow teams using Cloudflare Zero Trust (or any header-based auth) to use Claude in Chrome against non-public staging/preview environments.
Alternative Solutions
other options: some way to trust with ONLY my account on Only my Claude can get to our CF Pages subdomain.pages.dev
Priority
Critical - Blocking my work
Feature Category
CLI commands and flags
Use Case Example
Steps to reproduce
Set up a Cloudflare Access policy protecting a *.pages.dev or custom domain URL (e.g. a CF Pages preview deployment)
Ask Claude to navigate to that URL via the Claude in Chrome MCP
Observe: "This site is blocked by your organization's policy" — navigation fails
Expected behaviour
Either:
The Claude in Chrome MCP supports configuring Cloudflare Access service token credentials (CF-Access-Client-Id / CF-Access-Client-Secret) via ~/.claude/settings.json or a project .claude/settings.local.json, so they can be included as headers on outgoing requests to specified domains; or
The documentation clearly states that CF Access-protected URLs are not supported and suggests a workaround
Current behaviour
No CF-Access-* credential configuration surface exists in ~/.claude/settings.json, project settings, or the extension itself
chrome://policy shows no local policies — the block is network-origin, not local Chrome policy
Cloudflare Access service tokens only work via HTTP headers — there is no browser-native equivalent
Local WARP enrollment does not help because the navigation originates from Anthropic's cloud, not the user's machine
Additional Context
issue #59974 in the body as "same error surface, different root cause?" so they may cross-reference.
This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗