Obtain an API token from the Cloudflare dashboard under My Profile > API Tokens with 'Workers Scripts: Edit' permission scoped to the target account
Upload the script via PUT to 'https://api.cloudflare.com/client/v4/accounts/{account_id}/workers/scripts/{script_name}' with header 'Authorization: Bearer YOUR_TOKEN'
Use a multipart/form-data request body with a part named 'metadata' containing JSON (Content-Type application/json) for bindings, compatibility_date, and usage_model, and a part named 'script' with the JavaScript worker content (Content-Type application/javascript)
Add KV namespace bindings, D1 databases, or secrets in the 'metadata' bindings array: each binding needs 'type', 'name', and relevant IDs
Verify deployment by GET '/accounts/{account_id}/workers/scripts/{script_name}' and check the script is live via a test request to its route
Known gotchas
The 'compatibility_date' field in metadata is required for scripts using certain APIs; using an old or missing date may enable legacy behavior or prevent new API access
Secrets (environment variables containing sensitive values) cannot be uploaded via the script metadata body — use the separate PUT '/workers/scripts/{name}/secrets' endpoint for each secret
Workers deployed to custom routes require the route to be configured separately via the Routes API; uploading the script alone does not make it serve traffic on a custom domain
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp