← Back
Cloudflare
Cloudflare Agents SDK v0.4.0 adds readonly connections, MCP OAuth customization, and x402 v2 support
Cloudflare Workers · releasefeatureapisecuritybreaking-changesdk · developers.cloudflare.com ↗

Key Features

Readonly Connections allow agents to restrict WebSocket clients to read-only access, blocking both client-side setState() calls and mutating @callable() methods. This is essential for dashboards and spectator views where observers should not modify agent state. New hooks—shouldConnectionBeReadonly, setConnectionReadonly, and isConnectionReadonly—enable fine-grained control, with the readonly flag persisting across hibernation.

Custom MCP OAuth Providers give developers the ability to override the default OAuth provider used when connecting to MCP servers. The new createMcpOAuthProvider method on the Agent class enables custom authentication strategies like pre-registered client credentials or mTLS, beyond the built-in dynamic client registration.

Security and Stability Improvements

The MCP SDK was upgraded to v1.26.0 to prevent cross-client response leakage. Stateless MCP servers must now create a new McpServer instance per request instead of sharing a single instance. An important security fix adds a callbackPath option to addMcpServer to prevent instance name leakage in MCP OAuth callback URLs—when sendIdentityOnConnect is false, this parameter is now required.

x402 v2 Migration

The x402 payment integration migrated from the legacy x402 package to @x402/core and @x402/evm v2. Breaking changes include updated peer dependencies, new PaymentRequirements fields (e.g., amount instead of maxAmountRequired), and changed X402ClientConfig.account type. Network identifiers now accept both legacy names and CAIP-2 format, with automatic conversion support. Server-side lazy initialization defers facilitator connection until the first paid tool invocation, and payment tokens support both v2 and v1 HTTP headers.

API Changes and Deprecations

onStateUpdate is deprecated in favor of onStateChanged (a drop-in rename with identical behavior). The onStateUpdate hook still works but emits a one-time console warning. A new client-side onStateUpdateError callback handles rejected state updates, and validateStateChange rejections now propagate a CF_AGENT_STATE_ERROR message back to the client. CORS handling was simplified by delegating to partyserver's native support.

To upgrade:

npm i agents@latest