Wardn Hub

Supabase MCP

com.supabase/mcp

Overview

MCP server for interacting with Supabase projects, including project and organization management, database schema and SQL tools, debugging logs and advisors, documentation search, Edge Functions, branching, and storage configuration.

WebsiteRepository

Documentation

Overview

Supabase MCP connects MCP clients and AI assistants to Supabase projects. It is available as a hosted Streamable HTTP MCP server at https://mcp.supabase.com/mcp, as a local Supabase CLI endpoint at http://localhost:54321/mcp, as a self-hosted endpoint when explicitly enabled behind a protected network path, and as the npm stdio package @supabase/mcp-server-supabase for PAT-based local use.

Hosted Remote Setup

Most MCP clients can use this remote configuration:

{
  "mcpServers": {
    "supabase": {
      "type": "http",
      "url": "https://mcp.supabase.com/mcp"
    }
  }
}

The hosted server uses browser-based Supabase login/dynamic client registration by default. The docs recommend generating a custom MCP URL from the Supabase dashboard MCP connection tab so project scoping, read-only mode, and feature groups are populated correctly.

Configuration

The hosted URL supports query parameters:

  • project_ref: scope the server to one project; recommended because omitting it gives access to all projects in the selected organization.
  • read_only: set to true to execute database queries as a read-only Postgres user and disable mutating tools.
  • features: comma-separated tool groups to enable. Default groups are account, database, debugging, development, docs, functions, and branching; storage is disabled by default.

The npm stdio package accepts --access-token, --project-ref, --read-only, --api-url, --features, and --version. If --access-token is not provided, it reads SUPABASE_ACCESS_TOKEN.

Capabilities

Tools are grouped as account, docs, database, debugging, development, Edge Functions, branching, and storage. They include project and organization listing/management, cost confirmation, documentation search, table/extension/migration listing, SQL execution, migrations, logs, advisors, project URL and publishable keys, TypeScript type generation, Edge Function list/read/deploy, branch create/list/delete/merge/reset/rebase, and storage bucket/config operations.

Security And Limitations

Supabase recommends not connecting MCP to production data, not exposing it to end users, enabling read-only mode where possible, scoping to one project, using branching for development, and limiting enabled feature groups. Prompt injection remains a risk; users should keep tool-call approval enabled and review every tool call. Local CLI and self-hosted MCP endpoints offer a limited subset of tools and no OAuth 2.1. The server is pre-1.0 and may introduce breaking changes. The hosted server does not send structuredContent in MCP tool results, so some clients parse JSON from text content.