← Back to MCP servers

Supabase

Supabase MCP Server

Official Supabase MCP server that connects AI coding agents to your Supabase projects for SQL execution, migrations, Edge Functions, and documentation search.

Last reviewed Feb 28, 2026

What it does

The Supabase MCP Server connects AI coding agents to your Supabase projects. Agents can execute SQL, apply migrations, list tables and extensions, deploy Edge Functions, retrieve logs, generate TypeScript types from schema, and search Supabase documentation. Authentication uses browser-based OAuth by default, with optional project scoping and read-only mode.

Available tools

Tool What it does
execute_sql Execute SQL queries against the project database
apply_migration Apply a database migration
list_migrations List database migrations
list_extensions List available or installed Postgres extensions
list_tables List all tables in the database
get_advisors Get security and performance advisors
get_logs Retrieve API, Postgres, Edge Functions, Auth, Storage, or Realtime logs
generate_typescript_types Generate TypeScript types from database schema
get_publishable_keys Get anon/public API keys
get_project_url Get the API URL for the project
deploy_edge_function Deploy an Edge Function
get_edge_function Get a specific Edge Function
list_edge_functions List all Edge Functions
search_docs Search Supabase documentation

Account management tools (list_organizations, create_project, etc.) are disabled when using project-scoped mode.

Setup by tool

Cursor

Create .cursor/mcp.json in your project root:

{
  "mcpServers": {
    "supabase": {
      "url": "https://mcp.supabase.com/mcp"
    }
  }
}

Add ?project_ref=YOUR_PROJECT_REF to scope to a specific project. Add ?read_only=true for read-only database access.

Claude Code

Add to your Claude configuration file:

{
  "mcpServers": {
    "supabase": {
      "url": "https://mcp.supabase.com/mcp"
    }
  }
}

VS Code / GitHub Copilot

Add the same url configuration to your MCP client. On first use, the client will prompt you to log in to Supabase via browser OAuth.

CI or manual auth

For CI environments where OAuth is not possible, create a Personal Access Token at Supabase access tokens and pass it in the Authorization header. See Supabase docs for client-specific configuration.

When to use this

  • Schema-aware development: Agents write SQL and migrations against your actual Supabase schema
  • Edge Function deployment: Deploy and manage Edge Functions from the IDE
  • Debugging: Retrieve service logs for API, Auth, or database issues
  • Type generation: Generate TypeScript types that match your schema before implementing
  • Documentation lookup: Search Supabase docs without leaving the coding flow

Security considerations

  • Do not connect to production; use development or staging projects only
  • Use read_only=true when agents only need to read data
  • Scope to a single project with project_ref to limit access
  • Restrict tool groups with features=database,docs to reduce attack surface
  • Manually approve tool calls in your MCP client before execution
  • Never expose the MCP server to customers or end users; it uses your developer permissions