# Supabase > Full Supabase access: database, auth, storage, and edge functions. [Canonical HTML page](https://top-mcps.com/mcp/supabase) · [server.json](https://top-mcps.com/mcp/supabase.json) · [methodology](https://top-mcps.com/about/methodology) ## Install ### Claude Desktop — `claude_desktop_config.json` Paste under mcpServers. Fully quit and reopen Claude after editing. ```json { "mcpServers": { "supabase": { "command": "npx", "args": [ "@supabase/mcp-server-supabase@latest" ], "env": { "SUPABASE_ACCESS_TOKEN": "${SUPABASE_ACCESS_TOKEN}" } } } } ``` ### Claude Code — `CLI or .mcp.json` Run from your repo. Commit .mcp.json to share with your team. ```shell # export SUPABASE_ACCESS_TOKEN=sbp_your_access_token claude mcp add supabase -- npx @supabase/mcp-server-supabase@latest ``` ### Cursor — `.cursor/mcp.json` Global path: ~/.cursor/mcp.json. Reload window after editing. ```json { "mcpServers": { "supabase": { "command": "npx", "args": [ "@supabase/mcp-server-supabase@latest" ], "env": { "SUPABASE_ACCESS_TOKEN": "${SUPABASE_ACCESS_TOKEN}" } } } } ``` ### VS Code — `.vscode/mcp.json` VS Code uses the "servers" key (not "mcpServers"). ```jsonc { "servers": { "supabase": { "command": "npx", "args": [ "@supabase/mcp-server-supabase@latest" ], "env": { "SUPABASE_ACCESS_TOKEN": "${SUPABASE_ACCESS_TOKEN}" } } } } ``` ### Windsurf — `~/.codeium/windsurf/mcp_config.json` Open via Cascade → hammer icon → Configure. ```json { "mcpServers": { "supabase": { "command": "npx", "args": [ "@supabase/mcp-server-supabase@latest" ], "env": { "SUPABASE_ACCESS_TOKEN": "${SUPABASE_ACCESS_TOKEN}" } } } } ``` ### Cline — `cline_mcp_settings.json` Open via the Cline sidebar → MCP Servers → Edit. ```json { "mcpServers": { "supabase": { "command": "npx", "args": [ "@supabase/mcp-server-supabase@latest" ], "env": { "SUPABASE_ACCESS_TOKEN": "${SUPABASE_ACCESS_TOKEN}" } } } } ``` ### Continue — `~/.continue/config.json` Continue uses modelContextProtocolServers with a transport block. ```json { "experimental": { "modelContextProtocolServers": [ { "transport": { "type": "stdio", "command": "npx", "args": [ "@supabase/mcp-server-supabase@latest" ], "env": { "SUPABASE_ACCESS_TOKEN": "${SUPABASE_ACCESS_TOKEN}" } } } ] } } ``` ### Codex CLI — `~/.codex/config.toml` Codex uses TOML. Each server is a [mcp_servers.] subtable. ```shell # ~/.codex/config.toml [mcp_servers.supabase] command = "npx" args = [ "@supabase/mcp-server-supabase@latest", ] env = { SUPABASE_ACCESS_TOKEN = "${SUPABASE_ACCESS_TOKEN}" } ``` ### Zed — `~/.config/zed/settings.json` Zed calls them "context_servers". Settings live-reload on save. ```jsonc { "context_servers": { "supabase": { "command": { "path": "npx", "args": [ "@supabase/mcp-server-supabase@latest" ] }, "env": { "SUPABASE_ACCESS_TOKEN": "${SUPABASE_ACCESS_TOKEN}" } } } } ``` ### ChatGPT — `ChatGPT → Settings → Connectors (remote URL)` Paste this into Settings → Connectors → Add custom connector. Requires ChatGPT Pro / Team / Enterprise / Edu with Developer mode enabled. ChatGPT supports remote HTTPS MCP servers only — stdio servers must be hosted on a public HTTPS endpoint first. ```json { "name": "Supabase", "transport": "http", "url": "https://mcp.supabase.com/mcp" } ``` ## At a glance - **Maintainer:** Supabase - **Transport:** stdio, Streamable HTTP - **Auth model:** OAuth 2.1 - **Required secrets:** SUPABASE_ACCESS_TOKEN - **Supported clients:** Claude, Cursor, Any MCP-compatible client, Supabase projects - **License:** Apache-2.0 - **Language:** TypeScript - **Latest version:** latest - **Last verified:** 2026-05-28 - **GitHub stars:** 2,625 (fetched 2026-06-02T11:55:51.540Z) - **Score:** 74/100 (rubric 2026-04 — see https://top-mcps.com/about/methodology) - **Source:** https://github.com/supabase-community/supabase-mcp ## Security & scope - **Access scope:** read-write - **Sandbox:** Authenticates to Supabase using a personal access token or service-role key in env. The token scope determines what the agent can do across database, auth, storage, and edge-function APIs. - **Gotchas:** - A service-role key bypasses row-level security — prefer a scoped personal access token for agent use where possible. - Destructive operations (drop table, delete rows) are available whenever the token permits them; there is no MCP-level read-only mode. ## Quick answer **What it does.** Connects to the Supabase Management API and database, enabling schema inspection, SQL queries, auth operations, and project management from AI context. **Best for:** - Supabase project management - Schema design and migrations - RLS policy creation - Edge Function development - Auth flow setup **Not for:** - Non-Supabase PostgreSQL databases - General-purpose SQL workflows ## Recipes ### Audit every table in the public schema ``` Using the Supabase MCP, list every table in the `public` schema and show the row count for each. Flag any table that has grown by more than 20% in the last 30 days (based on `pg_stat_user_tables`). ``` _Tested with: Claude Desktop, Cursor_ ## Description The Supabase MCP gives AI models access to your entire Supabase project — database queries, auth management, storage operations, and Edge Function management. The definitive MCP for building with Supabase. ## Why it matters Supabase is a popular backend platform. This MCP lets AI models interact with every layer of a Supabase project without switching interfaces. ## Key features - Full Supabase API access - Database and schema management - Auth and storage operations - Edge Functions management - RLS policy assistance ## FAQ ### Does it need a Supabase access token? Yes. Create a Personal Access Token at supabase.com/dashboard/account/tokens and set it as `SUPABASE_ACCESS_TOKEN`. Scope the token to a single project when possible — the agent only needs the projects it operates on. ### Can it run migrations? Yes. It exposes `apply_migration`, `list_migrations`, and can inspect the current schema. Migrations go through Supabase's tracked migration system, so they are versioned rather than raw SQL against the DB. ### Does it cover Auth, Storage, and Edge Functions or just the database? All of them. The server includes tools for Auth (users, policies), Storage (buckets, signed URLs), Edge Functions (deploy, list, logs), and Realtime channel config — not only SQL. That is what makes it distinct from the plain Postgres MCP. ### Is it safe to point at a production project? Treat it like prod DB access. The access token can delete tables. For agent use, create a dedicated Supabase project for dev/staging and only hook the MCP to that one; keep production manual. ### What is the difference between this and the Postgres MCP? The Postgres MCP is read-only SQL over any Postgres. The Supabase MCP is Supabase-aware: it can run migrations, manage auth users, deploy edge functions, and manage storage buckets. Pick this one when you are working inside a Supabase project; pick Postgres when you want read-only SQL over any DB. ## Changelog - **2026-05-28** — Refreshed install snippets and fact sheet; verified for 2026. - **2025-02-01** — Initial directory listing.