> mcp integration

Supabase MCP Server: What It Does & How to Use It with Claude

What the Supabase MCP server can do — query data, run migrations, manage branches, read logs — and how to connect it to Claude Cowork, Code, or Desktop.

By Rhode Labs · Updated 2026-06-03

The Supabase MCP server lets an AI assistant work directly against your Supabase projects: listing tables, running SQL, applying migrations, reading logs, and managing edge functions and branches. It’s an official, open-source server, so you can wire it into Claude and have the model design schema or debug a query instead of you switching to the dashboard.

What can the Supabase MCP server do?

CapabilityWhat it enables
Inspect schemalist_tables, list_extensions, list_migrations: see the current database structure before changing anything
Query dataexecute_sql runs read or write queries directly against Postgres
Migrateapply_migration applies versioned DDL changes to a project
Debugget_logs pulls service logs and get_advisors surfaces security and performance warnings
Branchcreate_branch, list_branches, merge_branch, reset_branch, rebase_branch for isolated dev databases (paid plan)
Edge functionslist_edge_functions, get_edge_function, deploy_edge_function
Dev utilitiesget_project_url, get_publishable_keys, generate_typescript_types for wiring up client code
Docssearch_docs queries Supabase’s official documentation inline
Accountlist_projects, create_project, list_organizations (disabled when scoped to one project)

Which server is official, and do you need a community fork?

There’s effectively one server, and it’s the right default.

  • Official (supabase-community/supabase-mcp) is built and maintained by Supabase, exposing 20-plus tools across database, debugging, branching, and edge functions. A hosted version runs at https://mcp.supabase.com/mcp with OAuth login, so you don’t manage tokens by hand.
  • Community forks exist, but there’s little reason to use one. The first-party server already covers the full platform surface and gets updated with new tool groups.

How do you connect it to Claude (Cowork / Code / Desktop)?

  1. Pick your auth. The hosted endpoint at https://mcp.supabase.com/mcp uses dynamic client registration. Your MCP client redirects you to log in to Supabase, with no token to copy. For CI or headless setups, generate a personal access token in the dashboard instead.
  2. Add the server. In Claude Code, Cowork, or Desktop, register the MCP server with the URL https://mcp.supabase.com/mcp. For a token-based setup, pass Authorization: Bearer <your-token> in the headers.
  3. Scope it. Append ?project_ref=<id> to lock the server to one project (this disables account-management tools), and add &read_only=true to start. Use features=<groups> to enable only the tool groups you need.
  4. Start read-only. Confirm the model can list_tables and run a SELECT before you ever let it write. Drop read_only only once you trust the workflow.

How we use it: good for exploring an unfamiliar schema, drafting migrations, and reading get_advisors output to catch missing RLS policies. The model is fast at “what tables exist and how do they join.” Bad for anything touching production: an LLM that can execute_sql and apply_migration is one ambiguous instruction away from a destructive write. The realistic gotcha is prompt injection. If your tables hold user-generated text, a malicious row can carry instructions the model reads as commands, so keep it on a dev project with non-production data and review every tool call.

How do you keep it secure?

Scope to a single project with project_ref, run with read_only=true whenever real data is involved, narrow the tool surface with features, never point it at production, and review each tool call before it executes. Supabase’s own docs flag prompt injection as the primary attack vector unique to LLMs.

Wiring Supabase into your stack

The Supabase MCP server is genuinely useful for schema work and debugging, but the gap between “handy” and “safe in production” is real configuration: scoping, read-only modes, branch isolation, and a review loop around writes. If you want an AI assistant that can touch your database without becoming a liability, that’s the part worth getting right.

Book a discovery call.

Sources: Supabase MCP docs · supabase-community/supabase-mcp · Supabase MCP launch blog

Frequently asked questions

Does the Supabase MCP server work with Claude?
Yes. It's an MCP server, so it works with any MCP client — including Claude Cowork, Claude Code, and Claude Desktop. You point your client at the hosted endpoint and authenticate with your Supabase org.
Is there an official Supabase MCP server?
Yes. Supabase maintains the official server at github.com/supabase-community/supabase-mcp, with a hosted endpoint at https://mcp.supabase.com/mcp. There's no need to rely on a third-party build.
Is the Supabase MCP server free?
The server itself is free and open source. You only pay for whatever your Supabase projects already cost — the MCP layer adds no separate charge.
Can the Supabase MCP server write to my database?
By default it can execute SQL and apply migrations. Add read_only=true to the connection URL to run every query as a read-only Postgres user, which is the safe default for any project touching real data.

Start Here

Ready to modernize?

Tell us where your team is stuck. We'll map the path from manual to automated, and show you what's possible in the first two weeks.

Book a Discovery Call